๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #02/2024 is out! It includes the following and much more:
โ ๐ ๐ฝ Halara probes breach after hacker leaks data for 950,000 people
โ ๐ ๐ฅ #Mandiant's X Account Was Hacked Using Brute-Force Attack
โ ๐ ๐ต๐พ #Paraguay warns of Black Hunt #ransomware attacks after Tigo Business #breach
โ ๐บ๐ธ ๐ธ US SECโs X account hacked to announce fake #Bitcoin ETF approval
โ ๐ ๐จ๐ฆ Toronto Zoo: Ransomware attack had no impact on animal #wellbeing
โ ๐ Mortgage firm loanDepot #cyberattack impacts IT systems, payment portal
โ ๐ซ๐ฎ ๐ธ #Finland warns of Akira ransomware wiping NAS and tape #backup devices
โ ๐ฉ๐ฐ ๐ท๐บ #Sandworm probably wasnโt behind Danish critical infrastructure cyberattack, report says
โ ๐บ๐ฆ ๐ท๐บ Pro-Ukraine hackers breach Russian ISP in revenge for #KyivStar attack
โ ๐ซ๐ท ๐บ๐ธ French Computer Hacker Jailed in US
โ ๐ณ๐ฌ โ๏ธ Nigerian gets 10 years for laundering millions stolen from elderly
โ ๐น๐ท Turkish Hackers Exploiting Poorly Secured #MSSQL Servers Across the Globe
โ ๐น๐ท ๐ณ๐ฑ Turkish #Cyberspies Targeting Netherlands
โ โ๏ธ ๐ช๐บ #Microsoft Lets Cloud Users Keep Personal Data Within #Europe to Ease #Privacy Fears
โ ๐บ๐ธ ๐จ๐ณ #AI is helping US spies catch stealthy Chinese hacking ops, #NSA official says
โ ๐ฑ๐ง โ๏ธ Beirut Airport Screens Hacked with Anti-Hezbollah Message
โ ๐ธ๐ฆ Saudi Ministry exposed sensitive data for 15 months
โ ๐ฌ๐ท #Greece to Establish New Authority to Counter Cyber-Attacks
โ ๐ฉน #Siemens, #SchneiderElectric Release First #ICS Patch Tuesday Advisories of 2024
โ ๐ โ๏ธ New #Python-based FBot Hacking Toolkit Aims at #Cloud and #SaaS Platforms
โ ๐ฆ ๐บ #YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
โ ๐ฆ ๐ง #Linux devices are under attack by a never-before-seen worm
โ ๐ฆ ๐ณ๐ฑ Dutch Engineer Used Water Pump to Get Billion-Dollar #Stuxnet#Malware Into Iranian Nuclear Facility
โ ๐ก ๐ DSA removal from #OpenSSH
โ ๐ฉน #PatchTuesday
โ ๐ ๐ Actively exploited 0-days in #Ivanti VPN are letting hackers #backdoor networks
โ ๐ ๐ง Hackers can infect network-connected wrenches to install ransomware
โ ๐จ๐ณ ๐ #AirDrop cracked by #China, revealing phone number and email address of sender
โ ๐ฉน #QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
โ ๐ ๐ KyberSlash attacks put #quantum#encryption projects at risk
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
โ ๏ธ Mandiant's X Account Was Hacked Using Brute-Force Attack
แ @thehackernews
ใ "Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X's 2FA policy, we were not adequately protected," the threat intelligence firm said in a post shared on X ใ
Mandiant's X account was compromised through a brute-force password attack by a drainer-as-a-service (DaaS)* group. The account lacked two-factor authentication (2FA), which could have mitigated the attack.
*(DaaS): A Drainer-as-a-Service is a type of cyber attack where hackers sell access to their botnets, which are networks of computers controlled remotely.
