Saturday, December 2, 2023

Verticalscope Hacked Second Time – 2.7 Million users Account Compromised

VerticalScope is an Internet media organization that gives scope and examination to technology, car, and games vertical markets.

The web forum consists of 45 million user accounts and the hack occurred the second time in two years according to the report by kerbs on Security.

LeakedSource is a search-engine capable of searching over 1.9 billion leaked records — an aggregation of data from hundreds of disparate sources.

You may search for yourself in the leaked VerticalScope Network database by visiting this page. If your personal information appears in our copy of the VerticalScope database, or in any other leaked database that we possess, you may remove yourself for free.

How does the Breach Happen

Hackers planted webshell to gain remote access to upload, delete or dump database such as usernames, passwords, email addresses associated with accounts.

The intruders obfuscated certain details in the screenshots that gave away exactly where the Web shells were hidden on Verticalscope.com, but that they forgot to blur out a few critical details — allowing him to locate at least two backdoors on Veriticalscope’s Web site.Holden said to krebsonsecurity.

VerticalScope data breach affected its top websites Jeepforum.com, Toyotanation.com and watchuseek.com.

“The intrusion granted access to each individual website files,” reads a statement shared by Verticalscope. “Out of an abundance of caution, we have removed the file manager, expired all passwords on the 6 websites in question, added the malicious file pattern and attack vector to our detection tools, and taken additional steps to lock down access.” Company Statement according to kerbs.

Nearly everything we do online require credentials in our modern world.To be secure, you’re relied upon to give each of these accounts a solid, unique password that you change consistently and store such that attacker couldn’t make use of it if stolen.

Passwords are the basic way to keep our data secure, easy to guess passwords and re-use of the password will increase the risk of being compromised.

Some of Very Recent Data Leaked

  1. Famous Cosmetic Company “Tarte” leaked 2 Million Customers Personal Data Online
  2.  Accenture Data Leak Exposed 137 Gigabytes of Highly Sensitive Data Online
  3.  Deloitte Hacked by Cyber Criminals and Revealed Client & Employee’s Secret Emails
  4. Leading research and advisory firms Forrester was hacked
  5. Disqus confirms it’s been hacked and more than 17.5 Million Users Details Exposed
  6. Gaming Service R6DB Database deleted By Hackers and held for Ransom
  7. Biggest Hack Ever – Each and Every Single Yahoo Account Was Hacked in 2013
  8. Pizza Hut Hacked – Users Reporting Fraudulent Transactions on their Cards
  9. Hyatt Hotels Data Breach Exposed 41 Hotel Customers Payment Card Information
  10. Verizon Wireless Confidential DataLeaked Accidentally by Its Employee
  11. 46.2 Million Malaysian’s Personal Data Leaked Online – Largest Data Breach Ever in Malaysian History
Website

Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles