A recent phishing scam Attack.Phishing is targeting businesses and consumers who use Office 365 email services . Fraudsters are gaining access Attack.Databreach to Office 365 accounts by stealing Attack.Databreach login credentials obtained Attack.Databreach using convincing fake login screens . Fraudster email attacks Attack.Phishing are becoming increasingly sophisticated – often appearing to be sent from Attack.Phishing a business , organization , or individual the victim normally emails or does business with . The fictitious emails contain malicious links or attachments that redirect Attack.Phishing the victim to a fake login page asking for their email username and password . Once the information is entered , fraudsters then use the stolen credentials to log into Office 365 and send Attack.Phishing fraudulent emails to the victim ’ s contact list , perpetuating the scam . If you use Office 365 for email , we encourage you to be extra vigilant . Emails containing hyperlinks or attachments that require additional actions by you should be carefully vetted before proceeding . If you are unsure if an email you received is legitimate , do not click on any links , attachments , or provide any information . We also encourage you to contact any of your email contacts via phone or a safe email address to inform them that your email account has been compromised Attack.Databreach and to let them know they may receive Attack.Phishing fraudulent emails appearing to be sent Attack.Phishing by you . While Office 365 is the most recent phishing target , these types of scams regularly impact other email applications and platforms as well . Always be cautious when opening any emails that were not expected , are coming from someone you do not know , and contain links or attachments you were not expecting . Take advantage of added security measures that your email provider offers .. If you ever feel information related to your financial accounts with us has been compromised Attack.Databreach , please notify us immediately so that we can assist you with protecting your accounts and notifying the appropriate authorities .

The top U.S. spy agency is going public with concerns about the latest document dump Attack.Databreach by the online whistle-blower organization WikiLeaks , warning that all Americans should be `` deeply concerned '' about the potential fallout . A spokesman for the U.S. Central Intelligence Agency refused to comment Wednesday on the authenticity of the 8,771 documents , but argued there could be little doubt about WikiLeaks ' intentions `` to damage the Intelligence Community 's ability to protect America against terrorists and other adversaries . '' `` Such disclosures not only jeopardize U.S. personnel and operations , but also equip our adversaries with tools and information to do us harm , '' CIA spokesman Jonathan Liu said in a statement . White House press secretary Sean Spicer also expressed alarm Wednesday , telling reporters the U.S. `` will go after people who leak Attack.Databreach classified information . '' `` This is the kind of disclosure that undermines our security , our country and our well-being , '' he told reporters , adding President Donald Trump is `` extremely concerned . '' Review of documents Like the CIA , Spicer refused to confirm the authenticity of the WikiLeaks documents . But several cybersecurity experts and former intelligence officials who reviewed them told VOA that they appeared to be real . WikiLeaks said it obtained Attack.Databreach the documents from a former U.S. government hacker . And a U.S. intelligence official told VOA , on condition of anonymity , that it appeared a CIA contractor might have been the source . `` There 's always someone with the permissions to do this sort of thing , '' said Alex McGeorge , the head of Threat Intelligence at Immunity Inc. , a cyber firm that does some work with government agencies . McGeorge also said that while the disclosures were damaging , WikiLeaks ' claim that the documents dump Attack.Databreach represented the CIA 's `` entire hacking capacity '' was most likely overblown . `` What we currently have in this dump does n't provide a whole lot , '' he said . Many of the WikiLeaks documents appeared to be online transcripts of conversations between intelligence agency employees working to exploit software to turn digital devices — such as mobile phones like Apple or Android smartphones , or even Samsung 's smart televisions — into listening devices . Limiting damage But at