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #01/2024 is out! It includes the following and much more:
โ ๐บ๐ธ ๐ผ๏ธ MAJOR US #MUSEUMS SUFFER #CYBERATTACK FALLOUT
โ ๐ช๐ธ ๐ก A โridiculously weakโ password causes disaster for #Spainโs No. 2 mobile carrier
โ ๐ ๐งฌ #23andMe tells victims itโs their fault that their data was breached
โ ๐ ๐ธ #OrbitChain loses $86 million in the last #fintech hack of 2023
โ ๐ ๐ ฟ๏ธ Europeโs Largest Parking App Provider Informs Customers of Data Breach
โ ๐ธ ๐ #Crypto wallet founder loses $125,000 to fake airdrop website
โ ๐บ๐ธ โ๏ธ US Says 19 People Charged Following 2019 Takedown of #xDedic Cybercrime Marketplace
โ ๐ต๐ธ ๐ฎ๐ฑ Palestinian Hackers Hit 100 Israeli Organizations in Destructive Attacks
โ ๐ โ Hacked #Mandiant X Account Abused for #Cryptocurrency Theft
โ ๐ณ๐ฌ ๐บ๐ธ โ๏ธ Nigerian hacker arrested for stealing $7.5M from charities
โ ๐ฆ๐ฑ ๐ก Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
โ ๐บ๐ธ The FBI is adding more cyber-focused agents to U.S. embassies
โ ๐บ๐ธ โ๏ธ Former #BreachForums admin to be jailed until Jan. 19 sentencing
โ ๐บ๐ธ ๐ฐ DOJ Slams #XCast with $10 Million Fine Over Massive Illegal Robocall Operation
โ ๐ท ๐ฅธ #Google Contractor Pays Parents $50 to Scan Their Childrens' Faces
โ ๐ฐ ๐ฅธ Google Settles $5 Billion #Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
โ ๐จ๐ณ ๐ณ๏ธ #Taiwan to reveal Chinese election interference after Saturdayโs vote
โ ๐ฆ ๐ฐ #Merck Settles #NotPetya Insurance Claim, Leaving #Cyberwar Definition Unresolved
โ ๐ฆ ๐ฐ๐ต SpectralBlur: New #macOS Backdoor Threat from North Korean Hackers
โ ๐ฆ ๐ 3 Malicious #PyPI Packages Found Targeting #Linux with Crypto Miners
โ ๐ฆ ๐ New Bandook #RAT Variant Resurfaces, Targeting #Windows Machines
โ ๐ฆ ๐ UAC-0050 Group Using New #Phishing Tactics to Distribute Remcos RAT
โ ๐ฆ ๐บ๐ฆ CERT-UA Uncovers New #Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
โ ๐ ๐ฆ Free Decryptor Released for #BlackBasta Ransomware
โ ๐ ๐จ #SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof #Emails
โ ๐ฉน #Ivanti warns critical EPM #bug lets hackers hijack enrolled devices
โ ๐ฉน Google Patches Six Vulnerabilities With First #Chrome Update of 2024
โ ๐ฉน ๐ก Millions still havenโt patched #Terrapin SSH protocol #vulnerability
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end โฌ๏ธ
Following the security breach, the cybercriminal created a counterfeit webpage on Mandiantโs account, mimicking the appearance of the official Phantom website.
๐จ Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2023 is out! It includes, but not only:
โฃ Hackers target vulnerable #Veeam#backup servers exposed online
โฃ #FBI queries for Americansโ digital data drops, yet advocates for surveillance reform remain undeterred
โฃ #OpenAI: #ChatGPT Back in #Italy After Meeting Watchdog Demands
โฃ Many Public #Salesforce Sites are Leaking Private Data
โฃ #NIST CSF 2.0 Core discussion draft released, stakeholder feedback invited
โฃ #Paperbug Attack: New Politically-Motivated Surveillance Campaign in #Tajikistan
โฃ #Linux version of RTM Locker #ransomware targets #VMware ESXi servers
โฃ New Atomic #macOS info-stealing #malware targets 50 crypto wallets
โฃ #Google Gets Court Order to Take Down #CryptBot That Infected Over 670,000 Computers
โฃ #Telegram restricted in #Brazil after refusal to supply user data to authorities
โฃ #Cisco discloses XSS zero-day flaw in server management tool
โฃ Ukrainian arrested for selling data of 300M people to Russians
โฃ Hackers are breaking into AT&T email accounts to steal #cryptocurrency
โฃ #Accenture, #IBM, #Mandiant join Elite Cyber Defenders Program to secure critical infrastructure
โฃ ATT&CK v13 April Updates
โฃ New Data Sharing Platform Serves as Early Warning System for #OTSecurity Threats
โฃ North Korean Hackers Target Mac Users With New โ#RustBucketโ Malware
โฃ New All-in-One "#EvilExtractor" Stealer for #Windows Systems Surfaces on the Dark Web
๐ This week's recommended book is: "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" by Nicole Perlroth
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday โฌ๏ธ