credentials
-
Blog
A ‘significant increase’ in infostealer malware attacks left 3.9 billion credentials exposed to cyber criminals last year – and experts worry this is a ticking time bomb for enterprises
Researchers have warned that billions of credentials exposed to cyber criminals were sourced from infostealer logs last year – and it’s created a ticking time bomb for enterprises as hackers begin cracking systems. KELA Cyber Threat Intelligence’s State of Cybercrime 2024 report singled out infostealers as a persistent threat that usually serve as “precursors to advanced attacks, including ransomware and…
Read More » -
Blog
Cisco warns of Webex for BroadWorks flaw exposing credentials
Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. Webex for BroadWorks integrates Cisco Webex’s video conferencing and collaboration features with the BroadWorks unified communications platform. While the company has yet to assign a CVE ID to track this security issue, Cisco says in a Tuesday security advisory that it already pushed…
Read More » -
Blog
Cloudflare Adopts Content Credentials for Image Authenticity
Cloudflare has integrated Content Credentials metadata into Cloudflare Images, the content delivery network firm announced on Feb. 3. First proposed in 2021 by the Coalition for Content Provenance and Authenticity (C2PA), Content Credentials identify whether an image was AI-generated, modified with AI, or photographed. About 20% of internet properties use Cloudflare, Content Authenticity Initiative Community Manager Jen Tse pointed out…
Read More » -
Blog
A new phishing campaign is exploiting Microsoft’s legacy ADFS identity solution to steal credentials and bypass MFA
Hackers are targeting organizations around the world that rely on Microsoft’s Active Directory Federation Services (ADFS) secure access system in an ongoing phishing campaign, according to new research. Analysis from Abnormal Security describes how Microsoft’s ADfS, a legacy single-sign-on (SSO) solution that allows employees to use one set of credentials to authenticate across multiple applications and environments, is being mimicked…
Read More » -
Blog
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. The data was leaked by the “Belsen Group,” a new hacking group first appearing on social media and cybercrime forums this month. To promote…
Read More » -
Blog
New macOS malware uses Apple’s own code to quietly steal credentials and personal data — how to stay safe
While Apple’s Macs aren’t targeted by hackers as often as Windows PCs, they’re far from impenetrable. Security researchers at Check Point Research recently pushed out an alert warning 100 million Apple users that a new variant of the infamous Banshee malware has been detected, capable of stealing browser credentials, cryptocurrency wallets, and other personal data. Check Point first uncovered the…
Read More » -
Blog
New Windows zero-day exposes NTLM credentials, gets unofficial patch
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. The flaw was discovered by the 0patch team, a platform that provides unofficial support for end-of-life Windows versions, and was reported to Microsoft. However, no official fix has been released yet. According to 0patch,…
Read More » -
Blog
Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security?
The head of security advocacy at Datadog, a cloud-based monitoring and analytics platform, has urged enterprises in Australia and the APAC region to accelerate phasing out long-lived credentials for popular hyperscale cloud services, warning that they remain a serious data breach risk. Speaking with TechRepublic, Andrew Krug highlighted findings from Datadog’s State of Cloud Security 2024 report, which identified long-lived…
Read More » -
Blog
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and reported it to Fortinet, but…
Read More » -
Blog
Chinese hackers use Quad7 botnet to steal credentials
Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting routers and networking devices from TP-Link,…
Read More »