#credential-compromise

[ follow ]
#oauth-abuse #phishing-campaigns #malware-delivery #government-targeting #generative-ai #fortigate
Information security
fromTheregister
12 hours ago

Microsoft OAuth scams abuse redirects for malware delivery

Microsoft warns of ongoing OAuth abuse scams using phishing emails and URL redirects to deliver malware and compromise organizational devices, primarily targeting government and public-sector entities.
Information security
fromThe Hacker News
1 week ago

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking financially motivated actor used commercial generative AI to compromise 600+ FortiGate devices in 55 countries by exploiting exposed management ports and weak credentials.
fromThe Hacker News
3 months ago

Enterprise Credentials at Risk - Same Old, Same Old?

Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization's cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she's just made a big mistake. Sarah just accidentally handed over her login details to cybercriminals who are laughing all the way to their dark web marketplace, where they'll sell her credentials for about $15. Not much as a one-off, but a serious money-making operation when scaled up.
Information security
Information security
fromComputerworld
3 months ago

Nikkei's Slack breach leaks sensitive data from more than 17,000 users

Compromised employee authentication and use of personal devices for Slack access exposed Nikkei to attackers, revealing weak IT/IS risk management and credential protection.
fromTheregister
5 months ago

How big a Drift? Cloudflare cops to Salesloft Drift breach

Because of this breach, someone outside Cloudflare got access to our Salesforce instance, which we use for customer support and internal customer case management, and some of the data it contains,
Information security
[ Load more ]