Security Affairs

APRIL 12, 2024

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. ” reads the press release published by the company.

Accountability 135

Accountability Passwords Data breaches Authentication 135

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information.

Accountability 142

Accountability Ransomware Data breaches Hacking 142

Security Affairs

MARCH 18, 2024

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The impacted email accounts were re-secured.

Accountability 139

Accountability Hacking Cybersecurity Data breaches 139

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked.

Government 144

Government Accountability Hacking Advertising 144

Security Affairs

MARCH 2, 2023

The popular data breach notification service HaveIBeenPwned reported that the hack took place in December and impacted 565k user accounts, it also added that 83% of the records were already in HIBP database. New breach: GunAuction[.]com 83% were already in @haveibeenpwned.

Accountability 98

Accountability Hacking Data breaches Passwords 98

Security Affairs

FEBRUARY 29, 2024

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. Use this code to log in/reset the FB account password for the user account.”

Accountability 145

Accountability Passwords Hacking Information Security 145

Security Affairs

FEBRUARY 8, 2020

The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group Our M ine. Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and Messenger.

Accountability 144

Accountability Hacking Media Advertising 144

CyberSecurity Insiders

MAY 4, 2023

According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline. Primary analysis made by the technology giant stated that the malware was being distributed via browser extensions and fake ads running on compromised business accounts.

Information Security 99

Information Security Healthcare Social Engineering Ransomware 99

Security Affairs

APRIL 14, 2020

The details of around four million users are now being shared for free on underground hacking forums, according to ZDNet that has obtained samples from different sources, exposed records include usernames, email addresses, and hashed account passwords (bcrypt hashing algorithm). ” reads the post published Risk Based Security.

Accountability 145

Accountability Hacking Data breaches Passwords 145

Security Affairs

NOVEMBER 15, 2020

million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. million Pluto TV user records, he also added that the service was hacked by ShinyHunters. SecurityAffairs – hacking, ShinyHunters). The post ShinyHunters hacked Pluto TV service, 3.2M

Accountability 130

Accountability Hacking Data breaches Passwords 130

Security Affairs

JUNE 20, 2024

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. Then Kokorin disclosed the flaw on X.

Accountability 145

Accountability Phishing Hacking Information Security 145

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 138

Hacking Accountability Passwords Cybercrime 138

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 108

Accountability Hacking Financial Services Cybersecurity 108

Security Affairs

SEPTEMBER 7, 2024

A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for WordPress that accounts for over 5 million active installations.

Accountability 135

Accountability Authentication Hacking Information Security 135

Security Affairs

DECEMBER 1, 2019

The official Twitter account of Huawei Mobile Brazil has been hacked and attackers have sent offensive messages to the rival Apple. The official Twitter account of Huawei Mobile Brazil has been hacked, attackers have sent offensive messages to provoke the rival Apple. SecurityAffairs – hacking, Twitter account).

Mobile 134

Mobile Accountability Hacking Wireless 134

Security Affairs

MAY 24, 2024

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. The flaw can be exploited to hijack an account without any interaction.

Accountability 140

Accountability Passwords Hacking Cybersecurity 140

Security Affairs

JANUARY 24, 2024

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The flaw can be exploited to hijack an account without any interaction.

Accountability 144

Accountability Passwords Internet Internet 144

Security Affairs

MAY 6, 2020

Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.

Accountability 133

Accountability Hacking Data breaches Advertising 133

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. They discovered that Kia would send a registration link to the customers’ email addresses, allowing them to register their vehicle or add it to their Kia account.

Hacking 141

Hacking Accountability Mobile Internet 141

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability 140

Accountability Passwords Data breaches Hacking 140

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking 135

Hacking Government Spyware Marketing 135

Security Boulevard

AUGUST 21, 2022

The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on The Shared Security Show. The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Security Boulevard.

Authentication 98

Authentication Accountability Hacking Ransomware 98

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The hackers hijacked the official Barcelona and Olympic Twitter accounts and posted some tweets to claim responsibility for the hack.

Accountability 134

Accountability Hacking Advertising Media 134

Security Affairs

MARCH 28, 2022

While Twitter suspends some Anonymous accounts, the collective hacked All-Russia State Television and Radio Broadcasting Company (VGTRK). It seems that the platform also blocked other accounts, but at the time of this writing, there is no official announcement from Twitter. SecurityAffairs – hacking, Ukraine).

Accountability 98

Accountability Hacking Banking Government 98

Security Affairs

JANUARY 13, 2024

GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. prior to 16.1.6, prior to 16.2.9, prior to 16.3.7,

Accountability 138

Accountability Passwords Hacking Information Security 138

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 142

Banking Accountability Malware Mobile 142

Security Affairs

JANUARY 20, 2022

Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Recently, several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts being protected with 2FA. ETH from yesterday's @cryptocom hack.

Accountability 104

Accountability Hacking Cryptocurrency Cyber Attacks 104

Security Affairs

OCTOBER 18, 2023

. “Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account.” Then they used the password to login to the admin account (after enabling it). 64561 or above.”

Accountability 135

Accountability Passwords Hacking Internet 135

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.” government and defense entities.

Hacking 139

Hacking Identity Theft Social Engineering Accountability 139

Security Affairs

FEBRUARY 3, 2024

A vulnerability impacting the decentralized social network Mastodon can be exploited by threat actors to impersonate and take over any account. A security flaw, tracked as CVE-2024-23832 (CVSS score 9.4), in the decentralized social network Mastodon can be exploited to impersonate and take over any account.

Accountability 139

Accountability Media Hacking Information Security 139

Security Affairs

JUNE 4, 2022

GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’ accounts. GitLab has fixed a critical security flaw in its GitLab Enterprise Edition (EE), tracked as CVE-2022-1680 (CVSS score 9.9), that could be exploited to take over an account.

Accountability 145

Accountability Hacking Cybersecurity Information Security 145

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 133

Internet Internet Accountability Passwords 133

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack.

Accountability 138

Accountability Social Engineering Authentication VPN 138

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking 143

Hacking Ransomware Phishing Malware 143

Security Affairs

JANUARY 7, 2022

million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 FlexBooker recommends users stay vigilant and review account statements and credit reports for suspicious transactions. The data breach notification service Have I Been Pwned reports that 3,756,794 accounts were compromised in the attack.

Data breaches 145

Data breaches Accountability Passwords Cybercrime 145

Security Affairs

SEPTEMBER 10, 2019

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Robert Downey Jr’s Instagram account has 43.2 million, hacking it is possible to target millions of unaware fans. SecurityAffairs – Robert Downey Jr, hacking).

Accountability 108

Accountability Hacking Advertising Scams 108

Security Affairs

MAY 2, 2024

Investigations revealed that a threat actor gained access to data, including customer information like emails, usernames, phone numbers, and hashed passwords. Additionally, certain account settings and authentication information such as API keys, OAuth tokens, and multi-factor authentication details were compromised.

Hacking 135

Hacking Authentication Passwords Accountability 135