Information Management Today

OAuth Flaw Exposed Social Media Logins to Account Takeover

Data Breach Today

MAY 25, 2023

Now-Fixed Expo Framework API Vulnerability Posed Credential, Identity Theft Risks A new OAuth-related vulnerability in an open-source application development framework could expose Facebook, Google, Apple and Twitter users to account takeover, personal data leakage, identity theft, financial fraud and unauthorized actions on other online platforms, (..)

Personal data

Personal data Risk Security

Roku disclosed a new security breach impacting 576,000 accounts

Security Affairs

APRIL 12, 2024

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. Then, they enter those accounts to abuse permissions, siphoning out data, or both.

Passwords

Passwords Security Authentication Data breaches

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Security Affairs

MARCH 29, 2024

The attackers detected suspicious login activity to certain Hot Topic Rewards accounts. Threat actors obtained valid account credentials obtained from an unknown third-party source. Threat actors obtained valid account credentials obtained from an unknown third-party source. ” continues the notification.

Passwords

Passwords Access Authentication Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.

Authentication

Authentication Passwords Sales Access

Dropbox Data Breach Another Multifactor Fail

Data Breach Today

NOVEMBER 3, 2022

Cloud Company Says User Accounts Were Not Breached, Just GitHub Code Repositories DropBox is the latest company to have employees fall for phishing emails tricking them into supplying login credentials and a one time password to threat actors. Hackers got away with copies of 130 code repositories.

Data breaches

Data breaches Phishing Authentication Passwords

Neiman Marcus Says 4.6M Affected by Data Breach

Data Breach Today

SEPTEMBER 30, 2021

Exposed Data Includes Login Credentials, Security Questions Neiman Marcus Group says it is notifying 4.6 The data includes personally identifiable data, payment and gift cards, online account credentials and security questions. million of its online customers who are affected by a data breach that occurred in May 2020.

Data breaches

Data breaches Security IT

GUEST ESSAY: The case for shifting to ‘personal authentication’ as the future of identity

The Last Watchdog

FEBRUARY 3, 2022

I currently have over 450 accounts that use passwords combined with a variety of two-factor authentication methods. In effect, my passwords are now “keys” — and I must authenticate across many accounts, multiple times per day, on a variety of device platforms. the address book web app). Scale to come.

Authentication

Authentication Blockchain Passwords Access

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Krebs on Security

MARCH 26, 2024

Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code. ” Ken said.

Passwords

Passwords Phishing Authentication Mining

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

The login page for the criminal reshipping service SWAT USA Drop. Among the most common ways that thieves extract cash from stolen credit card accounts is through purchasing pricey consumer goods online and reselling them on the black market. Kareem said he was instructed to create an account at a website called portal-ctsi[.]com

Marketing

Marketing Retail Blockchain Communications

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. Here’s another domain registered this year by the Disneyland Team: [link] which spoofs the login page of financial advisor Charles Schwab with the landing page of cli?nt?chwab[.]com.

Phishing

Phishing Authentication Financial Services Access

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. “He was literally reading off the tickets to the notes of the admin panel inside GoDaddy.”

Phishing

Phishing Passwords Authentication Security

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

Security Affairs

JUNE 29, 2023

A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Instead of requiring visitors to waste time filling out the typical registration form, it allows them to register/login to a website using their social media profiles.

Authentication

Authentication Encryption Access IT

Pokemon Company resets some users’ passwords

Security Affairs

MARCH 20, 2024

The Pokemon Company announced it had reset the passwords for some accounts after it had detected hacking attempts, Techcrunch first reported. In other words, bad actors glean lists of breached usernames and passwords and run them against desired logins until they find some that work. of the the targeted accounts were compromised.

Passwords

Passwords Authentication IT Security

NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack

IT Governance

JANUARY 19, 2023

NortonLifeLock customers have been warned that their accounts may have been compromised in a security breach. The attackers might also have had access to Norton Password Manager users’ private vault data, which contains stored passwords for other online accounts. Our own systems were not compromised. Are customers at risk?

Passwords

Passwords Phishing Risk Access

Turn on MFA Before Crooks Do It For You

Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. Both are avid gamers on Microsoft’s Xbox platform, and for years their father managed their accounts via his own Microsoft account.

IT

IT Authentication Passwords Access

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. Also, the apps will persist in a user’s Office 365 account indefinitely until removed, and will survive even after an account password reset.

Passwords

Passwords Phishing Authentication Cloud

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

These pieces of malware are created with the intent of stealing valuable data, such as login credentials, financial information, personal details, and more. For example, some may target login credentials, while others may focus on financial data or intellectual property.

