Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. [...]
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. [...]
Company Is Sending Email Alerts to Customers Whose Data Was Accessed by HackersMicrosoft is alerting its customers whose data may have been accessed by Russian state hackers following a January attack that compromised the emails of company executives. Microsoft also shared a link to a custom-built secure system that customers can use to review their stolen data.
The Theft of Snowflake's Customers' Data Shows That Vendors Need Robust DefensesWho's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort
The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. [...]
The Black Suit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. [...]
Scammers Use Social Engineering and Phishing to Fool Workers and IT Help Desk StaffFederal authorities warn of social engineering and phishing scams - sometimes targeting IT help desk workers - that allow attackers to steal login credentials and access healthcare sector entities' IT systems so they can divert automated clearinghouse payments to bank accounts the attackers control.
James E. Lee of ITRC Discusses Key Trends Revealed in the 2023 Identity ReportFewer victims reported identity crimes in 2023, but the number of attempts to commit multiple identity crimes grew, according to the trends report released by the Identity Theft Resource Center. That means criminals are diversifying their methods and attempting to perform multiple types of misuse.
Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.
Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. [...]
Said to have zip tied elderly crypto investors, held them at gunpoint, and threatened to kill them The US has convicted the 24-year-old leader of an international robbery crew that kidnapped and terrorized wealthy victims during home invasions that were carried out to steal cryptocurrency tokens.…
Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. Except, the rumor has been quashed. [...]
Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer
Probe: Worker at speech-recog outfit Nuance wasn't locked out after firing Updated American healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit.…
Flash clobber chain fashionably late to Snowflake fiasco party Customer information said to have been stolen from Neiman Marcus's Snowflake instance has been put up for sale on the dark web for $150,000.…
Business is more lucrative than you might think The FBI says in just 12 months, scumbags stole circa $10 million from victims of crypto scams after posing as helpful lawyers offering to recover their lost tokens.…
According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum
Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks. [...]
The FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information. [...]
CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. [...]