2022, Accountability and Information Security

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. The next day, half of those profiles no longer existed.

Accountability

Accountability Cryptocurrency Scams CISO

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability

Accountability Hacking Malware Information Security

GitLab addressed critical account take over via SCIM email change

Security Affairs

JUNE 4, 2022

GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’ accounts. GitLab has fixed a critical security flaw in its GitLab Enterprise Edition (EE), tracked as CVE-2022-1680 (CVSS score 9.9), that could be exploited to take over an account.

Accountability

Accountability Hacking Cybersecurity Information Security

Exclusive: NASA Director Twitter account hacked by Powerful Greek Army

Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability

Accountability Hacking Banking Government

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams

Scams Artificial Intelligence Cryptocurrency Accountability

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. He said that on Oct 2., 2 was not a result of a breach in its systems. But she said that by Oct. But she said that by Oct.

Social Engineering

Social Engineering Engineering Accountability Hacking

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Security Affairs

JUNE 5, 2022

Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for the critical CVE-2022-26134 flaw, affecting Atlassian Confluence and Data Center servers, have been released. 23 unique IPs so far.

VPN

VPN IoT Cybersecurity Engineering

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Security Affairs

MAY 30, 2022

Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls. Recently CloudSEK founder Rahul Sasi warned of an ongoing WhatsApp OTP scam that could allow threat actors to hijack users’ accounts through phone calls. Follow me on Twitter: @securityaffairs and Facebook.

Scams

Scams Accountability Mobile Hacking

Ukraine warns of attacks aimed at taking over Telegram accounts

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability

Accountability Phishing Passwords Hacking

A flaw in PayPal can allow attackers to steal money from users’ account

Security Affairs

MAY 23, 2022

“I found that we can pass another tokens type, and this leads to stealing money from victim’s PayPal account.” “there are online services that let you add balance using Paypal to your account for example steam! I can use the same exploit and force the user to add money to my account!”

Accountability

Accountability Hacking Cybersecurity Information Security

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

3CX hired incident response firm Mandiant , which released a report on Wednesday that said the compromise began in 2022 when a 3CX employee installed a malware-laced software package distributed via an earlier software supply chain compromise that began with a tampered installer for X_TRADER , a software package provided by Trading Technologies.

Malware

Malware Software Technology Accountability

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking

Banking Government Information Security Authentication

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. ” reads trhe announcement published by DKWOC. “Activities using CVE-2023-23397 were first discovered by CERT-UA[2] and publicly described by Microsoft[3].

Accountability

Accountability Government Phishing Authentication

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams

Scams DDOS Cryptocurrency Accountability

EvilProxy used in massive cloud account takeover scheme

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months.

Accountability

Accountability Phishing Authentication Architecture

Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center

Security Affairs

JULY 29, 2022

Recenlty Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138. Once installed the Questions for Confluence app (versions 2.7.34, 2.7.35, and 3.0.2), a Confluence user account with the username “ disabledsystemuser ” is created.

Passwords

Passwords Accountability Hacking Ransomware

Russia-linked APT Nobelium targets French diplomatic entities

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities.

Phishing

Phishing Accountability Information Security Cyber Attacks

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. The malicious code was designed to take over Facebook business accounts and steal funds from cryptocurrency wallets. ” reads the analysis published by Palo Alto Networks.

Accountability

Accountability Cryptocurrency Malware Phishing

US teenager pleads guilty to his role in credential stuffing attack on a betting site

Security Affairs

NOVEMBER 20, 2023

US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential stuffing campaign that targeted user accounts at a fantasy sports and betting website.3 3 On or about November 18, 2022, the man launched a credential stuffing attack on the Betting Website and gained access to approximately 60,000 accounts.

