Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability 134

Accountability Hacking Malware Information Security 134

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. for phishing scams that resulted in the compromise of millions of email accounts. million in restitution.

Scams 124

Scams Phishing Identity Theft Accountability 124

Security Affairs

FEBRUARY 17, 2025

Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. The researchers warn that, at scale, this attack could impact thousands of AWS accounts, with around 1% of organizations estimated to be vulnerable. ” reads the advisory published by the company.

Accountability 62

Accountability Hacking Cybersecurity Information Security 62

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., ” The U.S.

Firewall 76

Firewall Hacking Malware Passwords 76

Security Affairs

OCTOBER 14, 2024

“Between August 17 and August 19, a third party accessed and obtained certain information without authorization using two customer accounts that they had recently established. An investigation was promptly launched with assistance from external security experts.”

Data breaches 133

Data breaches Financial Services Accountability Hacking 133

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. The disclosure from Okta comes just weeks after casino giants Caesar’s Entertainment and MGM Resorts were hacked.

Social Engineering 353

Social Engineering Engineering Accountability Hacking 353

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Use a password manager : Simplifies managing strong, unique passwords across accounts. payment info) may have been compromised.

Identity Theft 125

Identity Theft Passwords Malware Banking 125

Security Affairs

OCTOBER 28, 2024

. “Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 106

Cryptocurrency Hacking Government Accountability 106

Security Affairs

JANUARY 2, 2025

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites. ” Paulos Yibelo wrote.

Accountability 118

Accountability Authentication Hacking Information Security 118

Security Affairs

NOVEMBER 3, 2024

The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. These routers are used to relay brute-force attacks on Microsoft 365 accounts. In the majority of the campaigns, about 80 percent, CovertNetwork-1658 makes only one sign-in attempt per account per day.

Passwords 133

Passwords Wireless VPN Accountability 133

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Security Affairs

OCTOBER 17, 2024

The fixed version sets a randomly-generated password for the duration of the image build and it disables the builder account at the conclusion of the image build. Alternatively, disable the ‘builder’ account with usermod -L builder on affected VMs.” ” Kubernetes Image Builder v0.1.38

Accountability 134

Accountability Passwords Hacking Cybersecurity 134

Security Affairs

FEBRUARY 16, 2025

The attackers employ a phishing technique called device code phishing, which tricks users into logging into productivity apps while capturing login tokens that can be used to take over compromised accounts. ” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data.

Phishing 115

Phishing Authentication Telecommunications Accountability 115

Security Affairs

APRIL 12, 2024

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. ” reads the press release published by the company.

Accountability 133

Accountability Passwords Data breaches Authentication 133

Security Affairs

MARCH 18, 2024

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The impacted email accounts were re-secured.

Accountability 138

Accountability Hacking Cybersecurity Data breaches 138

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. Security researcher ZachXBT identified the victim as Ripple co-founder Chris Larsen. The governments latest action officially secures the recovered funds. ” reported KrebsOnSecurity.

Password Management 87

Password Management Cryptocurrency Passwords Data breaches 87

Security Affairs

FEBRUARY 4, 2025

The investigation revealed that attackers had compromised an account associated with a third-party provider of support services. Then GrubHub locked out the attackers and removed the hacked account. Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider.”

Data breaches 114

Data breaches Passwords Accountability Hacking 114

Security Affairs

FEBRUARY 13, 2025

Valve removed the game PirateFi from the Steam video game platform because it contained a Windows malicious code to steal browser cookies and hijack accounts. PCMag cited the case of a gamer who downloaded the game and reported that his accounts were hijacked using stolen cookies. A few days later, Valve notified impacted users.

Malware 110

Malware Antivirus Accountability Software 110

Security Affairs

NOVEMBER 29, 2024

Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks. The Rockstar admin panel is user-friendly, it allows customers to track phishing activity, including visit stats and account validity, and offers tools like URL generators and customizable email themes.

Phishing 113

Phishing Accountability Authentication Advertising 113

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA)

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

JUNE 20, 2024

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. Then Kokorin disclosed the flaw on X.

Accountability 145

Accountability Phishing Hacking Information Security 145

Security Affairs

MAY 24, 2024

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. The flaw can be exploited to hijack an account without any interaction.

Accountability 139

Accountability Passwords Hacking Cybersecurity 139

Security Affairs

FEBRUARY 29, 2024

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. Use this code to log in/reset the FB account password for the user account.”

Accountability 145

Accountability Passwords Hacking Information Security 145

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability 139

Accountability Passwords Data breaches Hacking 139

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

Security Affairs

DECEMBER 4, 2024

that could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine. In mid-October, Sophos researchers warned that ransomware operators are exploiting the vulnerability CVE-2024-40711 to create rogue accounts and deploy malware. ” reads the advisory.

Backups 113

Backups Ransomware Accountability Hacking 113

Security Affairs

JANUARY 24, 2024

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The flaw can be exploited to hijack an account without any interaction.

Accountability 143

Accountability Passwords Internet Internet 143

Security Affairs

OCTOBER 22, 2024

The security breach exposed low-sensitivity performance monitoring data, including customer usernames, account info, and encrypted internal credentials. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA ) Rackspace helped ScienceLogic address this issue.

Encryption 123

Encryption Hacking Accountability Cybersecurity 123

Security Affairs

JANUARY 16, 2025

. “This DNS misconfiguration could have been done by accident, or as a malicious modification by a threat actor with access to the domains registrar account. ” It is unclear if the DNS misconfiguration has been done by accident, or a threat actors has done it by accessing the domains registrar account.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

OCTOBER 30, 2024

The malware allows operators to steal bank users’ sensitive information and money from their bank accounts. FakeCall is a banking trojan that uses voice phishing by impersonating banks in fraudulent calls to obtain sensitive information from victims.

Banking 131

Banking Malware Accountability Phishing 131

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 137

Hacking Accountability Passwords Cybercrime 137

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. These scripts sometimes leveraged publicly available pentesting tools and security services to programmatically find vulnerable infrastructure.” ” reads the OpenAI’s report.

Malware 136

Malware Social Engineering Engineering Hacking 136

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The threat that API security breaches pose to enterprises should not be taken lightly.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management 108

Password Management Passwords CISO Cybersecurity 108

Security Affairs

FEBRUARY 19, 2025

Russia-linked threat actors exploit Signal ‘s “linked devices” feature to hijack accounts, per Google Threat Intelligence Group. Google Threat Intelligence Group (GTIG) researchers warn of multiple Russia-linked threat actors targeting Signal Messenger accounts used by individuals of interest to Russian intelligence.

Phishing 82

Phishing Accountability Social Engineering Malware 82