Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. A Scattered Spider phishing lure sent to Twilio employees.

Hacking 335

Hacking Cybercrime Phishing Passwords 335

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 234

Phishing Passwords Internet Internet 234

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. So, this is another big data breach that leaves us with more questions than answers. 2FA that relies on a FIDO2 device can’t be phished.

Data breaches 141

Data breaches Passwords Phishing Big data 141

The Last Watchdog

FEBRUARY 4, 2025

The impact of these exposures is evident: nearly a quarter of data breaches resulted from compromised identity data. million in related costs per breach and took the longest to identify and contain. Credential attacks led to $4.81

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Security Affairs

JANUARY 18, 2020

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow.

Cybercrime 143

Cybercrime Small Business Data breaches Mobile 143

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. TARGETED PHISHING. customers this month. Take a deep breath.

Passwords 363

Passwords Password Management Phishing Scams 363

The Last Watchdog

MARCH 19, 2025

SpyCloud , the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report , highlighting the rise of darknet-exposed identity data as the primary cyber risk facing enterprises today. SpyClouds collection of recaptured darknet data grew 22% in the past year, now encompassing more than 53.3

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

NOVEMBER 22, 2021

GoDaddy suffered a data breach that impacted up to 1.2 GoDaddy discloses a data breach that impacted up to 1.2 million of its customers, threat actors breached the company’s Managed WordPress hosting environment. The exposure of email addresses presents risk of phishing attacks. Pierluigi Paganini.

Data breaches 141

Data breaches Passwords Accountability Information Security 141

Security Affairs

MAY 28, 2024

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. The bank also warns clients to stay alert to phishing messages.

Data breaches 137

Data breaches Banking Ransomware Phishing 137

Security Affairs

APRIL 29, 2024

The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients’ personal and health information. The Los Angeles County Department of Health Services disclosed a data breach that impacted thousands of patients. Attackers obtained the credentials of 23 DHS employees.

Data breaches 140

Data breaches Phishing Hacking Cybercrime 140

Identity IQ

JANUARY 19, 2022

5 Data Breach Trends to Anticipate This Year. In its recent annual Data Breach Industry Forecast, credit reporting agency Experian made five predictions for cybercrime and data breach trends to expect this year. Here are five data breach and cybercrime trends to anticipate this year.

Data breaches 111

Data breaches Scams Cybercrime Phishing 111

SecureWorld News

MARCH 15, 2023

The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Tech Republic Security

NOVEMBER 22, 2023

Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia.

Cyber threats 212

Cyber threats Data breaches Phishing Ransomware 212

Security Affairs

OCTOBER 11, 2023

Airline Air Europa disclosed a data breach and warned customers to cancel their credit cards after threat actors accessed their card information. Air Europa has disclosed a data breach and issued a warning to its customers, advising them to cancel their credit cards due to unauthorized access by threat actors to their card information.

Data breaches 127

Data breaches Banking Phishing Hacking 127

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches 140

Data breaches Social Engineering Engineering Authentication 140

Security Affairs

OCTOBER 15, 2021

IT and consulting giant Accenture confirmed a data breach after the ransomware attack conducted by LockBit operators in August 2021. Global IT consultancy giant Accenture discloses a data breach after the LockBit ransomware attack that hit the company in August 2021. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches 131

Data breaches Ransomware Backups Hacking 131

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023. billion in 2022 to $4.57

Cybercrime 139

Cybercrime Internet Internet Scams 139

Malwarebytes

APRIL 2, 2024

” The data came to light a few weeks ago when it was put up for sale on an online cybercrime forum, but the seller, a hacker calling themselves “MajorNelson”, claimed it had been stolen from AT&T three years prior. Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Data breaches 145

Data breaches Passwords Phishing Accountability 145

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Security Affairs

DECEMBER 8, 2024

Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49 warn of PRC-linked cyber espionage targeting telecom networks U.S.

Artificial Intelligence 102

Artificial Intelligence Spyware Hacking Ransomware 102

Krebs on Security

JANUARY 30, 2024

” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug. According to an Aug.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

Security Affairs

JUNE 17, 2024

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the personal information of more than 200,000 was compromised after a data breach that occurred between February 19 and February 20, 2024.

Data breaches 104

Data breaches Phishing Insurance Accountability 104

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 137

Phishing Data breaches Cryptocurrency Social Engineering 137

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. The post US CISA releases guidance on how to prevent ransomware data breaches appeared first on Security Affairs. ” reads CISA’s guideline. Pierluigi Paganini.

Data breaches 122

Data breaches Ransomware Backups Technology 122

Security Affairs

MAY 4, 2025

CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog SentinelOne warns of threat actors targeting its systems and high-value clients Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024 VeriSource data breach impacted 4M individuals U.S. CISA adds Qualitia Active!

Cybercrime 71

Cybercrime Cyber Attacks Malware Phishing 71

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 111

Cryptocurrency Malware Hacking Ransomware 111

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 73

Small Business Cybersecurity Passwords Scams 73

Security Affairs

SEPTEMBER 20, 2022

American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. SecurityAffairs – hacking, data breach). Pierluigi Paganini.

Data breaches 98

Data breaches Accountability Phishing Hacking 98

Webroot

FEBRUARY 22, 2022

Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method. According to the latest IDG report, phishing attacks are on the rise. Testing yourself regularly with phishing campaigns can help you learn what to avoid.

Social Engineering 116

Social Engineering Engineering Cybercrime Hacking 116

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 116

Ransomware Cybercrime Phishing Banking 116

Security Affairs

AUGUST 22, 2021

T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised.

Data breaches 123

Data breaches Mobile Accountability Phishing 123

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. That breach came to light after a hacker began selling the records on a cybercrime forum. Image: customink.com In a filing today with the U.S.

Mobile 336

Mobile Accountability Data breaches Identity Theft 336

Security Affairs

JULY 19, 2024

The company warns that the stolen data can be used to carry out scams, phishing attacks, and identity theft against Australians.

Data breaches 132

Data breaches Unstructured Data Healthcare Identity Theft 132

Krebs on Security

AUGUST 25, 2023

And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. SIM-swapping groups will often call employees on their mobile devices, pretend to be someone from the company’s IT department, and then try to get the employee to visit a phishing website that mimics the company’s login page.

Mobile 238

Mobile Cyber Risk Data breaches Cryptocurrency 238

Security Affairs

AUGUST 8, 2022

Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. SecurityAffairs – hacking, data breach).

Data breaches 104

Data breaches Social Engineering Accountability Phishing 104

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. Anti-phishing protection Shields you from phishing attempts. Cybercrime is increasing at an alarming rate, targeting individuals and families just as often as businesses.

Antivirus 81

Antivirus Identity Theft Cyber threats Phishing 81