Accountability

Accountability Hacking Passwords Cybercrime

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

For example, a popular tactic in spyware attacks is now to send phishing e-mails from compromised corporate mail accounts of a partner organization of the intended victim. And plans to improve information security and introduce new protection tools and measures are predicated, in some way, on the chosen adversary model.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

While modern Microsoft Windows operating systems by default will ask users whether they want to run a downloaded executable file, many systems set up for remote administration by MSPs disable that user account control feature for this particular application. build and the then-canary 22.9

Phishing

Phishing Architecture Passwords Accountability

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

One of the vulnerabilities is an elevation of privilege vulnerability in Microsoft Windows SAM (Security Accounts Manager) vulnerability. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An ” reads the advisory published by Microsoft.

IoT

IoT Accountability Authentication Hacking

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. ” Orn advertising Araneida Scanner in Feb. 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

— Uber Comms (@Uber_Comms) September 16, 2022. According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases.

Hacking

Hacking Data breaches Engineering Information Security

Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping

Security Affairs

FEBRUARY 1, 2024

Once hijacked a SIM, the attacker can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. ” reads the press release published by DoJ.

Cryptocurrency

Cryptocurrency Computers and Electronics Accountability Scams

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

pic.twitter.com/BQSB2uV1JW — Life in DeFi (@lifeindefi) April 3, 2022. 1/ — Trezor (@Trezor) April 3, 2022. A statement shared by Mailchimp CISO Siobhan Smyth with TechCrunch revealed that the company discovered the security breach on March 26. You may want to warn everyone.

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime

Cybercrime Education Accountability Phishing

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs

NOVEMBER 4, 2022

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. ENISA Threat Landscape Report 2022.

Cyber threats

Cyber threats Phishing Social Engineering Ransomware

Fortinet addressed multiple vulnerabilities in several products

Security Affairs

JULY 9, 2022

Four of the fixed issues have been rated as a “high” severity, they are CVE-2022-26117, CVE-2021-43072, CVE-2022-30302, and CVE-2021-41031. Impacted products are FortiADC, FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiClient, FortiDeceptor, FortiEDR, FortiNAC, FortiSwitch, FortiRecorder, and FortiVoiceEnterprise.

Authentication

Authentication Passwords Hacking Accountability

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Security Affairs

OCTOBER 4, 2023

. “Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.”

Software

Software Accountability Authentication Internet

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Cyber National Mission Force (CNMF) identified the presence of indicators of compromise (IOCs) at an Aeronautical Sector organization as early as January 2023. The vulnerability was addressed by the company on October 27th, 2022.

VPN

VPN Firewall Accountability Cybersecurity

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Security Affairs

JUNE 5, 2022

“CertiK analysis reveals that this community manager, account –@BorisVagner (“BorisVagner | SBS” on Discord)– posted a message to BAYC’s Discord server with a phishing link that led to the fake site. — Bored Ape Yacht Club (@BoredApeYC) June 4, 2022. As a reminder, we do not offer surprise mints or giveaways.

Phishing

Phishing Hacking Accountability Scams

Healthcare fintech firm HealthEquity disclosed a data breach

Security Affairs

JULY 4, 2024

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. million HSA accounts with $20.5

Healthcare

Healthcare Data breaches Accountability Insurance

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

pic.twitter.com/5OUODUt3fu — Dominic Alvieri (@AlvieriD) May 20, 2024 The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. Sunoco is the largest at 8 billion gallons.

Hacking

Hacking Ransomware Phishing Malware

A Cybersecurity Role Has Topped List of Best Jobs

CyberSecurity Insiders

JANUARY 14, 2022

“Information security analyst” tops the U.S. News & World Report 2022 Best Jobs list. The list ranks the 100 best jobs across 17 sectors including business, healthcare and technology, taking into account factors such as growth potential, salary and work-life balance. Tough Contenders.

Cybersecurity

Cybersecurity Healthcare Information Security CISO

Ducktail information stealer continues to evolve

Security Affairs

NOVEMBER 23, 2022

The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn. The end goal is to hijack Facebook Business accounts managed by the victims. Between 2nd and 4th October 2022, the security firm discovered new DUCKTAIL samples being submitted to VirusTotal from Vietnam.

