Troy Hunt

OCTOBER 2, 2020

The vulnerability allow an attacker to hijack any account. On a surface of it, things looked bad: complete account takeover with a very trivial attack. All I needed was for Scott to create an account and let me know the email address he used which in this case, was test@scotthelme.co.uk. Full account takeover.

Accountability 363

Accountability Hacking Passwords InfoSec 363

Bleeping Computer

APRIL 12, 2024

Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. [.]

Accountability 127

Accountability Hacking 127

Krebs on Security

AUGUST 15, 2024

We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida. That user appears to have deleted their Telegram account several days ago, presumably in response to intense media coverage of the breach.

Hacking 342

Hacking Data breaches Identity Theft Accountability 342

Krebs on Security

MAY 18, 2019

com — a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims’ phone numbers — has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.

Accountability 242

Accountability Hacking Backups Passwords 242

Bleeping Computer

MARCH 11, 2024

Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. [.]

Accountability 140

Accountability Hacking Data breaches 140

SecureWorld News

JANUARY 24, 2024

On January 9, during a period of heightened anticipation surrounding the potential approval of Bitcoin exchange-traded funds (ETFs), an unauthorized post appeared on the SEC's X account claiming the approval had been granted. This triggered a surge in Bitcoin's price before the SEC quickly debunked the post and attributed it to a hack.

Accountability 98

Accountability Hacking Government Mobile 98

Bleeping Computer

JANUARY 22, 2024

Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [.]

Accountability 118

Accountability Hacking 118

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 350

Accountability Identity Theft Hacking Insurance 350

SecureBlitz

APRIL 11, 2024

Social media platforms and online forums are full of lamentations by Disney+ users’ complaints about their hacked Disney accounts. The highly anticipated launch of Disney+ in November 2019 wasn't without its hiccups.

Accountability 80

Accountability Hacking Media Cybersecurity 80

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. ” the company said on X.

Accountability 136

Accountability Hacking Cryptocurrency Cybersecurity 136

Bleeping Computer

AUGUST 15, 2023

LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers. [.]

Accountability 98

Accountability Hacking 98

Bleeping Computer

JANUARY 19, 2024

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. [.]

Accountability 103

Accountability Hacking 103

Schneier on Security

JANUARY 29, 2024

The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.

Hacking 286

Hacking Accountability Passwords Cybersecurity 286

The Hacker News

JANUARY 3, 2024

American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the account has been restored on the social media platform. It's currently not clear how the account was breached.

Scams 103

Scams Accountability Hacking Cryptocurrency 103

Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability 145

Accountability Hacking Banking Government 145

We Live Security

SEPTEMBER 26, 2022

Had your Instagram account stolen? Don’t panic – here’s how to get your account back and how to avoid getting hacked (again). The post What happens with a hacked Instagram account – and how to recover it appeared first on WeLiveSecurity.

Accountability 145

Accountability Hacking 145

Penetration Testing

OCTOBER 18, 2024

a 25-year-old from Athens, Alabama, for his alleged role in a cyberattack that rocked the cryptocurrency market earlier... The post Cybercriminal Arrested in Connection with SEC X Account Hack That Manipulated Bitcoin Market appeared first on Cybersecurity News.

Marketing 63

Marketing Accountability Hacking Cryptocurrency 63

Malwarebytes

JANUARY 10, 2024

We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). The @SECGov X account was compromised, and an unauthorized post was posted. You’re all set.

Accountability 92

Accountability Scams Hacking Cryptocurrency 92

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 300

Hacking Cybercrime Phishing Passwords 300

The Hacker News

JANUARY 10, 2024

The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group.

Accountability 101

Accountability Hacking Authentication Passwords 101

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. Scavuzzo said the administrator’s account was hijacked even though she had multi-factor authentication turned on.

