Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. Earlier in August, Poshmark , a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories, disclosed a data breach that took place in May 2018.

Accountability 108

Accountability Data breaches Passwords Advertising 108

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). “The rest is just ransom.” CRACKDOWN ON HARM GROUPS?

Cybercrime 274

Cybercrime Mobile Media Hacking 274

Security Affairs

MARCH 27, 2025

The ransomware group steals victims’ data to pressure them into paying a “generous fee.” ” Arkana claims to have stolen two databases, respectively containing data of 403,000 and 2.2 million accounts. Compromised data includes usernames, passwords, security details, emails, and Firebase integration data.

Hacking 75

Hacking Telecommunications Data breaches Internet 75

The Last Watchdog

OCTOBER 18, 2023

The ubiquity of smart surveillance systems has contributed greatly to public safety. Related: Monetizing data lakes Image capture devices embedded far and wide in public spaces help deter crime as well as aid first responders — but they also stir rising concerns about an individual’s right to privacy. Here are my takeaways.

Encryption 264

Encryption Surveillance Internet Internet 264

Security Affairs

DECEMBER 18, 2019

Lab test provider LifeLabs has disclosed a data breach that exposed personal information for up to 15 million Canadians. LifeLabs notified its customers via letter, exposed data includes names, contact information, health card numbers, and for approximately 85,000 customers their lab test results. ” said Brown.

Data breaches 91

Data breaches Identity Theft Insurance Advertising 91

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.

Hacking 358

Hacking Ransomware Banking Accountability 358

Security Boulevard

MARCH 31, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Proton Drive and Docs now support collaboration with users without Proton accounts Proton Proton users can now collaborate on documents with anyone -- including those without Proton accounts. of its photos app.

VPN 59

VPN Surveillance Malware Data breaches 59

Security Boulevard

FEBRUARY 17, 2025

The more accounts you have, the bigger your attack surface and potential exposure to data breaches. Tips for finding old accounts. Surveillance Tech in the News This section covers surveillance technology and methods in the news. Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches VPN Malware 52

The Last Watchdog

MAY 16, 2022

You and your cybersecurity team do everything correctly to safeguard your infrastructure, yet the frightening alert still arrives that you’ve suffered a data breach. The TCU deploys AI-based runtime threat-detection surveillance and remediation for enhanced tamper •. Traceability and accountability. Threat detection.

Cyber Attacks 273

Cyber Attacks Firmware Artificial Intelligence Manufacturing 273

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 68

Spyware Data breaches DNS Artificial Intelligence 68

Security Affairs

NOVEMBER 18, 2024

These penalties apply to all aspects of GDPR compliance, including inadequate data security, improper consent, and data breach failures. Privacy Shield in 2020, Meta continued transferring data under a framework that was deemed insufficient to protect European citizens from U.S. government surveillance.

Data privacy 126

Data privacy Risk Surveillance Government 126

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 122

Artificial Intelligence Data breaches Scams Insurance 122

CyberSecurity Insiders

SEPTEMBER 10, 2021

Cybersecurity firm Resecurity has confirmed that a hacker/s have breached the systems related to United Nations leading to the data breach. And gaining internal access of servers might allow cyber criminals to conduct long-term surveillance on their counterparts.

Cyber Attacks 134

Cyber Attacks Surveillance Encryption Data breaches 134

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 129

Spyware Government Surveillance Media 129

Malwarebytes

AUGUST 9, 2024

Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision (SEC) to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” But phishing operations might also use the information to their advantage.

Data breaches 132

Data breaches Passwords Phishing Password Management 132

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 98

Data breaches Spyware Surveillance Retail 98

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. ” reads the report.

Ransomware 132

Ransomware Surveillance Healthcare Accountability 132

Security Affairs

FEBRUARY 9, 2025

Here’s how data awareness can help HTTP Client Tools Exploitation for Account Takeover Attacks Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested Whos Behind the Seized Forums Cracked & Nulled?

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Security Affairs

SEPTEMBER 3, 2022

Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data breach this year The Prynt Stealer malware contains a secret backdoor. users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M

Data breaches 97

Data breaches Malware Ransomware Surveillance 97

eSecurity Planet

OCTOBER 8, 2024

Companies like Verizon, AT&T, and Lumen Technologies were targeted in this attack, allowing unauthorized access to critical systems used for court-authorized wiretapping — a tool vital for law enforcement surveillance. Details of the Breach The breach was discovered following months of suspicious activity within the networks of U.S.

