Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Lessons for Everyone ...

 Firewall Daily

The first night of New Year brought in a terrifying moment for me that many professionals fear in the online realm: the hacking of their LinkedIn account. I had no idea that my account would be compromised, especially as I was just about to kick-start the new year on the professional front too. But this experience   show more ...

taught me an important lesson or two not just about online security, but also about the growing risks of LinkedIn account hacking.  It all began on the night of January 1. I logged into my LinkedIn account, as I usually do, to check any updates and connect with my professional network. However, I noticed something unusual—I couldn't access my account. At first, I thought it might be a temporary glitch, so I quickly switched to my laptop and tried opening my LinkedIn profile on Chrome. To my horror, my account was completely missing.  [caption id="attachment_99935" align="alignnone" width="1913"] Hackers Deleting Profile URLs after overtaking[/caption] Panic set in. I immediately attempted to reset my password, thinking that it was a simple login error. But no luck—my password reset attempt failed. At that moment, the reality hit: my LinkedIn account had been hacked.  Breakdown of My LinkedIn Account Hacking  As I struggled to regain access, I received an email from LinkedIn. The email stated that someone had tried to forcefully log into my account. Upon further inspection of the email, I discovered that my profile information had already been altered. My name had been changed to that of a woman named "Amy," and an Asian (likely from China) woman's photo had been added to my profile. [caption id="attachment_99929" align="aligncenter" width="600"] LinkedIn notification of new sign in[/caption] This was not just a simple case of a stolen password. This was an account takeover, executed by a hacker or potentially a hacker group. The situation was more unnerving than I initially realized, as I could not even log in to my own account.  Desperate to regain access to my account, I attempted to follow LinkedIn's recovery process. LinkedIn prompted me to verify my identity, which included submitting a government ID and going through facial recognition verification. Fortunately, I was able to complete this process with success.  Cyble, a cybersecurity firm, was instrumental in helping me in the recovery process. Their expertise and timely advice were crucial during this ordeal, and they also emphasized the importance of enabling two-factor authentication (2FA) to enhance my account's security.  A Cybersecurity Lesson Learned  Once I successfully regained access to my account, I discovered that the hackers had deleted all of my past experiences, posts, and other profile information. They replaced my profile details with fake information. The new profile bore the name "Amy," a fashion designer from Hong Kong. [caption id="attachment_99933" align="aligncenter" width="600"] Hackers changing user data after account takeover[/caption] The hacker made several changes, starting with the profile’s username, which was updated to “Amy ~.” They also altered the title, listing "Entrepreneur/Founder/Creative Director" as the new designation, and changed the location to London, England, United Kingdom.  Under the "About" section, the hacker added a detailed biography of the fake individual: "Hello, I am Amy Zhuang, a female fashion designer from Hong Kong, who has been passionate about fashion since childhood. I graduated from Oxford University College of Art and Design and have been deeply influenced by both Eastern and Western cultures, so I am able to blend traditional and modern elements in my designs to create unique pieces."  In addition to the profile information, the hacker also modified the "Experience" and "Education" sections. The personal experience section now read: Founder at Jilla Active (May 2017 – Present) in London, UK. The description added was: "Jilla Active is more than just activewear; it's about solidarity and community love. We encourage everyone to embrace an active lifestyle with fashion-forward, comfortable clothing." This change was made to present a professional, credible appearance.  The hacker also updated the education section with fake details about attending prestigious universities. The profile now claimed that the individual had studied at the University of Oxford in a postgraduate program for Literature & Art from 2008 to 2012. This made the account look even more legitimate, providing further deception to anyone who might review the profile.  The Widening Problem of LinkedIn Hacking  What I found concerning, however, was the realization that I wasn't alone. Many other LinkedIn users had faced the same ordeal of hacking and account takeover. In my research, I discovered that many of the hacked accounts were connected to a particular name: Jilla Active, a London-based women's activewear brand. While it’s unclear whether the company itself was involved, or if they were aware of the situation, the pattern was undeniable. It seemed that many hacked accounts had a connection to this brand.  The Cyber Express has reached out to the organization to learn if more incidents or individuals had reported of similar hacking incidents linked to their name. However, at the time of writing this, no official statement or response has been received. It became clear that hackers were targeting individuals with LinkedIn profiles connected to certain businesses or brands, especially those who may have had higher visibility or valuable connections. After hacking the accounts, they would quickly alter the name, email address, backup email, profile URL, and other details to make the profile appear completely different from the original.  The Importance of Two-Factor Authentication (2FA)  Through my recovery process, I learned a valuable lesson: two-factor authentication (2FA) is no longer optional; it's essential. Cyble repeatedly emphasized how 2FA could have prevented this breach. By requiring an extra layer of security beyond just a password, two-factor authentication can block most unauthorized login attempts, even if the hacker knows your password. This experience prompted me to immediately enable 2FA on all my accounts, including LinkedIn, to prevent any future hacking attempts. It’s a simple step that can save your accounts from being taken over by malicious individuals.  The hacking of LinkedIn accounts is becoming an increasingly common phenomenon. Hackers are not just stealing passwords anymore—they are taking full control of accounts, altering profiles, and using them for various malicious activities. These account takeovers are often linked to fraudulent business ventures, scamming individuals, or gaining access to sensitive professional networks.  In my case, the hacking of my LinkedIn account was a personal wake-up call. But after extensive research, I found that it wasn’t an isolated incident. Many others have been victims of LinkedIn hacking, and the trend appears to be growing.  Final Thoughts and Ongoing Investigation  While I have regained control of my LinkedIn account, the damage caused by the hackers is overwhelming. They erased my past posts, endorsements, and achievements, leaving only a shell of my professional presence. The incident is still under investigation, and I will continue to monitor the situation.  It's important to stay alert and aware of the threats that lurk online. The trend of LinkedIn account hacking is on the rise, and all professionals should take steps to secure their accounts. Enabling two-factor authentication, using strong, unique passwords, and regularly checking your account activity can help protect against this kind of cyberattack. As of now, The Cyber Express will continue to monitor this issue, and I will provide further updates as the investigation into these hacked accounts progresses. 

