Security News

Reminder: Infostealer malware is coming for your ChatGPT credentials
2024-03-07 06:27

Stolen ChatGPT credentials are a hot commodity on the dark web, according to Singapore-based threat intelligence firm Group-IB, which claims to have found some 225,000 stealer logs containing login details for the service last year. According to Group-IB, it found around 130,000 of the ChatGPT credential-containing logs in the five months from June to October, 2023, representing a 36 percent increase in the number of logs found in the prior five-month period between January and May of last year.

PetSmart warns of credential stuffing attacks trying to hack accounts
2024-03-07 00:25

Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting to breach accounts. In new email notifications sent to PetSmart customers first seen by DarkWebInformer, the company warns that customers are being targeted by credential stuffing attacks used to gain access to their accounts.

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets
2024-03-05 10:38

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show....

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
2024-02-21 06:01

Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to...

Beware: Fake Facebook Job Ads Spreading 'Ov3r_Stealer' to Steal Crypto and Credentials
2024-02-06 14:09

Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. "This malware is...

Hundreds of network operators’ credentials found circulating in Dark Web
2024-01-30 08:41

After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to reconsider the digital identity protection for staff engaged in network engineering and IT infrastructure management. Cybersecurity experts outlined the risks originating from Dark Web actors leveraging compromised credentials belonging to ISP/Telcom engineers, Data-Center Technicians, Network Engineers, IT Infrastructure Managers and Outsourcing companies.

Jason’s Deli says customer data exposed in credential stuffing attack
2024-01-23 16:44

Jason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks.In a data breach notification sent to customers, Jason's Deli says hackers obtained credentials of member accounts at Jason's Deli from other sources and, on December 21, 2023, used them in a credential stuffing attack against the restaurant's website.

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
2024-01-18 18:44

The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware. The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets
2024-01-18 15:02

Leaked credentials from traditional sources are still a prominent and substantial risk to organizations. We monitor more than 14 billion leaked credentials found from dumps across the dark web.

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
2024-01-17 11:14

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for...