Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. A post about the Change breach from RansomHub on April 8, 2024.

Healthcare 283

Healthcare Insurance Computers and Electronics Data breaches 283

The Last Watchdog

SEPTEMBER 24, 2024

The data began leaking in April 2024, and by summer, it was being sold on the dark web for $3.5 Rather, we should treat SSN as just another piece of personally identifiable information (PII) like an email address – confidential information but not a sensitive one that unlocks your bank accounts. NPD reported the exposure of over 2.7

Authentication 216

Authentication Identity Theft Banking Data breaches 216

Security Affairs

MAY 29, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services. ” reads advisory. ” reads advisory.

Authentication 125

Authentication Accountability Passwords Data breaches 125

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. ” concludes Sophos.

Backups 130

Backups Ransomware VPN Authentication 130

The Last Watchdog

MAY 30, 2024

From MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Service accounts have multiplied exponentially in recent years and become a prime target of threat actors, since little has been done to beef up protection. LW provides consulting services to the vendors we cover.)

Accountability 130

Accountability Small Business Insurance Authentication 130

Security Affairs

JULY 25, 2024

Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Progress Software addressed a critical remote code execution flaw, tracked as CVE-2024-6327 (CVSS score of 9.9), in the Telerik Report Server that can be exploited to compromise vulnerable devices.

Software 122

Software Authentication Hacking Accountability 122

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. billion rows of records — they claimed was taken from nationalpublicdata.com.

Hacking 351

Hacking Data breaches Identity Theft Accountability 351

Thales Cloud Protection & Licensing

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Lillian knew that a shift in authentication couldn't wait. Fortunately, it didn’t have to.

Authentication 138

Authentication Passwords CISO Password Management 138

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. Booking.com did not respond to questions about that, and its current account security advice urges customers to enable 2FA.

Phishing 238

Phishing Accountability Artificial Intelligence Cybercrime 238

Security Affairs

JULY 29, 2024

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) The flaw is an authentication bypass vulnerability in VMware ESXi.

Ransomware 135

Ransomware Engineering Encryption Authentication 135

Malwarebytes

OCTOBER 6, 2023

Recently, Amazon announced that it will require all privileged Amazon Web Services (AWS) accounts to use multi-factor authentication (MFA) , starting in mid-2024. Our regular readers will know that we feel that passwords alone are not adequate protection , especially not for your important accounts.

Authentication 137

Authentication Passwords Social Engineering Accountability 137

The Last Watchdog

JULY 11, 2024

Related: Passwordless workpace long way off However, as users engage with more applications across multiple devices, the digital security landscape is shifting from passwords and password managers towards including passwordless authentication, such as multi-factor authentication (MFA), biometrics, and, as of late, passkeys.

Authentication 124

Authentication Passwords Malware Accountability 124

Krebs on Security

JUNE 15, 2024

. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. ” The cybercrime-focused Twitter/X account vx-underground said the U.K. In January 2024, U.S.

Hacking 311

Hacking Phishing Cybercrime Passwords 311

The Hacker News

SEPTEMBER 11, 2024

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024.

Authentication 95

Authentication Accountability Account Security 95

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 141

Banking Accountability Malware Mobile 141

Security Affairs

SEPTEMBER 7, 2024

A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for WordPress that accounts for over 5 million active installations. An attacker can exploit this vulnerability to upload malicious plugins.

Accountability 133

Accountability Authentication Hacking Information Security 133

Malwarebytes

JANUARY 10, 2024

We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). The @SECGov X account was compromised, and an unauthorized post was posted. — U.S. You’re all set.

Accountability 104

Accountability Scams Hacking Cryptocurrency 104

Bleeping Computer

JUNE 15, 2024

Microsoft has announced new cybersecurity enhancements for Outlook personal email accounts as part of its 'Secure Future Initiative,' including the deprecation of basic authentication (username + password) by September 16, 2024. [.]

Accountability 94

Accountability Authentication Passwords Cybersecurity 94

eSecurity Planet

JANUARY 29, 2024

Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane. You can also set up compromised password alerts that will proactively look for leaked passwords or vulnerable accounts across your company. You can unsubscribe at any time.

Password Management 107

Password Management Passwords Authentication Accountability 107

Security Affairs

JULY 1, 2024

Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8) impacting all D-Link DIR-859 WiFi routers. ” concludes GreyNoise.

Passwords 133

Passwords Accountability Authentication Internet 133

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 131

Internet Internet Accountability Passwords 131

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

SecureList

JANUARY 25, 2024

Australia has also unveiled a national strategy for digital identity resilience, aiming for mainstream use in 2024. The year 2023 marked the emergence of several important trends, which will influence the privacy field in 2024. This is no longer adequate in 2024.

Passwords 118

Passwords Authentication Technology Insurance 118

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. Those accounts state that the intruders assaulted Tylerb’s mother in the home invasion, and that they threatened to burn him with a blowtorch if he didn’t give up the keys to his cryptocurrency wallets. .”

Identity Theft 228

Identity Theft Phishing Cryptocurrency Accountability 228

Security Affairs

MAY 21, 2024

The most severe vulnerability is a flaw tracked as CVE-2024-27130. The WatchTowr Labs researchers also published technical details of the flaw CVE-2024-27130 and a proof of concept (PoC) exploit code. The WatchTowr Labs researchers also published technical details of the flaw CVE-2024-27130 and a proof of concept (PoC) exploit code.

Authentication 134

Authentication Accountability Social Engineering Engineering 134

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) is an authentication bypass vulnerability in VMware ESXi.

Ransomware 126

Ransomware Authentication Encryption VPN 126

Security Affairs

JANUARY 24, 2024

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT.

Authentication 134

Authentication Hacking Engineering Encryption 134

Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. This means there are serious holes in our authentication armor today. The benefit is twofold.

Authentication 95

Authentication Accountability VPN Phishing 95

NetSpi Technical

MARCH 11, 2024

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost.

Authentication 145

Authentication Penetration Testing Technology Phishing 145

Krebs on Security

JANUARY 30, 2024

9, 2024, U.S. In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. technology companies during the summer of 2022. Twilio disclosed in Aug. According to an Aug.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 132

Backups Ransomware VPN Accountability 132

Security Affairs

JULY 12, 2024

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. “Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.” < 11.1.4<

Authentication 131

Authentication Firewall Accountability Hacking 131

Security Affairs

AUGUST 13, 2024

Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. “Successful exploitation could lead to authentication bypass and creation of an administrator user.”

Authentication 133

Authentication Accountability Software Internet 133

The Hacker News

JUNE 4, 2024

Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users. The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0. "In

Accountability 99

Accountability Authentication Software 99

IT Security Guru

DECEMBER 20, 2023

Many of the applications that historically integrated with the on-premise corporate directory for Single Sign-On will now require manual, password-based authentication, increasing the burden on users and also further extending the attack surface for malicious actors. AI will dominate the cyber landscape in 2024 in ways few people can imagine.

Cybersecurity 142

Cybersecurity Phishing Scams Cloud Migration 142

Security Affairs

SEPTEMBER 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593 (CVSS score of 9.8) Successful exploitation could lead to authentication bypass and creation of an administrator user.” to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 133

Authentication Software Internet Internet 133