Security News

Spotted by security firm Nuspire, one campaign that has resurfaced lately grabs RDP credentials or access and then sells them on underground forums. Active on several underground forums and communities, TrueFighter specializes in the sale of compromised RDP accounts through which buyers gain remote administrative access to the networks of affected organizations.

JumpCloud announced the release of the JumpCloud App for Windows, the latest update to its patent-pending strategy for enabling secure credential and identity management from an employee's device. The JumpCloud Windows App streamlines credential management workflows and establishes the employee's workstation or laptop as a trusted device.

Network appliances and devices that still have their default credentials present a risk to your organization, says SecurityHQ. Think of all the routers, switches, appliances, and other devices that may be available and accessible on your network. In its blog post entitled "Notes from the Field. Don't Default on Password Security," SecurityHQ described the trap of default credentials.

By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research. The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.

Twenty percent of the 88 billion total credential stuffing attacks observed during the reporting period targeted media companies, Akamai said. Media companies are an attractive target for criminals and saw a 63% year-over-year increase in attacks against the video media sector, the report said.

The media industry suffered 17 billion credential stuffing attacks between January 2018 and December 2019, according to a report from Akamai. The report found that 20% of the 88 billion total credential stuffing attacks observed during the reporting period targeted media companies.

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows. Over the past few years, Digital Shadows added to its breach repository more than 15 billion credentials shared on criminal forums, paste sites, file sharing services, and code sharing websites.

Stolen domain admin login credentials can be resold by dark web criminals for up to £95,000 and a total of 15 billion purloined credentials are traded on illicit marketplaces. "Rick Holland, CISO and strategy veep of Digital Shadows, mused:"The sheer number of credentials available is staggering and in just over the past 1.5 years, we've identified and alerted our customers to some 27 million [leaked] credentials which could directly affect them.... "Details exposed from one breach could be re-used to compromise accounts used elsewhere. The message is simple - consumers should use different passwords for every account and organizations should stay ahead of the criminals by tracking where the details of their employees and customers could be compromised."

A new phishing campaign spotted by Abnormal Security attempts to trick people with a phony Twitter security notification. A new phishing campaign analyzed by the security provider Abnormal Security shows how the attackers are taking advantage of Twitter users to steal account credentials.

Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same.