least for now , WikiLeaks appears to be limiting the damage . `` They did n't disclose the code , at least , and populate the marketplace with what we would consider cyberweapons left on the battlefield that can be reverse-engineered and used against us , '' said Jeff Bardin , CIO of the cybersecurity firm Treadstone 71 and a former member of U.S. Air Force intelligence . In its statement Tuesday , WikiLeaks said it was only holding off on releasing the critical codes `` until a consensus emerges on the technical and political nature of the CIA 's program and how such weapons should be analyzed , disarmed and published . '' Even more worrisome for some current and former U.S. and Western officials , though , is the possibility of Russian involvement . `` I 'm now pretty close to the position that WikiLeaks is acting as an arm , as an agent of the Russian Federation , '' former CIA Director Michael Hayden , a retired Air Force general , told CNN Wednesday . Other former officials noted Russia was on the short list of countries capable of foiling the CIA 's cyber efforts . `` It is in Russia 's interest to see the CIA discredited , '' former British cybersecurity official Jonathan Shaw said Tuesday , following the WikiLeaks disclosure . A January report by the U.S. intelligence community also concluded with `` high confidence '' there was an ongoing relationship between Russian intelligence and WikiLeaks

A new band of hackers , styling itself the “ Turkish Crime Family ” , is claiming it has secured the details of some 200m iCloud accounts and that if Apple doesn’t pay Attack.Ransom a whopping $ 75,000 bitcoin or ethereum ransom Attack.Ransom ( or $ 100,000 in iTunes gift cards ) it will wipe the lot . First , Apple says its systems haven’t been breached Attack.Databreach . The company told Naked Security : There have not been any breaches Attack.Databreach in any of Apple ’ s systems including iCloud and Apple ID . The alleged list of email addresses and passwords appears to have been obtained Attack.Databreach from previously compromised Attack.Databreach third-party services . So 200m accounts obtained Attack.Databreach from previously compromised Attack.Databreach third party services is OK ? Obviously not , but there ’ s no suggestion that Apple itself is responsible for any compromised security . The Turkish Crime Family itself appears to be new on the security scene , believed to have started life in Istanbul but now resident in Green Lanes , north London , according to one report . Helpfully , the organisation has a Twitter account . Another curious facet of the alleged breach is that asking for payment Attack.Ransom in extremely traceable iTunes vouchers seems more than slightly curious ; why would you not ask for something with a less clean audit trail ? The group itself disputes the amount that ’ s been reported and blames a media relations operative ( presumably the same one who put an email address for media inquiries on the Twitter profile ) : This sum of $ 75,000 is incorrect , this was submitted by one of our old media guys that is not a part of our group . The sum is a lot higher The organisation has posted what it claims is video evidence to the Motherboard site . David Kennerley , director of threat research at Webroot , is among the first to wonder whether the threat is actually real . There are a lot of questions that need to be answered such as , do these hackers really have access Attack.Databreach to the data they claim ? How did they get hold of such a large amount of data ? Finally , there are still people who believe their Apple hardware is completely safe from malware just because it ’ s Apple . It ’ s great kit and it works beautifully but nobody is safe Logging into and erasing 200 million accounts would take some time . If it started happening , Apple could easily block the attack . Also , they ’ d have to have some sort of server or admin-level access to be able to wipe or delete accounts , or even a single server ’ s-worth of accounts . The Turkish Crime Family having that level of access would either entail an incredibly serious , hitherto unknown breach in Apple ’ s defenses ( improbable ) , or the help of someone on the inside ( more likely , but still doubtful ) . If an Apple user wasn ’ t backing up their entire device to the Apple Cloud , a device that was wiped wouldn ’ t have everything for Apple to restore . I suspect there are quite a few users that don ’ t do Cloud backups , or only back up a portion of their data .

