Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Npower App Hack.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 143

Ransomware Firmware Antivirus Accountability 143

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST.

Passwords 140

Passwords Authentication Architecture Risk 140

Security Affairs

JULY 27, 2022

Researchers uncovered an ongoing operation, codenamed DUCKTAIL that targets Facebook Business and Ad Accounts. Researchers from WithSecure (formerly F-Secure Business) have discovered an ongoing operation, named DUCKTAIL, that targets individuals and organizations that operate on Facebook’s Business and Ads platform.

Accountability 132

Accountability Malware Media Marketing 132

Security Affairs

JANUARY 19, 2022

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported.

Accountability 130

Accountability Authentication Passwords Data breaches 130

Security Affairs

FEBRUARY 3, 2021

Recently Qualys researchers found a Sudo vulnerability, tracked as CVE-2021-3156 , that has allowed any local user to gain root privileges on Unix-like operating systems without authentication. News of the day is that the CVE-2021-3156 flaw also impacts the latest version of Apple macOS Big Sur, and Apple has yet to address it.

Hacking 141

Hacking Authentication Accountability Cybersecurity 141

Security Affairs

NOVEMBER 18, 2024

The security breach impacted a limited number of customers, only 836 individuals. The carrier states that personal financial account information and call records were not affected by the security breach. In February 2021, hundreds of users were hit with SIM swapping attacks.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

Google Security

JUNE 3, 2022

Posted by Harshvardhan Sharma, Information Security Engineer, Google 2021 was another record-breaking year for our Vulnerability Rewards Program (VRP). 2021 saw some amazing work from the security research community. We paid a total of $8.7 million in rewards, our highest amount yet.

Engineering 134

Engineering Authentication Internet Internet 134

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking 341

Banking Government Information Security Authentication 341

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking 125

Banking Accountability Mobile Cryptocurrency 125

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. The researchers noticed that the attackers also commonly employed multiple known vulnerabilities, including CVE-2023-38831 in WinRAR or CVE-2021-40444 in Windows MSHTML.

Accountability 128

Accountability Government Phishing Passwords 128

Security Affairs

SEPTEMBER 16, 2021

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. In early September, Zoho released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus.

Password Management 130

Password Management Passwords Authentication Cyber threats 130

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. ” Once the attackers have captured the session cookie, they have injected it into their browser to skip the authentication process, even if the recipient enabled the MFA for his account.

Phishing 144

Phishing Authentication Social Engineering Passwords 144

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” concludes the report.

Firewall 132

Firewall Accountability Malware Hacking 132

Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 109

Cybercrime Identity Theft Cryptocurrency Phishing 109

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. For a more detailed overview we chose two of the most noteworthy Big Game Hunting ransomware in 2021. REvil operators have demanded the highest ransoms in 2021. The first one is the REvil (aka Sodinokibi) gang.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 300

Scams DDOS Cryptocurrency Accountability 300

Krebs on Security

MARCH 1, 2022

27, a new Twitter account “ Contileaks ” posted links to an archive of chat messages taken from Conti’s private communications infrastructure, dating from January 29, 2021 to the present day. The Contileaks account did not respond to requests for comment. On Sunday, Feb. ” GAP #1.

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Security Affairs

DECEMBER 21, 2021

Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of Windows domains. The flaws, tracked as CVE-2021-42287 and CVE-2021-42278, can be chained to impersonate domain controllers and gain administrative privileges on Active Directory.

Accountability 145

Accountability Hacking Information Security 145

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles.

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Security Affairs

NOVEMBER 28, 2022

million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook in 2021 that exposed the data belonging to millions of Facebook users. On April 3rd, 2021, a user leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. ” reported the WSJ.

Hacking 111

Hacking Media Accountability Data breaches 111

Security Affairs

MAY 22, 2024

The keylogger was used to collect account credentials. According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021. “If your server has been compromised, identify the account data that has been stolen and delete the file where this data is stored by hackers. .

Malware 138

Malware Accountability Technology Internet 138

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Hackers are breaking into the AT&T email accounts and then using the access they are logging into the victim’s cryptocurrency exchange accounts to drain their crypto funds, TechCrunch reported.

Cryptocurrency 98

Cryptocurrency Accountability Passwords Hacking 98

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported.

Accountability 98

Accountability Phishing Financial Services Surveillance 98

Security Affairs

AUGUST 16, 2024

The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on the dark web marketplace, Slilpp. in restitution. These credentials were linked to $1.2

Banking 125

Banking Accountability Retail Mobile 125

Security Affairs

JANUARY 4, 2022

UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. million customers in 426 markets in 23 states as of the second quarter of 2020.

Data breaches 139

Data breaches Wireless Accountability Retail 139

Security Affairs

FEBRUARY 2, 2025

Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims.” By 2021, key members had founded WeCodeSolutions in Lahore, seemingly to legitimize their earnings from HeartSender. ” reads the press release published by DoJ.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. BleepingComputer reported that Mint Mobile has disclosed a data breach that exposed subscribers’ account information and ported phone numbers to another carrier.

Mobile 144

Mobile Data breaches Telecommunications Passwords 144

Security Affairs

JANUARY 30, 2021

The company detected the security breach on January 6, 2021, and determined that the intrusion took place early this year, on January 4th, 2021. The malware allowed the attackers to access the CRM using the employee’s accounts and then access personal information, including phone numbers, of the company customers.

Data breaches 144

Data breaches Wireless Retail Accountability 144

Security Affairs

NOVEMBER 17, 2021

The Microsoft Threat Intelligence Center (MSTIC) shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 134

VPN Accountability Social Engineering Media 134

Security Affairs

NOVEMBER 22, 2021

million of its managed WordPress customer accounts. Threat actors compromised the company network since at least September 6, 2021, but the security breach was only discovered by the company on November 17. “On November 17, 2021, we discovered unauthorized third-party access to our Managed WordPress hosting environment.”

Data breaches 141

Data breaches Passwords Accountability Information Security 141

Security Affairs

DECEMBER 29, 2021

T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. According to The T-Mo Report , which viewed T-Mobile internal documents, there was “unauthorized activity” on some customer accounts. “Affected customers fall into one of three categories. .”

Data breaches 145

Data breaches Mobile Accountability Wireless 145

Security Affairs

AUGUST 27, 2021

. “ #ChaosDB is an unprecedented critical vulnerability in the Azure cloud platform that allows for remote account takeover of Azure’s flagship database – Cosmos DB. ” reads the post published by the security firm, Azure Cosmos Darabase is Microsoft’s globally-distributed multi-model database service.

Accountability 131

Accountability Firewall Hacking Risk 131

Security Affairs

JANUARY 6, 2021

WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving them no choice. This is bad news for WhatsApp users and their privacy, the company is notifying them that starting February 8, 2021, they will be requested to share their data with Facebook companies.

Accountability 145

Accountability Advertising Mobile Hacking 145

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities. ” continues the report.

Phishing 133

Phishing Accountability Information Security Cyber Attacks 133

Security Affairs

NOVEMBER 9, 2021

is an American commission-free stock trading and investing platform, it had 18 million accounts as of March 2021, with over $80 billion in assets. The company disclosed a data breach, a threat actor gained access to the personal information of approximately 7 million customers. Robinhood Markets , Inc.

Data breaches 142

Data breaches Accountability Account Security Banking 142

Security Affairs

SEPTEMBER 6, 2023

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. The attackers forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key. ” reads the analysis published by Microsoft.

Accountability 135

Accountability Government Authentication Engineering 135