Malware

Malware Accountability Media Marketing

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

Every year is abundant with major data leaks, biggest data breaches and hacks drawing massive media attention (such as Medibank and Optus data breach, Twitter data breach, and Uber and Rockstar compromise in 2022 and in T-Mobile , MailChimp and OpenAI in 2023). But are we really conscious of the true scale of the threat?

Data breaches

Data breaches Accountability Telecommunications Malware

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts. Those credentials were subsequently linked to $1.2

Banking

Banking Accountability Retail Mobile

Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked

Security Affairs

APRIL 1, 2022

OpRussia #DDoSecrets pic.twitter.com/kATuo2CxC1 — Anonymous TV (@YourAnonTV) March 31, 2022. MORE: [link] pic.twitter.com/RPVtDUMWdy — Anonymous TV (@YourAnonTV) March 31, 2022. OpRussia Defend Ukraine #Anonymous pic.twitter.com/gaMzlGbejT — Anonymous • News (@Anonymous_Link) March 31, 2022. Pierluigi Paganini.

Hacking

Hacking Government Banking Accountability

Cisco fixes a critical flaw in Unified CCMP and Unified CCDM

Security Affairs

JANUARY 13, 2022

Cisco fixed a critical privilege escalation vulnerability, tracked as CVE-2022-20658, in Unified CCMP and Unified CCDM. The CVE-2022-20658 received a CVSS score of 9.6, A successful exploit could allow the attacker to create Administrator accounts. the flaw is caused by the lack of server-side validation of user permissions.

Accountability

Accountability Hacking Information Security Cybersecurity

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

These contained information for millions of credit cards, bank account numbers and routing information, and the usernames and associated passwords needed to access online accounts.” ” According to Europol, the joint effort and intense information sharing were the key to the success of Operation TOURNIQUET.

Cybercrime

Cybercrime Banking Accountability Hacking

North Korea-linked APT groups target South Korean defense contractors

Security Affairs

APRIL 23, 2024

. “North Korean hacking organizations sometimes infiltrated defense companies directly, and their security is relatively low. Hacking into vulnerable defense industry partners and stealing the defense industry company’s server account information.

Hacking

Hacking Malware Accountability Technology

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Security Affairs

FEBRUARY 22, 2024

during the Russian invasion of Ukraine that began in 2022. barely and cannot afford to leave the camp, nor to operate his own bank account but only to survive miserably. “ barely and cannot afford to leave the camp, nor to operate his own bank account but only to survive miserably. “

Scams

Scams Banking Computers and Electronics Accountability

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

Trending Sources

GitLab addressed critical account take over via SCIM email change

Exclusive: NASA Director Twitter account hacked by Powerful Greek Army

LinkedIn Adds Verified Emails, Profile Creation Dates

Hackers Stole Access Tokens from Okta’s Support Unit

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Ukraine warns of attacks aimed at taking over Telegram accounts

A flaw in PayPal can allow attackers to steal money from users’ account

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

3CX Breach Was a Double Supply Chain Compromise

Many Public Salesforce Sites are Leaking Private Data

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Interview With a Crypto Scam Investment Spammer

EvilProxy used in massive cloud account takeover scheme

Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center

Russia-linked APT Nobelium targets French diplomatic entities

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

US teenager pleads guilty to his role in credential stuffing attack on a betting site

Threats to ICS and industrial enterprises in 2022

ConnectWise Quietly Patches Flaw That Helps Phishers

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Uber hacked, internal systems and confidential documents were allegedly compromised

Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping

MailChimp breached, intruders conducted phishing attacks against crypto customers

FBI: Compromised US academic credentials available on various cybercrime forums

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Fortinet addressed multiple vulnerabilities in several products

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Healthcare fintech firm HealthEquity disclosed a data breach

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

A Cybersecurity Role Has Topped List of Best Jobs

Ducktail information stealer continues to evolve

What to do if your company was mentioned on Darknet?

Russian national sentenced to 40 months for selling stolen data on the dark web

Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked

Cisco fixes a critical flaw in Unified CCMP and Unified CCDM

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

North Korea-linked APT groups target South Korean defense contractors

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Stay Connected