Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light on the recent operations of the XE Group. ” reads the analysis published by Intezer.

Manufacturing 110

Manufacturing Cybercrime Passwords Authentication 110

Security Affairs

MARCH 18, 2025

The vulnerability is an authentication bypass issue that could allow a remote attacker to gain super-admin privileges by making maliciously crafted CSF proxy requests. An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0

Authentication 116

Authentication Ransomware Firewall Hacking 116

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 343

Banking Government Information Security Authentication 343

Security Affairs

SEPTEMBER 7, 2022

In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In the digital age, authentication is paramount to a strong security strategy. User authentication seems easy, but there are inherent challenges to be aware of. User Authentication.

Authentication 102

Authentication Passwords Risk Education 102

Krebs on Security

AUGUST 23, 2024

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. ” Caturegli said setting up an email server record for memrtcc.ad

DNS 325

DNS Internet Internet Authentication 325

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

JUNE 19, 2023

Cado researchers recently detected an interesting attack pattern linked to an emerging cybercrime group tracked as Diicot (formerly, “Mexals”) and described in analyses published by Akamai and Bitdefender. This campaign specifically targets SSH servers exposed to the internet with password authentication enabled.

Cybercrime 98

Cybercrime DDOS Internet Internet 98

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 116

Ransomware Cybercrime Phishing Banking 116

Security Affairs

JANUARY 16, 2025

Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here. The botnet’s SOCKS proxy setup enables access for hundreds of thousands of compromised machines. ” reads the report published by Infoblox.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. to its Known Exploited Vulnerabilities (KEV) catalog. and ftp/views.py.

DNS 109

DNS Authentication Ransomware Hacking 109

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks.

Phishing 113

Phishing Accountability Authentication Advertising 113

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

Security Affairs

NOVEMBER 21, 2024

near2tlg announced on Breachforums cybercrime forum the sale of access to the MediBoard platform used by multiple French hospitals. As soon as the attack was authenticated and validated in the morning, our teams immediately informed the client concerned.

Computers and Electronics 77

Computers and Electronics Healthcare Identity Theft Data breaches 77

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams 83

Scams Social Engineering Mobile Phishing 83

Security Affairs

JANUARY 27, 2025

The researcher reported that in many cases, attackers compromised the ESXi appliances either by using administrative credentials or by exploiting a known vulnerability to bypass the authentication. ESXi appliances’ resilience makes them ideal for tunneling, providing a semi-persistent backdoor within the network. .

Ransomware 98

Ransomware Authentication Hacking Cybersecurity 98

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities Catalog. Last week, the U.S.

Cybercrime 98

Cybercrime Software Education Ransomware 98

Security Affairs

MARCH 16, 2025

CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies Elon Musk blames a massive cyberattack for the X outages Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577 RansomHouse gang claims the hack of (..)

Spyware 73

Spyware Cybercrime Ransomware IoT 73

Security Affairs

NOVEMBER 5, 2024

It aims to bypass bank countermeasures used to enforce users’ identity verification and authentication, combined with behavioral detection techniques applied by banks to identify suspicious money transfers.” ” reads the report published by Cleafy.

Banking 121

Banking Malware Accountability Authentication 121

Security Affairs

APRIL 6, 2025

BleepingComputer reported that multiple companies confirmed the leaked Oracle data as authentic, including accurate LDAP names, emails, and other identifiers. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.states the company.

Data breaches 125

Data breaches Encryption Hacking Passwords 125

Security Affairs

FEBRUARY 3, 2025

Google as usual did not share details about the attacks exploiting the above vulnerability, The vulnerability is a privilege escalation security flaw in the Kernel’s USB Video Class driver. An authenticated local attacker could exploit the flaw to elevate privileges in low-complexity attacks. ” reads the advisory.

Media 115

Media Authentication Hacking Accountability 115

Security Affairs

FEBRUARY 16, 2021

Experts pointed out that attacks abusing the ngrok platform are hard to detect because connections to subdomains of ngrok.com are not filtered by security measures. Experts provided a list of ngrok -based attacks conducted by cybercrime organizations and nation-stated actors such as Fox Kitten and Pioneer Kitten APT groups.

Phishing 142

Phishing Cybercrime Mobile Internet 142

Security Affairs

JANUARY 15, 2025

Instead, only an HMAC (hash-based message authentication code) is logged in AWS CloudTrail. IAM Roles enable applications to securely make signed API requests from EC2 instances, ECS or EKS containers, or Lambda functions using short-term credentials that are automatically deployed, frequently rotated, requiring zero customer management.

Encryption 117

Encryption Ransomware Authentication Accountability 117

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 87

Consumer Protection Identity Theft Scams Social Engineering 87

Security Affairs

FEBRUARY 26, 2025

“The exposure of admin panel authentication endpoints provides insight into how operators manage compromised systems and suggests that aspects of LightSpy’s infrastructure may be monitored or tracked through behavioral analysis of authentication flows. ” concludes the report.

Data collection 104

Data collection Spyware Media Surveillance 104

Security Affairs

MAY 13, 2024

” To defend against ransomware campaign like this one, NJCCIC provided the following recommendations: Security Awareness Training : Engage in security awareness training to enhance defense mechanisms and recognize potential signs of malicious communications. Reference the provided resources for establishing DMARC authentication.

Phishing 132

Phishing Ransomware Security Awareness Authentication 132

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 98

Phishing Cybercrime Authentication Advertising 98

Security Affairs

MARCH 12, 2021

Below the details of the ProxyLogon vulnerabilities: The first zero-day, tracked as CVE-2021-26855 , is a server-side request forgery (SSRF) vulnerability in Exchange that could be exploited by an attacker to authenticate as the Exchange server by sending arbitrary HTTP requests.

Cyber Attacks 143

Cyber Attacks Cybercrime Authentication Hacking 143

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. SecurityAffairs – SIM Hijacking, cybercrime). million). .”

Banking 144

Banking Cybercrime Mobile Accountability 144

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. companies for customers’ personal information.” Social Security Numbers, dates of birth, and victim addresses. platform, offered data were authentic according to the feds. SecurityAffairs – cybercrime, DEER.IO). Pierluigi Paganini.

Cybercrime 144

Cybercrime Advertising Hacking Accountability 144

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 124

Data breaches VPN Cloud Migration Malware 124

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The IT giant urged Windows administrators to install the released security updates as soon as possible.

Authentication 144

Authentication Advertising Architecture Cybercrime 144

Security Affairs

DECEMBER 17, 2024

Recommendations include timely patching, using strong and unique passwords, enabling multi-factor authentication, implementing security tools to detect abnormal activity, auditing accounts, scanning for open ports, segmenting networks, updating antivirus software, and creating offline backups.

Architecture 108

Architecture Internet Internet Malware 108

Security Affairs

OCTOBER 7, 2021

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates. “The identity authentication bypass vulnerability found in some Dahua products during the login process.

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

APRIL 18, 2024

LabRat was designed to capture two-factor authentication codes and credentials, allowing the criminals to bypass enhanced security measures.” A Melbourne man and an Adelaide man, who police will allege were LabHost users, were arrested during the warrants and charged with cybercrime-related offences. ” The U.K.

Phishing 129

Phishing Cybercrime Passwords Banking 129

Security Affairs

JANUARY 14, 2024

The investigation started in January 2023 when a cloud provider approached Europol and shared information regarding compromised cloud user accounts. ” continues the press release. .” ” continues the press release.

Cryptocurrency 135

Cryptocurrency Cybercrime Accountability Authentication 135