The Hacker News

JUNE 20, 2023

Over 100,000 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials.

Accountability 116

Accountability Cybercrime 116

Anton on Security

APRIL 20, 2023

The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-) Mandiant M-Trends 2023 Detection by Source SURPRISING “Mandiant experts note a decrease in the percentage of global intrusions involving ransomware between 2021 and 2022.

Social Engineering 130

Social Engineering Ransomware Cybercrime Cyber Attacks 130

SecureList

MAY 6, 2024

With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. Online shopping brands were the most popular lure, accounting for 41.65% of financial phishing attempts.

Phishing 112

Phishing Banking Mobile Scams 112

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept. defense contractors.

Cybercrime 310

Cybercrime Passwords Authentication Malware 310

Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 104

Ransomware Cybercrime Malware Social Engineering 104

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Xeinadin has over 60,000 clients across the UK and Ireland.

Accountability 143

Accountability Ransomware Data breaches Hacking 143

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023. ” reads the analysis published by Kaspersky. .”

Cybercrime 98

Cybercrime Ransomware Education Media 98

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability 141

Accountability Passwords Data breaches Hacking 141

Security Affairs

AUGUST 15, 2023

Researchers discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with information stealers. Threat intelligence firm Hudson Rock has discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with various information stealer malware.

Cybercrime 98

Cybercrime Passwords Data breaches Malware 98

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 300

Hacking Cybercrime Phishing Passwords 300

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime 140

Cybercrime Accountability Banking Advertising 140

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts.

Cybersecurity 136

Cybersecurity Spyware Data breaches Passwords 136

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 135

Ransomware Data collection Hacking Accountability 135

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. emphasized collective action and individual accountability. Protect IT."

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

SecureList

NOVEMBER 28, 2022

Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. The larger the subscription base, the greater the number of fraudulent key-selling schemes and attempts at stealing accounts.

Education 131

Education Phishing Scams Social Engineering 131

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 134

Internet Internet Accountability Passwords 134

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 242

Hacking Accountability Government Social Engineering 242

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Risk 116

SecureWorld News

JUNE 21, 2023

Cybersecurity firm Group-IB recently uncovered a significant security breach involving ChatGPT accounts. These compromised accounts pose a serious risk to businesses, especially in the Asia-Pacific region, which has experienced the highest concentration of ChatGPT credentials for sale.

Accountability 121

Accountability Data collection Cyber threats Risk 121

Identity IQ

DECEMBER 20, 2023

2023: A Year of Record-Breaking Data Breaches IdentityIQ This past year has been an eye-opening year in the realm of digital security. Here, we review the largest data breaches of 2023, analyze the trends, and review proactive measures to navigate the future of security. But the ramifications extend far beyond individual suffering.

Data breaches 90

Data breaches Identity Theft Cybercrime Social Engineering 90

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 134

Social Engineering Authentication Accountability Engineering 134

Security Through Education

JANUARY 18, 2023

The truth is technology has grown at an exponential rate and so has cybercrime. Cybercrime doesn’t just affect big businesses and national governments. What are some personal cybersecurity concerns for 2023? Business email compromise (BEC) attacks have been predicted to soar in 2023 according to Forbes Advisor.

Cybersecurity 98

Cybersecurity Social Engineering Scams IoT 98

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. and “Check bookmarks when you get account back.”

Accountability 138

Accountability Hacking Cryptocurrency Cybersecurity 138

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” The CVE-2023-27350 (CVSS score – 9.8)

Cybercrime 98

Cybercrime Software Education Ransomware 98

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 98

Ransomware Cybercrime Cybersecurity Hacking 98

Security Affairs

MAY 1, 2023

T-Mobile disclosed the second data breach of 2023, threat actors had access to the personal information of hundreds of customers since February. T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023.

Data breaches 98

Data breaches Mobile Identity Theft Accountability 98

Malwarebytes

JULY 21, 2023

This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by August 9, 2023 to protect their networks against active threats. The actively exploited CVE patched in this update is CVE-2023-3519 a Citrix NetScaler ADC and NetScaler Gateway code injection vulnerability with a CVSS score of 9.8

Authentication 98

Authentication VPN Cybercrime Cybersecurity 98

Security Affairs

MARCH 22, 2023

A tainted version of the legitimate ChatGPT extension for Chrome, designed to steal Facebook accounts, has thousands of downloads. The version employed in a recent campaign is based on a legitimate open-source project , threat actors added malicious code to steal Facebook accounts. Left: The “FakeGPT” Variant on Chrome Store.

Accountability 98

Accountability Encryption Hacking Cybercrime 98

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. Finally, other groups like Clop ramped up their activities over the course of last year, reaching their peak in early 2023 as they claimed to have hacked 130 organizations using a single zero-day vulnerability.

Ransomware 132

Ransomware Malware Architecture Telecommunications 132

Security Affairs

MARCH 12, 2023

Acronis downplays the severity of the recent security breach explaining that only a single customer’s account was compromised. This week a threat actor, who goes online with the moniker “kernelware”, claimed the theft of data from technology firm Acronis and started leaking it on the cybercrime forum Breached Forums.

Accountability 98

Accountability Backups Cybercrime CISO 98

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. The Nemesis Market recently reached over 150,000 users and over 1,100 seller accounts registered worldwide.

Marketing 134

Marketing Cybercrime DDOS Internet 134

SecureWorld News

JANUARY 9, 2023

Popular fast food restaurant chain Chik-fil-A recently said it was investigating reports of "suspicious activity" on customer accounts. January 6, 2023. The breach that he mentions apparently involves customer accounts and loyalty points. January 4, 2023. Itching for some chicken? Apparently a few hackers were too.

Accountability 79

Accountability InfoSec Media Passwords 79

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail 208

Retail Advertising Cryptocurrency Marketing 208

The Hacker News

NOVEMBER 28, 2023

Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022.

Phishing 107

Phishing Data breaches Cybercrime Accountability 107

Security Boulevard

JANUARY 19, 2023

Recently, ForgeRock executives shared their views on trends related to digital identity and the challenges organizations will face in 2023. Fran Rosch Chief Executive Officer Sweeping corporate layoffs will cause insider threats to rise As we head into 2023, the security risk associated with third parties is not going away.

Artificial Intelligence 83

Artificial Intelligence Retail Authentication Technology 83