Security News > 2021

The now-defunct WeLeakInfo data breach site has suffered its own data breach after a threat actor leaked the service's payment information and customer info. Last Thursday, a threat actor released an archive of payment processing data used by WeLeakInfo when processing payments through Stripe.

The now-defunct WeLeakInfo data breach site has suffered its own data breach after a threat actor leaked the service's payment information and customer info. Last Thursday, a threat actor released an archive of payment processing data used by WeLeakInfo when processing payments through Stripe.

If you'd rather not have to enter your password every time you open the Bitwarden password manager on your mobile device, Jack Wallen shows you how to enable biometric login.

Microsoft has shed some light on the root cause behind yesterday's massive Azure authentication outage that affected multiple Microsoft services and blocked users from logging into their accounts. This issue prevented users from authenticating to Microsoft 365, Exchange Online, Microsoft Teams, or any other service relying on Azure AD. "Between 19:00 UTC on March 15, 2021, and 09:25 UTC on March 16, 2021 customers may have encountered errors performing authentication operations for any Microsoft and third-party applications that depend on Azure Active Directory for authentication," Microsoft explained today in a preliminary root cause analysis report.

Authors of a new botnet are targeting connected devices affected by critical-level vulnerabilities, some of them impacting network security devices. Successfully compromised devices end up with a variant of the Mirai botnet malware specific to the architecture of the device.

In honor of the 2021 Grammys, Specops Software has released a new analysis of over 800 million breached passwords to find which best-selling music artists are most frequently included. Topping the list? It's R.E.M. The list pulled any entry in Specops' compromised password database that contained an artist or group name that is included in Wikipedia's list of best selling musical artists.

The McAfee Advanced Threat Research Strategic Intelligence team has identified an espionage campaign that is specifically targeting telecommunication companies in an attack dubbed "Operation Diànxùn." McAfee researchers Thomas Roccia, Thibault Seret and John Fokker said in a blog post that the malware is using tactics similar to those seen from groups like RedDelta and Mustang Panda. Cybersecurity companies Intsights and Positive Technologies both identified Mustang Panda last year as an advanced persistent threat group behind a number of COVID-19-themed attacks on people in Vietnam and Mongolia.

A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices. A new variant of the Mirai botnet has been discovered targeting a slew of vulnerabilities in unpatched D-Link, Netgear and SonicWall devices - as well as never-before-seen flaws in unknown internet-of-things gadgets.

Threat intelligence data broker Recorded Future has acquired fraud analytics startup Gemini Advisory as part of a strategic push to expand into the financial services and payment processing markets. Recorded Future expects the Gemini Advisory deal to provide tools and expertise to sell the "Most comprehensive intelligence platform" with "The visibility to act at the speed of the adversary to mitigate cyber risk and fraud."

Threat intelligence data broker Recorded Future has acquired fraud analytics startup Gemini Advisory as part of a strategic push to expand into the financial services and payment processing...