Security News

ADT discloses second breach in 2 months, hacked via stolen credentials
2024-10-07 22:12

Home and small business security company ADT disclosed it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data. [...]

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
2024-10-01 06:32

More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of...

Reducing credential complexity with identity federation
2024-10-01 04:00

In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this...

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
2024-09-19 15:41

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed...

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
2024-09-16 04:23

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials....

Malware locks browser in kiosk mode to steal Google credentials
2024-09-14 14:09

A malware campaign uses the unusual method of locking users in their browser's kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. [...]

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft
2024-09-13 11:17

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over...

Hackers inject malicious JS in Cisco store to steal credit cards, credentials
2024-09-04 15:48

Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided...

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
2024-08-28 06:49

Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse...

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
2024-08-23 10:24

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential...