Security News

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host's registry or users' cloud-account credentials. Containerd bills itself as a runtime tool that "Manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond." As such, it offers deep visibility into a user's cloud environment, across multiple vendors.

Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types and sizes between July 2018 and June 2020. Between July 2018 and June 2020, more than 100 billion credential stuffing attacks ere observed in total.

Attivo Networks announced innovative enhancements to its ThreatPath solution, part of the modular ThreatDefend Endpoint Detection Net family of products. ThreatPath, which continuously observes and shows credential exposures, now also provides organizations with the ability to identify and automatically remediate high-risk exposures based on identities with excess privileges, application data sources, at-risk practices such as local admin credentials stored on the endpoint, and shadow admin accounts.

Free graphics design website Canva is being abused by threat actors to create and host intricate phishing landing pages. Canva is a graphic design platform that lets users create posters, letterheads, holiday cards, and other digital media that can then be downloaded as an image, shared as HTML with clickable links, or printed.

Over the past two weeks, Sam's Club has started sending automated password reset emails and security notifications to customers who were hacked in credential stuffing attacks. In emails sent out to Sam's Club members, and seen by BleepingComputer, the company is alerting members that an unauthorized party may have gained access to their accounts.

While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext passwords on the dark web has increased by 429 percent since March. For a typical organization, this means there are now, on average, 17 sets of corporate credentials available on the dark web that could be used by hackers.

An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems - but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.

Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. Unlike automated flood-the-zone, volume-based credential attacks, other API attacks are conducted almost one-to-one and carried out in elusive ways, targeting the distinct vulnerabilities of each API, making them even harder to detect than attacks happening on a large scale.

Credential theft targeting hardcore gamers has hit an all-time high as scams, illicit markets and account takeovers have become a booming business. More common, Akamai said, is attackers using stolen credentials to log in to a game account and simply steal a user's profile information, financial data and whatever valuable virtual merchandise and currency they can find.

For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals. On Thursday, Microsoft published information on a newly identified Strontium campaign that focused on harvesting Office365 credentials for tens of thousands of accounts at organizations in the US and UK, many of them directly involved in political elections.