Apple is reassuring customers that its systems have not been breached Attack.Databreach while a hacker , or hackers , threaten to remotely wipe hundreds of millions iPhones of all their data , including photos , videos , and messages . The hackers are using an alleged cache of stolen email accounts and passwords as leverage in an attempt to extort Attack.Ransom the world ’ s most valuable company . They claim to have access Attack.Databreach to as many as 559 million Apple email and iCloud accounts , Vice blog Motherboard reported on Tuesday . The group , calling itself “ Turkish Crime Family , ” said it would delete its alleged list of compromised login credentials only after Apple pays Attack.Ransom it $ 75,000 in cryptocurrency , either Bitcoin or rival Ether , or $ 100,000 worth of iTunes gift cards , Motherboard reported . The group has given Apple ( aapl ) a deadline of April 7 to meet its demands . Though Apple has not officially confirmed the authenticity of the data that the hackers say they have , an Apple spokesperson told Fortune in an emailed statement that , if the list is legitimate , it was not obtained Attack.Databreach through any hack Attack.Databreach of Apple . “ There have not been any breaches Attack.Databreach in any of Apple ’ s systems including iCloud and Apple ID , ” the spokesperson said . “ The alleged list of email addresses and passwords appears to have been obtained Attack.Databreach from previously compromised Attack.Databreach third-party services ” . A person familiar with the contents of the alleged data set said that many of the email accounts and passwords contained within it matched data leaked Attack.Databreach in a past breach Attack.Databreach at LinkedIn . The company representative declined to elaborate on what steps Apple had taken to monitor the situation . The spokesperson merely noted that such measures , whatever they may be , are “ standard procedure ” . Apple customers who secure their iCloud accounts with the same passwords they use on other online accounts—especially ones at LinkedIn , Yahoo ( yhoo ) , Dropbox , and other sites recently revealed to have suffered big breaches over the past few years—should adopt new passwords that are long , strong , and unique . Many security experts also recommend storing them in a password manager , and activating two-factor authentication , an additional layer of security , where available .

On April 14 , the company disclosed to the California attorney general that a December 2015 breach Attack.Databreach compromised Attack.Databreach more sensitive information than first thought . It also disclosed new attacks Attack.Databreach from earlier this year that exposed Attack.Databreach names , contact information , email addresses and purchase histories , although the retailer says it repelled most of the attacks . The dual notifications mark the latest problems for the company , which disclosed in early 2014 that its payment systems were infected with malware that stole Attack.Databreach 350,000 payment card details . Over the past few years , retailers such as Target , Home Depot and others have battled to keep their card payments systems malware-free ( see Neiman Marcus Downsizes Breach Estimate ) . The 2015 incident started around Dec 26 . In a notification to California about a month later , the retailer said it was believed attackers cycled through login credentials that were likely obtained Attack.Databreach through other data breaches Attack.Databreach . A total of 5,200 accounts were accessed Attack.Databreach , and 70 of those accounts were used to make fraudulent purchases . Although email addresses and passwords were not exposed Attack.Databreach , the original notification noted , access Attack.Databreach to the accounts would have revealed names , saved contact information , purchase histories and the last four digits of payment card numbers . The affected websites included other brands run by Neiman Marcus , including Bergdorf Goodman , Last Call , CUSP and Horchow . According to its latest notification , however , Neiman Marcus Group now says full payment card numbers and expiration dates were exposed Attack.Databreach in the 2015 incident Attack.Databreach . The latest attack disclosed by Neiman Marcus Group , which occurred around Jan 17 , mirrors the one from December 2015 . It affects the websites of Neiman Marcus , Bergdorf Goodman , Last Call , CUSP , Horchow and a loyalty program called InCircle . Again , the company believes that attackers recycled other stolen credentials in an attempt to see which ones still worked on its sites . It appears that some of the credentials did unlock accounts . The breach Attack.Databreach exposed Attack.Databreach names , contact information , email addresses , purchase histories and the last four digits of payment card numbers . It did n't specify the number of accounts affected . The attackers were also able to access Attack.Databreach some InCircle gift card numbers , the company says . Web services can slow down hackers when suspicious activity is noticed , such as rapid login attempts from a small range of IP addresses . Those defensive systems can be fooled , however , by slowing down login attempts and trying to plausibly geographically vary where those attempts originate . For those affected by the January incident , Neimen Marcus Group is enforcing a mandatory password reset . It 's an action that 's not undertaken lightly for fear of alienating users , but it 's a sign of how serious a service feels the risk is to users or customers . The company also is offering those affected a one-year subscription to an identity theft service .

