Security News

A list of device IPs and credentials has gone viral since Thursday, kicking off an effort by researchers to notify the owners of these connected devices before they're hacked.

Flashpoint warns of a new business email compromise campaign targeting organizations in various industries with the aim of harvesting credentials.

Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.

One of yesterday's Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.

Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm.

Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks.

WikiLeaks has published documents detailing BothanSpy and Gyrfalcon, tools allegedly used by the U.S. Central Intelligence Agency (CIA) to steal SSH credentials from Windows and Linux systems. read more

The group behind last week’s destructive NotPetya attack was able to access M.E.Doc’s update server and use it for their nefarious purposes courtesy of stolen credentials, Cisco has discovered. read more

Travel Giant Declined to Release Number of VictimsTravel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to...

WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell)...