Security News

Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems. "When a user extracts and executes NullMixer, it drops a number of malware files to the compromised machine," cybersecurity firm Kaspersky said in a Monday report.

Credential stuffing attacks have become so prevalent in the first quarter of 2022 that traffic surpassed that of legitimate login attempts from normal users in some countries. Once the credential are leaked or brute-forced from one site, threat actors perform a credential stuffing attack that attempts to use the same leaked credentials at other sites to gain access to users' accounts.

How to protect your organization's single sign-on credentials from compromise. Single sign-on, or SSO, is considered an effective method of authentication because it reduces the need for passwords and lets users authenticate across different applications and systems with just one single set of credentials.

Threat actors are exploiting the death of Queen Elizabeth II in phishing attacks to lure their targets to malicious sites designed to steal their Microsoft account credentials. Besides Microsoft account details, the attackers also attempt to steal their victims' multi-factor authentication codes to take over their accounts.

Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website.A credential stuffing attack is when threat actors use email addresses/usernames and password combinations obtained from data breaches to attempt to hack into user accounts on other websites.

An international law enforcement operation has resulted in the dismantling of WT1SHOP, an online criminal marketplace that specialized in the sales of stolen login credentials and other personal information. The website peddled over 5.85 million records of personally identifying information, including approximately 25,000 scanned driver's licenses/passports, 1.7 million login credentials for various online shops, 108,000 bank accounts, 21,800 credit cards, the U.S. Justice Department said.

An international law enforcement operation has seized the website and domains for WT1SHOP, a criminal marketplace that sold stolen credit cards, I.D. cards, and millions of login credentials. WT1SHOP was one of the largest criminal marketplaces of PII data commonly used by threat actors to buy credentials for account takeovers, credit cards used for online purchases, and government I.D. cards for identity theft.

Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services credentials, posing a major security risk. "Over three-quarters of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News.

Researchers at Symantec's Threat Hunting team, part of Broadcom Software, found 1,859 applications containing hard-coded AWS credentials, most of them being iOS apps and just 37 for Android. The threat analysts highlight three notable cases in their report where the exposed AWS tokens could have had catastrophic consequences for both authors and users of the vulnerable apps.

Abnormal Security released a report which explores the current email threat landscape. This Help Net Security video provides insight into the latest advanced email attack trends.