image for Proposed HIPAA Amend ...

 Feed

The changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.

 Feed

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems. The heavily obfuscated package, named ethereumvulncontracthandler, was published to npm on December 18, 2024, by a user

 Feed

German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of working for a foreign secret service. Dieter S. is also alleged to have participated in sabotage operations as well as taking pictures of military installations with an aim to endanger national security.

 Feed

Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform's OData Web API Filter, while the third vulnerability is rooted in the FetchXML

 Feed

In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS

 Cyber Security News

Source: www.lastwatchdog.com – Author: cybernewswire Palo Alto, Calif., Dec. 30, 2024, CyberNewswire — SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers   show more ...

aimed at taking over the Chrome Extension from the Chrome Store. On December 25th, 2024, a […] La entrada News alert: SquareX exposes OAuth attack on Chrome extensions — days before a major breach – Source: www.lastwatchdog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: sec.cloudapps.cisco.com – Author: . Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities Medium CVE-2024-20537 CVE-2024-20538 CVE-2024-20539 CWE-79 CWE-863 Download CSAF Email Summary Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a   show more ...

remote attacker to conduct an authorization bypass attack and cross-site scripting (XSS) attacks against a user of the web-based […] La entrada Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities – Source:sec.cloudapps.cisco.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Amy Cohn Are You Truly Harnessing the Power of NHIDR Solutions? It’s no secret that Non-Human Identities and Data Rights (NHIDR) solutions are crucial for maintaining a robust security system, particularly where cloud environments are involved. But do you fully grasp   show more ...

the potential that these tools can offer when it comes […] La entrada Take Control: Empowering Your Team with NHIDR Solutions – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: securityboulevard.com – Author: Amy Cohn Why Should We Manage Non-Human Identities and Secrets? Imagine a bustling international airport with countless travelers moving in every direction. Now, consider these travelers as your non-human identities (NHIs), each carrying a unique passport (the Secret).   show more ...

The airport, in this case, represents your cloud environment. To ensure a secure, […] La entrada Feel Reassured with Advanced Identity and Access Management – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: securityboulevard.com – Author: Amy Cohn Is Your Organization’s Trust in Cloud Technology Well-Placed? In this expanding digital landscape where businesses are heavily reliant on cloud technology, can we confidently assert that our data is safe in the cloud? Regardless of the size of your business,   show more ...

trust in cloud platforms should be reinforced. It is […] La entrada Trustworthy Cloud Platforms: Ensuring Secure Access – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Dancho Danchev Dear blog readers, In this post I’ll post some recent actionable intelligence on the Koobface botnet’s master Leded (Ded Mazai) and Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Koobface Botnet Master KrotReal.   show more ...

