Advertising, Information Security and Passwords

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. ” Orn advertising Araneida Scanner in Feb. 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

FEBRUARY 19, 2020

Password Protection & Authentication. Passwords are the baseline of cybersecurity. Luckily, applying AI into the mix can make passwords more secure. Before, a password was a word or phrase. One thing better than having an incredibly good password is to have a lot of them. Multi-Factor Authentication.

Artificial Intelligence

Artificial Intelligence Information Security Passwords Encryption

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers.

Malware

Malware Advertising Antivirus Cybercrime

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords

Passwords Authentication Advertising Software

Zoom client for Windows could allow hackers to steal users’Windows password

Security Affairs

APRIL 1, 2020

The popular Zoom app is under scrutiny, experts have discovered a vulnerability that could be exploited to steal users’ Windows passwords. Security experts and privacy advocates believe that the Zoom is an efficient online video communication platform, but evidently it has some serious privacy and security solutions.

Passwords

Passwords Advertising Hacking Software

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

The Saim Raza group run multiple marketplaces that advertised and facilitated the sale of hacking and fraud tools, including malware, phishing kits and email extractors. The HeartSender group advertised its tools as fully undetectable by antispam software. These tools are essential components to build and run fraud operations.

Cybercrime

Cybercrime Advertising Phishing Hacking

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. Pierluigi Paganini.

Passwords

Passwords Software Firmware Malware

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS).

Advertising

Advertising Passwords Malware Password Management

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Agent Tesla includes new password-stealing capabilities from browsers and VPNs appeared first on Security Affairs. Pierluigi Paganini.

Passwords

Passwords Spyware VPN Malware

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

In 2018, MyHeritage suffered a security incident which exposed the email addresses and hashed passwords of 92 million users. So, even if a company has good intentions, there is still a risk of your genetic data being linked to your personally identifiable information (PII).

Insurance

Insurance Accountability Risk Data breaches

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Security Affairs

NOVEMBER 29, 2024

The proxy server allows attackers to access the traffic and capture the target’s password and the session cookie. Authors advertise Rockstar 2FA as a phishing-as-a-service toolkit that bypasses 2FA, harvests cookies, and features FUD links, antibot tools, and custom themes. ” reads the report published by Trustwave.

Phishing

Phishing Accountability Authentication Advertising

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “ Land Lordz ,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.

Scams

Scams Advertising Accountability Phishing

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

The leaked data includes login names, hashed passwords, and email addresses. It is not confirmed that all of the leaked data is legitimate, anyway, experts suggest users change their password immediately. Users that share the password at another site should also change the password. Pierluigi Paganini.

Hacking

Hacking Data breaches Cybercrime Passwords

Experts uncovered hidden behavior in thousands of Android Apps

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. There are 7,584 apps with secret access keys, 501 apps that embed master passwords, and 6,013 apps with secret commands. Moreover, these security risks hold generally across all of our data sources.

Mobile

Mobile Passwords Advertising Firmware

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. ” reported the website PingWest. ?????????????

Accountability

Accountability Passwords Advertising Internet

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

The threat actor is advertising the stolen data since October 28 on a hacker forum. Users of the above companies have to immediately change their passwords, and if they use the same passwords at other sites, they should also change the password at those sites. Source Bleeping Computer. Pierluigi Paganini.

Data breaches

Data breaches Accountability Advertising Passwords

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

4 Million Quidd account details shared on hacking forums

Security Affairs

APRIL 14, 2020

Quidd , the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. The data breach was first reported by Risk Based Security last week, since then, Quidd has never disclosed any data breach recent security incident.

Accountability

Accountability Hacking Data breaches Passwords

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

The API in question was tied to a Postal Service initiative called “ Informed Visibility ,” which according to the USPS is designed to let businesses, advertisers and other bulk mail senders “make better business decisions by providing them with access to near real-time tracking data” about mail campaigns and packages.

