The company is working to restore normal business operations, but many online services remain inaccessible even after two weeks. It is still uncertain whether the cyber incident will have a significant impact on LoanDepot’s financial condition.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-23 16:08:412024-01-23 16:08:41Update: LoanDepot Says 16.6 Million Customers had ‘Sensitive Personal’ Information Stolen in Cyberattack
The agreement will facilitate the sharing of information and experience between the Israel National Cyber Directorate and the Czech National Cyber and Information Security Agency, including the possibility of internships.
The Securities and Exchange Commission (SEC) experienced an account takeover on Twitter due to a SIM swap attack, where the unauthorized party gained control of the SEC’s cell phone number.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-23 10:09:262024-01-23 10:09:26SEC Says X Account Hack was Due to SIM Swapping
Malicious Python packages on PyPI, such as nigpal, figflix, and seGMM, have been identified, with payloads designed to steal sensitive information from victims’ devices, particularly targeting Windows users.
Attackers can use stolen NTLM v2 hashes for offline brute-force attacks or authentication relay attacks, potentially compromising user accounts and gaining unauthorized access.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-23 08:07:232024-01-23 08:07:23Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
Organizations with outdated Confluence instances should treat them as potentially compromised, look for signs of exploitation, perform a thorough cleanup, and update to a safe version to mitigate the risk.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Update: LoanDepot Says 16.6 Million Customers had ‘Sensitive Personal’ Information Stolen in Cyberattack
/in General NewsThe company is working to restore normal business operations, but many online services remain inaccessible even after two weeks. It is still uncertain whether the cyber incident will have a significant impact on LoanDepot’s financial condition.
Cyware News – Latest Cyber News – Read More
Aircraft Lessor AerCap Confirms Ransomware Attack
/in General NewsAerCap confirms ransomware attack after emerging cybercrime gang lists the company on its leak website.
The post Aircraft Lessor AerCap Confirms Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Israel, Czech Republic Reinforce Cyber Partnership Amid Hamas War
/in General NewsThe agreement will facilitate the sharing of information and experience between the Israel National Cyber Directorate and the Czech National Cyber and Information Security Agency, including the possibility of internships.
Cyware News – Latest Cyber News – Read More
SEC Says X Account Hack was Due to SIM Swapping
/in General NewsThe Securities and Exchange Commission (SEC) experienced an account takeover on Twitter due to a SIM swap attack, where the unauthorized party gained control of the SEC’s cell phone number.
Cyware News – Latest Cyber News – Read More
Info Stealing Packages Hidden in PyPI
/in General NewsMalicious Python packages on PyPI, such as nigpal, figflix, and seGMM, have been identified, with payloads designed to steal sensitive information from victims’ devices, particularly targeting Windows users.
Cyware News – Latest Cyber News – Read More
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
/in General NewsAttackers can use stolen NTLM v2 hashes for offline brute-force attacks or authentication relay attacks, potentially compromising user accounts and gaining unauthorized access.
Cyware News – Latest Cyber News – Read More
Update: Hackers Start Exploiting Critical Atlassian Confluence RCE Flaw
/in General NewsOrganizations with outdated Confluence instances should treat them as potentially compromised, look for signs of exploitation, perform a thorough cleanup, and update to a safe version to mitigate the risk.
Cyware News – Latest Cyber News – Read More
Microsoft Falls Victim to Russia-Backed ‘Midnight Blizzard’ Cyberattack
/in General NewsRussian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs.
darkreading – Read More
National Cybersecurity Alliance Announces 2024 Data Privacy Week
/in General NewsPost Content
darkreading – Read More
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw
/in General NewsThousands of vulnerable servers may be open to cyberattacks exploiting the max-severity CVE-2023-46604 bug.
darkreading – Read More