Sales

Sales Ransomware Passwords Communications

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Krebs on Security

SEPTEMBER 16, 2020

According to the indictments, the two men set up fake websites that spoofed login pages for the currency exchanges Binance , Gemini and Poloniex. Armed with stolen login credentials, the men allegedly stole more than $10 million from 142 Binance victims, $5.24 jurisdiction) and making it a crime to transact with them.

Phishing

Phishing Blockchain Marketing Government

Okta warns of unprecedented scale in credential stuffing attacks on online services

Security Affairs

APRIL 28, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services. ” continues the advisory.

Data breaches

Data breaches Phishing Risk Authentication

Threat actors stole 1.1 million customer accounts from 17 well-known companies

Security Affairs

JANUARY 6, 2022

million of their customers have had their user accounts compromised in credential stuffing attacks. million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve botnets trying stolen login credentials usually obtained through phishing attacks and data breaches.

Retail

Retail Passwords Data breaches Phishing

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Passwords

Passwords Risk Authentication Phishing

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI issued an alert to inform the higher education sector about the availability of login credentials on dark web forums that can be used by threat actors to launch attacks against individuals and organizations in the industry. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts.

Sales

Sales Education Phishing Passwords

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. “These guys have real-time capabilities of soliciting any input from the victim they need to get into their Coinbase account,” Holden said. million Italians.

Passwords

Passwords Phishing Authentication Access

Air New Zealand warns of an ongoing credential stuffing attack

Security Affairs

OCTOBER 30, 2022

Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks. What is credential stuffing ?

Passwords

Passwords Authentication Access Security

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

The missives — which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction — state that the user’s account is about to be charged hundreds of dollars. Both the email and the invoice state that “there is evidence that your PayPal account has been accessed unlawfully.”

Phishing

Phishing Access IT

MongoDB investigates a cyberattack, customer data exposed

Security Affairs

DECEMBER 17, 2023

MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account metadata and contact information. The cyber attack was discovered on December 13, 2023, and led to the exposure of customer account metadata and contact information. We detected suspicious activity on Wednesday (Dec.

Metadata

Metadata Data breaches Phishing Authentication

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Security Affairs

OCTOBER 4, 2023

The fake Microsoft Online login page is deployed with the EvilProxy framework fetching all the content dynamically from the legitimate login site. Then the cookies are used by the attackers to login to take over the victims’ account on the legitimate Microsoft Online site, bypassing non-phishing resistant MFA.

Phishing

Phishing Insurance Manufacturing Authentication

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

“Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen account login credentials for U.S. ” The now-defunct Real Deal marketplace was used by crooks to sell and buy illegal goods and services, including narcotics, hacking tools and stolen login credentials. .””

Marketing

Marketing Government IoT Sales

MFA Fatigue Attacks

KnowBe4

NOVEMBER 21, 2022

In an article for BleepingComputer , the researchers explain that attackers repeatedly attempt to login to an account protected by MFA, which spams the user with MFA requests until the user finally approves the login.

Authentication

Who’s Behind the 8Base Ransomware Website?

Krebs on Security

SEPTEMBER 18, 2023

Digging further into this Gitlab account, we can find some curious data points available in the JCube Group’s public code repository. Admin Login to 8Base dashboard.” ” The login page on the 8Base ransomware group’s darknet website. com/jcube-group/clients/apex/8base-v2. The homepage for Jcubegroup[.]com

Ransomware

Ransomware Communications Encryption IT

Facebook Security Bug Affects 90M Users

Krebs on Security

SEPTEMBER 28, 2018

Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. More importantly, it’s a good idea for all Facebook users to review their login activity.

Security

Security Passwords Access IT

LastPass investigated recent reports of blocked login attempts

Security Affairs

DECEMBER 28, 2021

While LastPass says that it is not aware that some of its accounts were compromised in the recent credential stuffing attacks that started on Monday, numerous LastPass users claim that their master passwords have been compromised after receiving emails warning them that someone tried to use them to access their accounts.

Passwords

Passwords Access Authentication Security

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

Security Affairs

JANUARY 1, 2024

The MultiLogin endpoint endpoint is an internal mechanism that allows the synchronization of Google accounts across services. This endpoint receives a vector containing account IDs and auth-login tokens for efficiently handling concurrent sessions or seamlessly transitioning between user profiles. ” continues the report.

Passwords

Passwords Encryption Access IT

GoDaddy discloses a data breach, web hosting account credentials exposed

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches

Data breaches Access Security Cybersecurity

Catches of the Month: Phishing Scams for August 2023

IT Governance

AUGUST 7, 2023

Check Point credits this rise to an extensive phishing campaign that told victims that there has been suspicious activity on their Microsoft account. These types of scams have proven wildly successful, because the majority of Internet users have a Microsoft account for either personal purposes or for their job. Can you spot a scam?

