Security News

Sports betting company DraftKings said today that it would make whole customers affected by a credential stuffing attack that led to losses of up to $300,000. The statement follows an early Monday morning tweet saying that DraftKings was investigating reports [1, 2, 3, 4] of customers experiencing issues with their accounts.

The defendants purchased on the dark web server credentials for the computer servers of Certified Public Accounting and tax preparation firms across the country. They used those server credentials to remotely and covertly commit computer intrusions and exfiltrate the tax returns of thousands of taxpayers who were clients of those CPA and tax preparation firms.

Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. According to The Guardian, Medibank is working under the assumption that all its customers have been affected, including past ones.

Credential phishing attacks continue to exploit COVID-19 to target businesses. Since early 2020, the coronavirus pandemic has given cyber criminals another area that's ripe for exploitation as they try to trick individuals and businesses into divulging sensitive information.

Facebook warns of 400 malicious apps that tried to steal your account credentials. Facebook is advising its users to beware of fake and malicious apps that attempt to hijack your credentials for the popular social network.

Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information. 42.6% of the rogue apps were photo editors, followed by business utilities, phone utilities, games, VPNs, and lifestyle apps.

The 'LofyGang' threat actors have created a credential-stealing enterprise by distributing 200 malicious packages and fake hacking tools on code hosting platforms, such as NPM and GitHub. LofyGang is motivated by financial profit, aiming to achieve high-volume account compromise and then resell access to those accounts on various private channels on the dark web, hacking forums, and Discord.

Phishing attack spoofs Zoom to steal Microsoft user credentials We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. That's exactly the case with a recent phishing campaign analyzed by security firm Armorblox in which the attacker spoofed Zoom in an attempt to compromise Microsoft user credentials.

After being laid off, an IT system administrator disrupted the operations of his former employer, a high-profile financial company in Hawaii, hoping to get his job back. Casey K. Umetsu, aged 40, worked as a network admin for the company between 2017 and 2019, when his employer terminated his contract.

To effectively mitigate their exposure, given current threat intelligence, organizations need to focus on what is exploitable from the adversary's perspective. Validating matches between leaked credential data and the organization's identity management tools, such as Active Directory.