Online gaming company Reality Squared Games ( R2Games ) has been compromised Attack.Databreach for the second time in two years , according to records obtained Attack.Databreach by the for-profit notification service LeakBase . The hacker who shared the data with LeakBase says the attack Attack.Databreach happened earlier this month . Headquartered in Shenzhen , China , R2Games operates a number of free-to-play , micropayment-driven games on iOS and Android , as well as modern browsers . The company currently supports 19 online games , and claims over 52 million players . In December of 2015 , stretching into July of 2016 , more than 22 million R2Games accounts were compromised Attack.Databreach , exposing Attack.Databreach IP addresses , easily cracked passwords , email addresses , and usernames . The company denied the breach reports , telling one customer that `` R2Games is safe and secured , and far from being hacked Attack.Databreach . '' The hacker claims all forums were compromised Attack.Databreach , in addition to the Russian version of r2games.com . The latest record set includes usernames , passwords , email addresses , IP addresses , and other optional record fields , such as instant messenger IDs , birthday , and Facebook related details ( ID , name , access token ) . LeakBase shared the most recent records with Troy Hunt , a security researcher and owner of the non-profit breach notification website `` Have I Been Pwned ? '' ( HIBP ) . Hunt checked the data by testing a small sample of email addresses and usernames against the password reset function on R2Games . Every address checked was confirmed as an existing account . From there , Hunt did some number crunching . There were 5,191,898 unique email addresses in the data shared by LeakBase . However , 3,379,071 of those email addresses were using mail.ar.r2games.com or mail.r2games.com ; and another 789,361 looked generated , as they were all [ number ] @ vk.com addresses . LeakBase speculates that the r2games.com addresses are the result of registrations from third-party services . After stripping the questionable addresses Hunt was left with 1,023,466 unique email addresses to load into HIBP . Of this set , 482,074 have been seen before in other breaches , leaving 541,392 new entries for his index – and new notifications for 1,105 subscribers . When asked about the passwords , Hunt told Salted Hash many of them are MD5 with no salt , but a large number of them have a hash corresponding to the password `` admin '' and a few hundred thousand others are using the plain text word `` sync '' . `` The observation I 'd make here is that clearly , they do n't seem to be learning from previous failures . The prior incident should really have been a wake-up call and to see a subsequent breach not that long after is worrying . Perhaps the prior denials are evidence that they just do n't see the seriousness in security , '' Hunt said , when asked his opinion about the latest R2Games data breach Attack.Databreach . Salted Hash reached out to R2Games , but the company did n't respond to questions . Emails were sent to support , as well as recruiting and sales , on the off chance someone could direct them to the proper resources . For their part , LeakBase said since this data breach Attack.Databreach is n't in the public domain , they will not add the records to their service and it will not be searchable . However , they do plan to email impacted users and inform them of the incident . HIBP has been updated , and those changes are live now . If you 're an R2Games player , it might be wise to change your password and make sure the old password is n't used on any other websites . Also , keep an eye out for gaming related offers and emails , as well as `` notifications '' from domains that are n't related to R2Games itself - as those could be scammers looking to cash-in on the breach . While the hacked data is n't public yet , there 's nothing preventing the person who shared it with LeakBase from selling it or trading it .

Israeli mobile forensics firm Cellebrite has announced that it has suffered a data breach Attack.Databreach following an unauthorized access to an external web server . “ The impacted server included a legacy database backup of my.Cellebrite , the company ’ s end user license management system . The company had previously migrated to a new user accounts system . Presently , it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system , ” the company stated , and added that it is still investigating the attack . They are also notifying affected customers , and advising them to change their passwords . The confirmation comes a few hours after Motherboard released Attack.Databreach general information about 900 GB of data that they obtained Attack.Databreach and has supposedly been stolen Attack.Databreach from the firm . The cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company ’ s my.cellebrite domain , ” the publication noted . “ The dump Attack.Databreach also contains what appears to be evidence files from seized mobile phones , and logs from Cellebrite devices ” . The hacker that shared the data with the publication and is apparently behind the breach also noted that access to the compromised servers has been traded among hackers in IRC chat rooms , so it ’ s possible that other persons have exfiltrated Attack.Databreach potentially sensitive data . “ The Cellebrite breach Attack.Databreach shows that anyone can be hacked , even firms whose bread and butter is data exfiltration Attack.Databreach . And Cellebrite isn ’ t the first organization of this type to be targeted – Hacking Team and Gamma International have both experienced similar attacks by groups opposed to government surveillance , ” Tony Gauda , CEO of ThinAir , commented for Help Net Security . “ While the 900 GB of data hasn ’ t been released publicly , it ’ s safe to assume that the information is highly sensitive . Besides customer information , the hackers managed to retrieve Attack.Databreach technical data , which could have serious repercussions if it were to fall into the wrong hands . Incidents such as this are the cyber equivalent of robbing a gun store , and I wouldn ’ t be surprised if the proprietary info stolen Attack.Databreach eventually made its way online . Demand for advanced hacking tools and techniques has never been higher and until these firms start securing their digital arsenals with technology capable of rendering data useless when it ’ s compromised , they will continue to find themselves in the crosshairs of hackers ” . Cellebrite ’ s name has become widely known after reports that the company has been asked for help to exfiltrate data Attack.Databreach from the locked iPhone belonging to Syed Farook , one of the San Bernardino shooters

Another presidential election , another massive data dump Attack.Databreach seemingly intended to sabotage a center-left candidate . But in the case of France 's impending runoff , slated for Sunday , the latest leak Attack.Databreach of emails appears far more slap-dash than the Russian hacks and leaks Attack.Databreach that plagued Hillary Clinton 's campaign . And in this case , they 're timed to prevent the target of those leaks from even having a chance to respond . On Friday , a collection of links to torrent files appeared on the anonymous publishing site PasteBin . The 9GB trove purports to be an archive of leaked emails from the party of Emmanuel Macron , the left-leaning candidate currently favored to win France 's impending runoff election against far-right opponent Marine Le Pen . The latest data dump Attack.Databreach comes less than 48 hours before France 's election , possibly too late to shift its outcome—at least to the degree that the hacks of the DNC and Clinton campaign chairman John Podesta did in the months leading up to the US election . Its timing so close to the runoff could still prove strategic , as French law forbids candidates from speaking publicly for two days ahead of an election . That timing could prevent Macron himself from responding to any scandal that surfaces in the data dump Attack.Databreach , real or fabricated . In a statement , Macron ’ s political party confirmed that hackers had compromised Attack.Databreach it . `` The En Marche party has been the victim of a massive , coordinated act of hacking Attack.Databreach , in which diverse internal information ( mails , documents , accounting , contracts ) have been broadcast this evening on social networks , '' reads a public statement in French from the Macron campaign . `` The files which are circulating were obtained Attack.Databreach a few weeks ago thanks to the hacking Attack.Databreach of the professional and personal email accounts of several members of the campaign . '' Late last month , the security firm Trend Micro noted in a report that the Macron campaign appeared to be a target of the Russian-government-linked hacker group Fancy Bear , also known as Pawn Storm or APT 28 . The firm 's researchers found a phishing domain created by the hacker group in March , designed to target the campaign by impersonating Attack.Phishing the site that En March uses for cloud data storage . At the time , the Macron campaign claimed that that hacking attempts had failed . On Friday morning , users of the anonymous forum 4Chan had also purported to have published evidence of Macron 's tax evasion , though those claims were also unverified , and it 's not clear if they 're connected to the current leak . In the wake of Russian hackers ' attempt to sway the US election , which remains the subject of two Congressional investigations , the cybersecurity community has warned that the Kremlin may attempt similar tricks to swing elections towards its favored candidates in the French and upcoming German elections , too . Former British intelligence staffer Matt Tait warned that regardless of what it contains , the simple fact of the data dump Attack.Databreach achieves certain objectives . `` By all means , look through them , '' he wrote on Twitter . `` But do [ so ] with your eyes open and knowing that you 're being played for free negative coverage/headlines . '' The Macron campaign compared the hacking directly to the hacker targeting of Clinton campaign . `` Intervening in the last hour of an official campaign , this operation clearly seeks to destabilize democracy , as already seen in the United States ' last president campaign , '' the statement reads . `` We can not tolerate that the vital interests of democracy are thus endangered . ''