Hacking 307

Hacking Accountability Scams Cryptocurrency 307

Heimadal Security

OCTOBER 28, 2022

The American news outlet New York Post confirmed today that it was hacked after threat actors used their website and Twitter account to publish offensive headlines and tweets directed at U.S. New York Post took to Twitter to make the announcement about the hack after it deleted all the offensive tweets targeted […].

Accountability 107

Accountability Hacking Cybersecurity 107

Security Affairs

JANUARY 10, 2024

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish fake news on the Bitcoin ETF approval. ” Gensler wrote.

Accountability 129

Accountability Hacking Cryptocurrency Surveillance 129

Bleeping Computer

JANUARY 9, 2024

The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. [.]

Accountability 98

Accountability Hacking Government 98

Bleeping Computer

JANUARY 30, 2024

Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in a November 2022 credential stuffing attack. [.]

Accountability 84

Accountability Hacking 84

SecureWorld News

JANUARY 10, 2024

Securities and Exchange Commission's (SEC) account on X (formerly Twitter) was briefly compromised on Tuesday, January 9, sending shockwaves through the cryptocurrency market and raising serious questions about the agency's cybersecurity practices. Bud Broomhead, CEO of Viakoo, emphasized the broader lessons learned from the hack.

Accountability 91

Accountability Hacking Marketing Cryptocurrency 91

CyberSecurity Insiders

OCTOBER 25, 2022

If your email account gets hacked, the first thing to do is to contact the email services provider and inform them about the compromise. One can use the security question that was used at the time of registration to regain control over the account via a recovery service/procedure.

Accountability 117

Accountability Hacking Identity Theft Passwords 117

Security Boulevard

MARCH 10, 2024

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part.

Media 75

Media Accountability Hacking Malware 75

Security Boulevard

JANUARY 23, 2024

The bad actor who hacked into the X account of the Securities and Exchange Commission earlier this month gained access through a SIM swapping attack on the agency’s phone linked to the account. The post SEC X Account Hack is a Case of SIM Swapping appeared first on Security Boulevard.

Accountability 78

Accountability Hacking Wireless Scams 78

Security Boulevard

JANUARY 21, 2024

Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

Media 78

Media Accountability Hacking Scams 78

We Live Security

JANUARY 24, 2022

Somebody could easily take control of your PayPal account and steal money from you if you’re not careful – here's how to stay safe from a simple but effective attack. The post How I hacked my friend’s PayPal account appeared first on WeLiveSecurity.

Accountability 117

Accountability Hacking 117

Graham Cluley

FEBRUARY 28, 2024

Matthew Perry's official Twitter account was hijacked by scammers this week who attempted to solicit donations from well-meaning fans of the much-loved late actor. The post asked for cryptocurrency donations "to support our mission in battling addiction." Read more in my article on the Hot for Security blog.

Cryptocurrency 106

Cryptocurrency Accountability Hacking Scams 106

Bleeping Computer

SEPTEMBER 7, 2022

Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website. [.].

Accountability 119

Accountability Hacking 119

Security Boulevard

JANUARY 5, 2023

On December 29, 2022, Slack was alerted to suspicious activity on their GitHub account. The post Slack GitHub Account Hacked via Stolen Employee API Token appeared first on Wallarm. The post Slack GitHub Account Hacked via Stolen Employee API Token appeared first on Wallarm.

Accountability 98

Accountability Hacking Data breaches 98

Bleeping Computer

DECEMBER 22, 2022

​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. [.].

Accountability 101

Accountability Hacking Authentication Passwords 101

Bleeping Computer

MARCH 15, 2024

The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. [.]

Accountability 106

Accountability Hacking 106

CyberSecurity Insiders

AUGUST 16, 2022

Thomas Moore University, a university in Kentucky, has become a victim of a cyber attack as its official Facebook account was hacked to post inappropriate images and videos. A logical complaint has been registered against the hack with the law enforcement department and investigation has started.

Accountability 118

Accountability Hacking Media Cyber Attacks 118