Security News

Security researchers note an increase in alternative methods to steal data from phishing attacks, as scammers obtain the stolen info through Google Forms or private Telegram bots. Email remains the preferred method to exfiltrate stolen info but these channels foreshadow a new trend in the evolution of phishing kits.

Socure announced the company will provide identity verification services for remote onboarding for individuals accessing decentralized IDs as part of the new Microsoft Azure Active Directory verifiable credentials feature in public preview. Once verified, these credentials can be used to prove an identity across different organizations to accelerate onboarding of users and enable a more trustworthy credential recovery experience.

Onfido announced it has been selected by Microsoft to enable fast and secure identity verification and onboarding for its Azure Active Directory verifiable credentials. Once a person's real identity is bound to their digital identity using Onfido's document plus selfie verification, end-users are onboarded to Azure AD and have complete control over their identity from their smartphone, being able to provision its reuse to access additional services.

VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers. vRealize Operations is an AI-powered and "Self-driving" IT operations management for private, hybrid, and multi-cloud environments, available as an on-premises or SaaS solution.

Researchers are warning of a fake version of the popular audio chat app Clubhouse, which delivers malware that steals login credentials for more than 450 apps. As of now the app is only available on Apple's App Store mobile application marketplace - there's no Android version yet.

A new phishing campaign is targeting U.S. taxpayers with documents that purport to contain tax-related content, but ultimately deliver NetWire and Remcos malware - two prolific remote access trojans which allows attackers to take control of victims' machines through a new phishing email scheme, Cybereason discovered. The new infection process is designed to evade antivirus tools and tricks targets into installing the malware via a tax-themed Word Document containing a malicious macro that downloads an OpenVPN client on the targeted machine.

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. Perhaps the most easily overlooked cause of account lockouts is the use of cached credentials.

For users with more than one password collected last year, researchers found that 60% of the credentials were reused across multiple accounts, making them ripe for account takeovers and password spraying attacks. This password reuse rate, which is unchanged from last year, reflects how easy it is for an attacker to use one stolen password to compromise more than one account.

According to a Tuesday report by Cofense, which analyzed millions of emails related to various attacks, 57 percent were phishing emails aiming to steal victim usernames and passwords. The remainder of malicious emails were utilized in business email compromise attacks or for malware delivery.

HID Global announced it has expanded its Seos credential family with two new products. The Seos 16K is the industry's first credential certified to the highest IT security level established by the independent testing service provider TÜV Informationstechnik GmbH, and it features the highest memory in the series to support multi-application deployments.