Phishing

Phishing Passwords Education Personal data

DoJ announced to have shut down Slilpp marketplace in international operation

Security Affairs

JUNE 11, 2021

The US Department of Justice announced to have seized the infrastructure of SlilPP , a popular marketplace used by cybercriminals to buy and sell stolen login credentials. “Slilpp buyers subsequently used those login credentials to conduct unauthorized transactions (such as wire transfers) from the related accounts.

Retail

Retail Sales Passwords IT

OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps

Dark Reading

MAY 24, 2023

A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more.

Cybersecurity

Recycle Your Phone, Sure, But Maybe Not Your Number

Krebs on Security

MAY 19, 2021

Researchers in the computer science department at Princeton University say they sampled 259 phone numbers at two major wireless carriers, and found 171 of them were tied to existing accounts at popular websites, potentially allowing those accounts to be hijacked. Or better yet, a physical security key if that’s an option.

Authentication

Authentication Passwords Financial Services Risk

Credential stuffing attack targeted 300K+ Spotify users

Security Affairs

NOVEMBER 24, 2020

Researchers uncovered a possible credential stuffing campaign that is targeting Spotify accounts using a database of 380 million login credentials. Security experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. ” reads the post published by vpnMentor.

Passwords

Passwords Phishing Data breaches Authentication

Air Canada: Attack Exposed 20,000 Mobile App Users' Data

Data Breach Today

AUGUST 30, 2018

Million Accounts Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. Airline Hits Password-Nuke Button, Forces Reset on 1.7

Passwords

Passwords IT

PayPal notifies 34942 users of data breach over credential stuffing attack

Security Affairs

JANUARY 20, 2023

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. ” reads the letter sent by the company to the affected customers.

Data breaches

Data breaches Passwords Insurance Access

Massive phishing campaign targets users of the Zimbra Collaboration email server

Security Affairs

AUGUST 18, 2023

A massive social engineering campaign is targeting users of the Zimbra Collaboration email server to steal their login credentials. The phishing messages include a phishing page in the attached HTML file, they warn the recipient of an email server update, account deactivation, or similar issue.

Phishing

Phishing Passwords IT Security

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

AUGUST 30, 2023

They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure.

Phishing

Phishing Passwords Authentication IT

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

APRIL 11, 2019

As first disclosed by KrebsOnSecurity last summer , Google maintains it has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes. a one-time token, key fob or mobile device).

Security

Security Authentication Passwords Phishing

OAuth Flaw Exposed Social Media Logins to Account Takeover

Roku disclosed a new security breach impacting 576,000 accounts

Webinars

Trending Sources

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Webinars

Crime Shop Sells Hacked Logins to Other Crime Shops

Dropbox Data Breach Another Multifactor Fail

Neiman Marcus Says 4.6M Affected by Data Breach

GUEST ESSAY: The case for shifting to ‘personal authentication’ as the future of identity

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Disneyland Malware Team: It’s a Puny World After All

When Low-Tech Hacks Cause High-Impact Breaches

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

Pokemon Company resets some users’ passwords

NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack

Turn on MFA Before Crooks Do It For You

Malicious Office 365 Apps Are the Ultimate Insiders

Info stealers and how to protect against them

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Okta warns of unprecedented scale in credential stuffing attacks on online services

Threat actors stole 1.1 million customer accounts from 17 well-known companies

The Risk of Weak Online Banking Passwords

FBI: Compromised US academic credentials available on various cybercrime forums

How Coinbase Phishers Steal One-Time Passwords

Air New Zealand warns of an ongoing credential stuffing attack

PayPal Phishing Scam Uses Invoices Sent Via PayPal

MongoDB investigates a cyberattack, customer data exposed

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

British hacker arraigned for running The Real Deal dark web marketplace

MFA Fatigue Attacks

Who’s Behind the 8Base Ransomware Website?

Facebook Security Bug Affects 90M Users

LastPass investigated recent reports of blocked login attempts

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

GoDaddy discloses a data breach, web hosting account credentials exposed

Catches of the Month: Phishing Scams for August 2023

DoJ announced to have shut down Slilpp marketplace in international operation

OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps

Recycle Your Phone, Sure, But Maybe Not Your Number

Credential stuffing attack targeted 300K+ Spotify users

Air Canada: Attack Exposed 20,000 Mobile App Users' Data

PayPal notifies 34942 users of data breach over credential stuffing attack

Massive phishing campaign targets users of the Zimbra Collaboration email server

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Android 7.0+ Phones Can Now Double as Google Security Keys

Stay Connected