Accountability

Accountability Authentication Identity Theft Advertising

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

The Joomla Resources Directory portal allows professionals and developers to advertise their services. Data contained in the backup includes : Full name Business address Business email address Business phone number Company URL Nature of business Encrypted password (hashed) IP address Newsletter subscription preferences.

Data breaches

Data breaches Backups Passwords Advertising

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

The Russian man also advertised the platform on other hacking forums. Individuals can also buy computer files, financial information, PII, and usernames and passwords taken from computers infected with malicious software (malware) located both in the U.S. Social Security Numbers, dates of birth, and victim addresses.

Accountability

Accountability Advertising Passwords Hacking

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password. In response to the incident, the SFO Airport reset all email and network passwords. The airport also forced a reset of all SFO related email and network passwords on Monday, March 23, 2020.”

Data breaches

Data breaches Hacking Telecommunications Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.”

Media

Media Hacking Passwords Data breaches

South Korean Woori Bank is accused of unauthorized use of customer data

Security Affairs

FEBRUARY 11, 2020

The bank changed 23,000 passwords in 2018 without consent. However, some branch employees of Woori Bank modified the passwords and as a result of the operation, the accounts have been reactivated. However, some branch employees of Woori Bank modified the passwords and as a result of the operation, the accounts have been reactivated.

Banking

Banking Passwords Accountability Advertising

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” ” “Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Passwords Accountability Advertising

Open Exchange Rates discloses a security breach

Security Affairs

MARCH 16, 2020

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.

Data breaches

Data breaches Passwords Advertising Accountability

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. exe,’ which is the Kpot password-stealing Trojan. Pierluigi Paganini.

Ransomware

Ransomware Advertising Cryptocurrency Passwords

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Security Affairs

APRIL 19, 2020

A hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World on a well-known hacking forum. . 22,000,000 users affected and while the database only contains username and hashed passwords, I believe it is just part of the full database that was probably taken as well. Pierluigi Paganini.

Hacking

Hacking Passwords Data breaches Advertising

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

APRIL 30, 2020

. “Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet” Attackers attempt to brute-force the username and password used to protect RDP access to systems exposed online, they can use combinations of random characters or leverage dictionary of most popular passwords.

Passwords

Passwords Advertising Authentication VPN

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

In malspam attacks, attackers could encrypt the Excel file by setting up a password, then when the victims receive the email, hackers trick them into opening the attachment using a password included in the content of the message. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Passwords Encryption Advertising

U.S. and Australian police arrested Firebird RAT author and operator

Security Affairs

APRIL 14, 2024

The RAT allowed customers to access and control their victims’ computers remotely, its author advertised its stealing capabilities. He is accused of advertising and selling the Hive remote access trojan (RAT) on the “Hack Forums” website. . ” reported the DoJ. ” continues DoJ. . ” continues DoJ.

Computers and Electronics

Computers and Electronics Advertising Cryptocurrency Malware

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Change your Activision account passwords and add 2FA immediately. Activision accounts are apparently being leaked so change your password, although that might not even help because they're apparently generating 1,000 accounts every 10 minutes. Players are recommended to change their account passwords as soon as possible.

Hacking

Hacking Data breaches Accountability Passwords

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Financial information either passwords were not impacted in the incident.

Data breaches

Data breaches Accountability Advertising Information Security

Havenly discloses data breach, 1.3M accounts available online

Security Affairs

AUGUST 3, 2020

The leaked records included a login name, full name, MD5 hashed password, email address, phone number, zip, and other data related. The company has notified impacted users via email, it admitted to having recently discovered the data breach, in response to the incident it has forced a password reset. Pierluigi Paganini.

Data breaches

Data breaches Accountability Passwords Advertising

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

Security Affairs

JANUARY 25, 2020

Cisco has addressed a high-severity flaw in the Cisco Webex video conferencing platform ( CVE-2020-3142) that could be exploited by a remote, unauthenticated attacker to enter a password-protected video conference meeting. reads the security advisory published by Cisco. Pierluigi Paganini. SecurityAffairs – Webex, hacking).