Surveillance 115

Surveillance Government Phishing Cybersecurity 115

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

Approachable Cyber Threats

MAY 30, 2023

This incident would be considered a "data breach," and it's the potential consequence of poor Access Control management. Giving excessive privileges could increase the risk of a data breach; therefore, we must always be vigilant and limit who has access to sensitive information.

Cybersecurity 97

Cybersecurity Passwords Data breaches Risk 97

Security Affairs

SEPTEMBER 6, 2020

Is the Belarusian government behind the surveillance Android app banned by Google? The Twitter account of Indian Prime Minister Modi was hacked Evilnum APT used Python-based RAT PyVil in recent attacks SunCrypt Ransomware behind North Carolina school district data breach U.S.

Wireless 114

Wireless Advertising Surveillance Hacking 114

Security Affairs

AUGUST 4, 2019

Jessica Alba ‘s Twitter account hacked, it posted racist and homophobic messages. Over 23 million stolen payment card data traded on the Dark Web in H1 2019. Capital One data breach: hacker accessed details of 106M customers before its arrest. LAPD data breach exposes personal info of thousands of officers.

Data breaches 93

Data breaches eCommerce Hacking Malware 93

Security Affairs

MARCH 31, 2020

The accounts belong to Iranian users, they are from a third-party version of the Telegram app. The exposed data poses a serious risk to users in a country like Iran, nation-state actor could use them to target specific individuals that use Telegram (or a fork of the instant messaging app) for surveillance purposes.

Advertising 130

Advertising Accountability Surveillance Government 130

Security Affairs

SEPTEMBER 30, 2018

Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . · Firefox DoS issue crashes the browser and sometimes the Windows OS. · Akamai Report: Credential stuffing attacks are a growing threat. · Bitcoin Core Team fixes a critical DDoS flaw in wallet software. · SHEIN Data breach affected 6.42

Data breaches 87

Data breaches IoT Advertising Banking 87

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 98

Data breaches DDOS Ransomware Backups 98

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

SecureList

NOVEMBER 28, 2022

In the US, for example, the FTC has requested public comments on the “prevalence of commercial surveillance and data security practices that harm consumers” to inform future legislation. While big tech companies may spend more on security than smaller players, even they have their share of data breaches.

Insurance 136

Insurance Social Engineering IoT Data breaches 136

Security Affairs

MAY 14, 2023

Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Affairs

SEPTEMBER 1, 2019

Hostinger disclosed a data breach that affects 14 Million customers. Binance says that leaked KYC Data are from third-party vendor. Imperva data Breach: WAF customers data exposed. White hat hacker demonstrated how to hack a million Instagram accounts. Remove it now from your phone!

eCommerce 73

eCommerce Data breaches Malware Advertising 73

Adam Levin

MARCH 8, 2019

Even if you don’t have an Echo in your home or shop at Whole Foods, the company accounts for half of all online commerce, and is the largest cloud provider on the web, providing streaming and hosting for Netflix, HBO Go, AirBnB, and others. What is Amazon’s position regarding consumer willingness to be surveilled in this way?

IoT 107

IoT Surveillance Manufacturing Internet 107

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 Pierluigi Paganini.

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

Security Affairs

SEPTEMBER 29, 2024

Treasury issued fresh sanctions against entities linked to the Intellexa Consortium Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812 Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries Chinese man charged for spear-phishing against NASA and US Government Data Breach Qilin ransomware attack on Synnovis (..)

Hacking 115

Hacking Ransomware Antivirus Cybercrime 115

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 120

Cyber Attacks Firewall Data breaches Telecommunications 120

SecureWorld News

JANUARY 31, 2024

Frequently, the liability associated with slip-and-falls is pushed up to the owner—and within that same upstream push, so goes privacy and data breach liability. Frankly, non-data-breach privacy risks may not always be insurable, but they will always exist.

Risk 102

Risk Cyber Insurance Insurance Data breaches 102

Security Affairs

NOVEMBER 3, 2019

UniCredit bank discloses a data breach that impacted 3 million of Italian clients. Network Solutions data breach – hacker accessed data of more 22 Million accounts. WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies. Details for 1.3

Data breaches 68

Data breaches Cyber Attacks Telecommunications Advertising 68