Lucene search
K

40 matches found

The Hacker News
The Hacker News
added 2024/06/25 3:52 a.m.26 views

4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree

Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai aka Quynh Hoa and Bich Thuy, Nguyen Viet Quoc aka Tien Nguyen,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/16 4:15 p.m.49 views

Discord.io confirms theft of 760,000 members' data

Discord.io was/is a third party service that enables owners of Discord servers to create customized, personal Discord invites. After a preview of Discord.io's users database was posted on BreachForums, the owners have decided to shut down all Discord.io services "for the foreseeable future."...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/03/27 6:13 p.m.55 views

CVE-2023-23913

A flaw was found in Rails. rails-ujs may allow an attacker to perform Cross-Site Scripting XSS, which could lead to stolen information, phishing attacks, and other types of attacks...

7.5CVSS5.5AI score0.00632EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/03/07 1:58 p.m.45 views

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms

Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors since November 2022. "The threat actors behind the campaign are targeting Facebook business accounts by using...

1.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/17 2:0 a.m.24 views

Web skimmer found on website of Liquor Control Board of Ontario

On January 12, 2023, the Liquor Control Board of Ontario LCBO published a news release about a cybersecurity incident, affecting online sales through LCBO.com. It is one of the largest retailers and wholesalers of beverage alcohol in the world. Web skimmer The cybersecurity incident was a web...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/15 10:45 a.m.16 views

Uber data stolen via third-party vendor

Uber is facing a new cybersecurity incident after threat actors stole some of its data from Teqtivity, a third-party vendor that provides asset management and tracking services. "We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/20 1:30 p.m.17 views

Suspected LAPSUS$ group member arrested in Brazil

The Brazilian Federal Police have arrested a suspect after an investigation into last year's breach of the Brazilian Ministry of Health. Responsibility for the breach was claimed by the LAPSUS$ group, when users found a message stating that system data had been copied and deleted and was in the...

Exploits0
The Hacker News
The Hacker News
added 2022/06/02 6:39 a.m.29 views

DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services

The U.S. Department of Justice DoJ on Wednesday announced the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service DDoS attacks for hire. This includes weleakinfo.to, ipstress.in, and ovh-booter.com, the first of which...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/02 2:28 p.m.58 views

Ticketmaster To Pay $10 Million Fine For Hacking A Rival Company

Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems of a competitor repeatedly between 2013 and 2015 in an attempt to "cut the company off at the knees." A subsidiary of Live Nation, the California-based ticket sales and distribution...

Exploits0
ThreatPost
ThreatPost
added 2020/09/01 4:23 p.m.88 views

Magecart Credit-Card Skimmer Adds Telegram as C2 Channel

The e-commerce card-skimming landscape has a new wrinkle: Cybercriminals affiliated with the Magecart collective are using encrypted messaging service Telegram as a channel for sending stolen credit-card information back to its command-and-control C2 servers. That’s according to researchers who...

0.2AI score
Exploits0References10
The Hacker News
The Hacker News
added 2020/07/15 12:39 p.m.45 views

4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide

Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe. Collectively called the "Tetrade" by Kaspersky researchers, the malware families — comprising Guildma,...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/31 3:14 p.m.73 views

Millions of Guests Impacted in Marriott Data Breach, Again

For the second time in two years, the Marriott hotel empire has suffered a major data breach. This time, approximately 5.2 million guests have been affected. The attack was carried out via third-party software that Marriott’s hotel properties use to provide guest services, according to an online...

7AI score
Exploits0References21
ThreatPost
ThreatPost
added 2019/09/13 4:6 p.m.167 views

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious activities – thus evading usually...

7AI score
Exploits0References6
Krebs on Security
Krebs on Security
added 2019/03/04 10:11 p.m.63 views

Hackers Sell Access to Bait-and-Switch Empire

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2018/10/15 2:35 p.m.79 views

Facebook Offers Details on ‘View As’ Breach, Revises Numbers

The data breach first disclosed by Facebook in September has directly impacted the access tokens of 30 million accounts, the social media giant confirmed Friday. Facebook recently admitted that hackers exploited a flaw in its “View As” feature, which lets users see what their profiles look like...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/10/01 11:56 a.m.16 views

Dark Web Azorult Generator Offers Free Binaries to Cybercrooks

A malicious build-it-yourself platform for the Azorult info-stealing malware has debuted on the Dark Web. The online builder, which its authors have named Gazorp, allows cybercriminals to generate their very own strains of Azorult, along with the apparatus to control it. And, it’s free. “Threat...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/03/26 11:54 a.m.13 views

FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign

The United States Department of Justice announced charges against nine Iranians accused of stealing private data from U.S. universities, private companies and U.S. government agencies. FBI Deputy Director David Bowdich said in a statement that the state-sponsored hackers worked for more than four...

7.1AI score
Exploits0References6
Check Point Advisories
Check Point Advisories
added 2018/01/10 12:0 a.m.4 views

Western Digital MyCloud Remote Code Execution (CVE-2017-17560)

A remote code execution vulnerability exists within Western Digital MyCloud servers. This is due to the way the MyCloud servers handle file uploads to specific directories. A successful attack could lead to a remote code execution and stolen information...

10CVSS4.2AI score0.73404EPSS
Exploits6
Imperva Blog
Imperva Blog
added 2018/01/04 4:37 p.m.31 views

Our Analysis of 1,019 Phishing Kits

In recent years phishing activity has grown rapidly, with thousands of phishing sites popping for a virtual moment that last weeks, days or even hours, before becoming ineffective—either getting blacklisted by security providers, or brought down by internet providers and authorities, or in most...

7.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2018/01/02 12:0 a.m.5 views

Samsung Internet Browser SOP Bypass (CVE-2017-17692)

A SOP bypass vulnerability exists within the Samsung internet browser. This vulnerability is due to the way the browser handles its same origin policy. A successful attack could lead to stolen information...

5CVSS1.2AI score0.78843EPSS
Exploits7
Rows per page
Query Builder