Leded primary email address account: [email protected] Primary domain: hxxp://moblave.com; hxxp://mobpaty.com Related domain registrations: hxxp://xmob-erotic.comhxxp://xerotic-mob.comhxxp://kinozal3d.comhxxp://mob-vids.comhxxp://mob-dating.nethxxp://mob-dating.comhxxp://mob-dating.orghxxp://mobcelebrity.nethxxp://mobcelebrity.orghxxp://tube4mob.comhxxp://mob-ka-next.comhxxp://mljsprivate.bizhxxp://xmusic-mp3.comhxxp://z-erovideo.comhxxp://z-kinozal3d.comhxxp://eromfpre.comhxxp://x-onlinekino.comhxxp://mp3prosto.comhxxp://prostofiles.comhxxp://online-kinoteatr.bizhxxp://mobile-vista.orghxxp://perfect-erotic.orghxxp://cool-erotic.orghxxp://super-erotic.orghxxp://amazing-erotic.orghxxp://good-erotic.orghxxp://nice-erotic.orghxxp://getgdz.nethxxp://v2mlcelery.comhxxp://mob-ka.comhxxp://salosbros.comhxxp://horomob.comhxxp://horomob.nethxxp://horomob.orghxxp://erotic-mobile.comhxxp://android-igru.bizhxxp://rusx.mobihxxp://horomob.bizhxxp://mtswapservice.com hxxp://eromfpre.comhxxp://v2mlcelery.com Sample photos of […] La entrada What Are Koobface Botnet Masters Leded (Ded Mazai) and Anton Nikolaevich Korotchenko (Антон Николаевич Коротченко) Koobface Botnet Master KrotReal Up To? – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Or Yair Author:  Or Yair, Security Research Team Lead SafeBreach Labs Researchers have developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability. Active   show more ...

Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational […] La entrada LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Nitzan Gursky Despite years of security awareness training, close to half of businesses say their employees wouldn’t know what to do if they received a phishing email. According to a US government-backed study, one of the main reasons for the lack of impact of cyber   show more ...

security training is “waning engagement and […] La entrada Combatting the Security Awareness Training Engagement Gap – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackerone.com – Author: Marten Mickos. With enough hackers, all security vulnerabilities are shallow. There is no better way to know the level of security of your systems than inviting a diverse community to report your weaknesses. For every find you hear of, you learn what to fix, and your cyber   show more ...

risk will go down […] La entrada More Hackers Means Less To Worry About – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.hackerone.com – Author: johnk. The past week capped off a record year of bug bounties for Oath, the media giant which boasts a slew of dynamic brands including Yahoo, AOL, Verizon Digital Media Services, and TechCrunch. In 2018, Oath has received over 1,900 valid vulnerabilities through its private   show more ...

bug bounty program, over 300 of […] La entrada Oath’s Big Year of Bug Bounties Capped off with NYC Live Hacking Event – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjacking is a technique that allows attackers to bypass protections on major websites by   show more ...

leveraging a double-click sequence. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all […] La entrada DoubleClickjacking allows clickjacking on major websites – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Telegram restricted access to Russian state-owned news channels in several European countries, including Poland, France, and Italy. Telegram blocked access to channels of multiple Russian state-owned news outlets across Europe, including Italy, Poland,   show more ...

Czechia, Belgium, France, the Netherlands, Greece, and Latvia. Some blocked Russian media outlets are RIA Novosti, NTV, Rossiya 1, […] La entrada Russian media outlets Telegram channels blocked in European countries – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini German authorities have charged three Russian-German nationals with suspicion of, among other things, secret service agent activity for the Russian government. German authorities have charged three Russian-German nationals on suspicion of activities   show more ...

including acting as secret service agents for the Russian government. On 9 December 2024, the Federal Prosecutor’s Office filed […] La entrada Three Russian-German nationals charged with suspicion of secret service agent activity – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini Lumen reports that the Salt Typhoon hacking group, which targeted at least nine U.S. telecom firms, was locked out of its network. This week, a White House official confirmed that China-linked APT group Salt Typhoon has breached a ninth U.S. telecoms   show more ...

company as part of a cyberespionage campaign aimed at telco firms worldwide. […] La entrada Lumen reports that it has locked out the Salt Typhoon group from its network – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini HHS OCR proposed updates to the HIPAA Security Rule to boost cybersecurity for electronic protected health information (ePHI). On December 27, 2024, the United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) proposed   show more ...

updates to the HIPAA Security Rule to enhance cybersecurity for electronic […] La entrada Proposed updates to HIPAA Security Rule mandate to restore the loss of certain relevant electronic information systems and data within 72 hours – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Communications Security

Source: www.csoonline.com – Author: News 02 Jan 20254 mins Communications SecurityData BreachTelecommunications Industry The serviceman is also alleged to be the third member of the hacking group responsible for breaching customers of data warehousing company Snowflake earlier in the year. Court documents   show more ...

unsealed Monday show that US authorities have arrested a 20-year-old soldier, Cameron John […] La entrada US soldier linked to Trump call log hack arrested in Texas – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: us.resources.csoonline.com – Author: Home Data and Information Security Foundry Editorial Register From the editors of CSO, this enterprise buyer’s guide helps IT security staff understand what SOAR can do for their organizations and how to choose the right solution. See more from Foundry Editorial   show more ...

Share on Categories Data and Information Security, Network Security, Security […] La entrada Download our security orchestration, automation, and remediation (SOAR) tools buyer’s guide – Source: us.resources.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-01
Aggregator history
Thursday, January 02
WED
THU
FRI
SAT
SUN
MON
TUE
JanuaryFebruaryMarch