Security News
Over the past two weeks, Sam's Club has started sending automated password reset emails and security notifications to customers who were hacked in credential stuffing attacks. In emails sent out to Sam's Club members, and seen by BleepingComputer, the company is alerting members that an unauthorized party may have gained access to their accounts.
While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext passwords on the dark web has increased by 429 percent since March. For a typical organization, this means there are now, on average, 17 sets of corporate credentials available on the dark web that could be used by hackers.
An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems - but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.
Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. Unlike automated flood-the-zone, volume-based credential attacks, other API attacks are conducted almost one-to-one and carried out in elusive ways, targeting the distinct vulnerabilities of each API, making them even harder to detect than attacks happening on a large scale.
Credential theft targeting hardcore gamers has hit an all-time high as scams, illicit markets and account takeovers have become a booming business. More common, Akamai said, is attackers using stolen credentials to log in to a game account and simply steal a user's profile information, financial data and whatever valuable virtual merchandise and currency they can find.
For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals. On Thursday, Microsoft published information on a newly identified Strontium campaign that focused on harvesting Office365 credentials for tens of thousands of accounts at organizations in the US and UK, many of them directly involved in political elections.
Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic - on top of legitimate company webpages - to lure in victims. The initial email said, the company's email system "Failed to process new messages in the inbox folder," and "Two valid email messages have been held and quarantined for deletion." It asked the target to review the messages and recover their lost mail in the inbox folder - or they will be automatically deleted after three days.
Turkish-speaking cybercriminals are sending Instagram users seemingly legitimate messages from the social media company, with the aim of stealing their Instagram and email credentials. While previous phishing messages leveraging Instagram as a lure have been sent via email, the attackers in this campaign send the phishing messages on Instagram's platform itself.
Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text. Dubbed Stringlifier, the tool was written in Python and leverages machine learning to differentiate random character sequences from normal text sequences.
Trends in BEC and email security during Q2 2020 included a peaking and plateauing of COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according to an Abnormal Security report. There have been surges in COVID-19-themed email security attacks, which continued in Q2, with weekly campaign volume increasing 389% between Q1 and Q2. There has also been a continued increase in BEC attacks targeting finance department employees over C-level executives, which grew by 50% quarter-over-quarter.