Mobile

Mobile Passwords Advertising Authentication

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

The huge trove of data contains over 386 million user records, but only some of them included the user’s password. Users of the above companies are recommended to change their passwords as soon as possible, they have to change the passwords where they used the same login credentials.

Passwords

Passwords Advertising Education Banking

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

. “We recently became aware that some of our customers’ personal information stored on one of our databases has been accessed without permission. To reassure you, the database did not include any passwords or financial details, such as bank account number or credit card information.” Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Passwords Advertising

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

The hacker access to users’ data, including usernames , email addresses, SHA-2 hashed passwords, account sign-up dates and country, the last-login date, the internet (IP) address, and links to profile photos. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.”

Data breaches

Data breaches Passwords Advertising Hacking

267 Million Facebook identities available for 500 euros on the dark web

Security Affairs

APRIL 20, 2020

Over 267 million Facebook profiles are offered for sale on dark web sites and hacker forums, the dump is offered for £500 ($623) and doesn’t include passwords. Hackers are offering for sale over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums, the archive doesn’t include passwords.

Data breaches

Data breaches Passwords Advertising Phishing

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” states the press release.

Government

Government Accountability Hacking Advertising

Chinese smartphone vendor OnePlus discloses a new data breach

Security Affairs

NOVEMBER 23, 2019

. “We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorized party.” “We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed.

Data breaches

Data breaches Passwords Advertising Accountability

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” ” continues the report.

Cybercrime

Cybercrime Antivirus Marketing Accountability

French daily Le Figaro leaks 7.4 Billion records

Security Affairs

MAY 2, 2020

. “The server was live at the time of our investigation, leaking Personally Identifiable Information (PII) data from people accessing private accounts on Le Figaro’s news website, and in some cases, their login credentials.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Identity Theft

Identity Theft Passwords Advertising Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Trending Sources

Banshee macOS stealer supports new evasion mechanisms

Linksys force password reset to prevent Router hijacking

TeamViewer flaw can allow hackers to steal System password

Zoom client for Windows could allow hackers to steal users’Windows password

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

DNA testing company vanishes along with its customers’ genetic data

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

‘Land Lordz’ Service Powers Airbnb Scams

Threat actor leaked data for U.S. gun exchange site on hacking forum

Experts uncovered hidden behavior in thousands of Android Apps

538 Million Weibo users’ records being sold on Dark Web

A data breach broker is selling account databases of 17 companies

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

4 Million Quidd account details shared on hacking forums

USPS Site Exposed Data on 60 Million Users

The team behind the Joomla CMS discloses a data breach

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

SFO discloses data breach following the hack of 2 of its websites

Asian media firm E27 hacked, attackers asked for a “donation”

South Korean Woori Bank is accused of unauthorized use of customer data

Hackers exploit SQL injection zero-day issue in Sophos firewall

Open Exchange Rates discloses a security breach

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Popular Webkinz World online children’s game hacked, 23M credentials leaked

RDP brute-force attacks rocketed since beginning of COVID-19

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

U.S. and Australian police arrested Firebird RAT author and operator

Alleged Activision hack, 500,000 Call Of Duty players impacted

SANS Institute Email Breach – 28,000 User Records exposed

Havenly discloses data breach, 1.3M accounts available online

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

ShinyHunters leaked over 386 million user records from 18 companies

Aerial Direct, the O2’s largest UK partner suffered a data breach

Data of 21 million Mixcloud users available for sale on the dark web

267 Million Facebook identities available for 500 euros on the dark web

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Chinese smartphone vendor OnePlus discloses a new data breach

15 billion credentials available in the cybercrime marketplaces

French daily Le Figaro leaks 7.4 Billion records

Stay Connected