OneLogin has revealed more about the attack Attack.Databreach on its systems , confirming that a `` threat actor '' had accessed Attack.Databreach database tables including `` information about users , apps , and various types of keys . '' It warned once again that the malefactor , who was able to rifle through OneLogin 's infrastructure for seven hours , may have been able to decrypt customer data . The company said : Our review has shown that a threat actor obtained access Attack.Databreach to a set of AWS keys and used them to access the AWS API from an intermediate host with another , smaller service provider in the US . Evidence shows the attack started on May 31 , 2017 around 2 am PST . Through the AWS API , the actor created several instances in our infrastructure to do reconnaissance . OneLogin staff was alerted of unusual database activity around 9 am PST and within minutes shut down the affected instance as well as the AWS keys that were used to create it . One customer affected by the OneLogin attack told Ars that he was having to `` rebuild the whole authentication security system ... OUCH ! '' OneLogin told fretful customers in an internal notification that they would need to work through a number of steps to secure their accounts , including generation of new API credentials and OAuth tokens . Any users served by the firm 's US data centre have been hit by the breach , OneLogin said . `` While we encrypt certain sensitive data at rest , at this time we can not rule out the possibility that the threat actor also obtained Attack.Databreach the ability to decrypt data , '' OneLogin said . `` We are thus erring on the side of caution and recommending actions our customers should take , which we have already communicated to our customers . '' OneLogin has admitted that the single sign-on ( SSO ) and identity management firm has suffered a data breach Attack.Databreach . However its public statement is vague about the nature of the attack . An e-mail to customers provides a bit of detail—warning them that their data may have been exposed . And a support page that is only accessible to OneLogin account holders is even more worrying for customers . It apparently says that `` customer data was compromised Attack.Databreach , including the ability to decrypt encrypted data . '' OneLogin—which claims to offer a service that `` secures connections across all users , all devices , and every application '' —said on Thursday that it had `` detected unauthorised access '' in the company 's US data region . It added in the post penned by OneLogin CISO Alvaro Hoyos : We have since blocked this unauthorised access , reported the matter to law enforcement , and are working with an independent security firm to determine how the unauthorised access happened and verify the extent of the impact of this incident . We want our customers to know that the trust they have placed in us is paramount . While our investigation is still ongoing , we have already reached out to impacted customers with specific recommended remediation steps and are actively working to determine how best to prevent such an incident from occurring in the future and will update our customers as these improvements are implemented . It has given customers a long list of actions to protect their accounts following the attack . It 's unclear why it is that OneLogin has provided three different sets of information to its customers . It 's possible the company was hoping to only disclose more detail to those directly affected by the attack to avoid revealing potential weaknesses that may have exposed the data in the first place . But that attempt to keep the information under wraps has clearly backfired as customers scramble to secure their accounts . This is the second data breach Attack.Databreach that OneLogin has suffered within the past year . Last August it warned customers of a cleartext login bug on its Secure Notes service , after `` an unauthorised user gained access to one of our standalone systems , which we use for log storage and analytics . '' Hoyos apologised for that particular breach . `` We are making every effort to prevent any similar occurrence in the future , '' he said at the time .

A breach of the Clash of Clans creator has exposed credentials for forum users . Supercell , the force behind that popular mobile game and others , said Vulnerability-related.DiscoverVulnerability that a vulnerability in the software it uses to run its forums allowed third-party hackers to gain illegal access to some forum user information , including a number of emails and encrypted passwords . To provide its forum service , it uses software from vbulletin.com . The company said that its preliminary investigation suggests that the breach happened in September 2016—and that it has since been fixed . “ We take any such breaches very seriously and we follow very strict policies when it comes to security , ” Supercell said in a statement . “ Please note that this breach only affects our Forum service . Game accounts have not been affected. ” Avast Threat Labs senior malware analyst Jan Sirmer commented via email on the danger of attacks like these . “ The forum administrators in this case do bear some responsibility—the vBulletin software being used to host the Supercell forum was out-of-date , and it ’ s up to the administrators to keep software like that up-to-date , ” he said . “ Online gamers are vulnerable to these kind of hacks because they provide their data to third parties—but the same is true for everyone who uses any online service. ” Users should change the password they ’ re using on the forum as soon as possible , along with the password in any other systems they ’ re using with the same login . “ The information the hackers obtained Attack.Databreach can either be used by the hackers themselves or sold on the darknet for other hackers to abuse , ” Sirmir said . “ As many people use the same login credentials to log in to online services , hackers try to use login credentials they get to gain access Attack.Databreach into other accounts . ”