#credential-theft

[ follow ]
fromArs Technica
2 weeks ago

Phishers have found a way to downgrade-not bypass-FIDO MFA

The phishing attack bypasses a multifactor authentication scheme based on FIDO, the standard considered immune to credential phishing attacks, leading to unauthorized access.
Privacy technologies
#cybersecurity
fromHackernoon
2 years ago
Mobile UX

Fullscreen BitM Attack Discovered By SquareX Exploits Browser Fullscreen APIs To Steal Credentials | HackerNoon

fromHackernoon
2 years ago
Mobile UX

Fullscreen BitM Attack Discovered By SquareX Exploits Browser Fullscreen APIs To Steal Credentials | HackerNoon

Privacy professionals
fromSecuritymagazine
3 months ago

Research reveals mass scanning and exploitation campaigns

Organizations must adopt layered cybersecurity defenses to combat rising threats.
Proactive measures, like regular software updates and MFA, are essential for defense.
Privacy professionals
fromIT Pro
1 month ago

Hackers are using Microsoft 365 features to bombard enterprises with phishing emails - and they've already hit more than 70 organizations

A new phishing campaign exploits Microsoft's 365 Direct Send feature, targeting organizations without needing user credentials, leading to successful credential theft.
fromThe Hacker News
1 month ago

SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

"The threat actor added code in the installed binaries of the fake NetExtender so that information related to VPN configuration is stolen and sent to a remote server," Ganachari said.
Growth hacking
fromThe Hacker News
2 months ago

OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities

North Korean threat actors have upgraded their malware, OtterCookie, to enhance capabilities in stealing credentials and data.
fromThe Mercury News
3 months ago

Medication stolen from Saratoga senior care facility

On March 22, a significant incident occurred at Our Lady of Fatima where an unsecured medication storage room was breached, resulting in the theft of medication valued at around $869.
Miscellaneous
DevOps
fromArs Technica
4 months ago

Large enterprises scramble after supply-chain attack spills their secrets

Open-source software tj-actions/changed-files was compromised with credential-stealing code, affecting thousands of organizations and highlighting vulnerabilities in software supply chains.
[ Load more ]