Tag: credentials
-
390,000 WordPress accounts stolen from hackers in supply chain attack
by
in SecurityNewsA threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/390-000-wordpress-accounts-stolen-from-hackers-in-supply-chain-attack/
-
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials
by
in SecurityNewsResearchers have discovered a new Android banking trojan targeting Indian users, and this malware disguises itself as essential utility services to trick users into providing sensitive information. The malware has already compromised 419 devices, intercepted 4,918 SMS messages, and stolen 623 banking credentials. As this active campaign continues, the number of affected devices and stolen…
-
Yearlong supply-chain attack targeting security pros steals 390K credentials
by
in SecurityNewsMultifaceted, high-precision campaign targets malicious and benevolent hackers alike. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/
-
Hacker Uses Info-Stealer Against Security Pros, Other Bad Actors
by
in SecurityNewsAn unknown hacker called MUT-1244 used information-stealing malware to not only grab sensitive data from cybersecurity professionals but also to steal WordPress credentials from other bad actors who had bought them on the dark web. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/hacker-uses-info-stealer-against-security-pros-other-bad-actors/
-
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
by
in SecurityNewsA now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials.The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to “mysterious unattributed threat”) by Datadog…
-
Cyberint’s 2024 Report Highlights Surge in Credential Theft and Rise of AI-Powered Phishing
by
in SecurityNewsCyberint, a Check Point company, has released its 2024 Cyber Security Landscape Report, painting a concerning picture of the evolving threat landscape. The report, drawing on data from the Cyberint Argos Platform, analysed 140,000 cyber threat alerts across critical industries, revealing a 333% surge in credential theft, a significant rise in supply chain attacks, and…
-
PUMA creeps through Linux with a stealthy rootkit attack
by
in SecurityNewsA new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features.PUMAKIT, as called by the Elastic Security researchers who discovered it during routine threat hunting on VirusTotal, was deployed as part of a multi-stage malware architecture that consists of a dropper, two memory-resident…
-
IoT Cloud Cracked by ‘Open Sesame’ OverAir Attack
by
in SecurityNewsResearchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/iot-cloud-cracked-open-sesame-attack
-
Datadog urges to phase out long-lived cloud credentials
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/datadog-urges-to-phase-out-long-lived-cloud-credentials
-
PEC “invoice scam” Stealing time, money, and trust from businesses
by
in SecurityNewsPEC stands for “Posta Elettronica Certificata” – a type of legally binding “certified email” used in Italy. It’s also a hub of abuse targeting business owners. In this article, we share a real-life case of criminals stealing PEC credentials to send malicious emails, causing significant loss of time and money, and explore the risks of…
-
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
by
in SecurityNewsCybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks.”Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API First seen…
-
Cybercrime Gangs Abscond With Thousands of Orgs’ AWS Credentials
by
in SecurityNewsThe Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cybercrime-gangs-steal-thousands-aws-credentials
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
Ongoing widespread AWS customer credential theft exposed by open S3 bucket
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/ongoing-widespread-aws-customer-credential-theft-exposed-by-open-s3-bucket
-
Cybercrime Gangs Abscond With Thousands of AWS Credentials
by
in SecurityNewsThe Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cybercrime-gangs-steal-thousands-aws-credentials
-
Hackers Exploit AWS Misconfigurations in Massive Data Breach
by
in SecurityNewsHackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-aws/
-
AppLite: A New AntiDot Variant Targeting Mobile Employee Devices
by
in SecurityNewsOur zLabs team has identified an extremely sophisticated mishing (mobile-targeted phishing) campaign that delivers malware to the user’s Android mobile device enabling a broad set of malicious actions including credential theft of banking, cryptocurrency and other critical applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/applite-a-new-antidot-variant-targeting-mobile-employee-devices/
-
New AppLite Malware Targets Banking Apps in Phishing Campaign
by
in SecurityNewsNew AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/applite-malware-targets-banking/
-
Microsoft NTLM Zero-Day to Remain Unpatched Until April
by
in SecurityNews
Tags: attack, credentials, cyberattack, microsoft, mitigation, ntlm, update, vulnerability, windows, zero-dayThe second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-ntlm-zero-day-remain-unpatched-april
-
Top tips for CISOs running red teams
by
in SecurityNewsRed team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…
-
Romania ‘s election systems hit by 85,000 attacks ahead of presidential vote
by
in SecurityNews
Tags: access, attack, country, credentials, cyberattack, cybercrime, data-breach, election, hacker, intelligence, russia, service, threatRomania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems. Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days…
-
Protecting the cloud: combating credential abuse and misconfigurations
by
in SecurityNewsTo defend again two of today’s biggest cloud security threats, organizations must adapt and develop proactive strategies, Google Cloud’s;Brian Roddy writes.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/credentials-cloud-misconfigurations/734732/
-
New Windows zero-day exposes NTLM credentials, gets unofficial patch
by
in SecurityNewsA new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/
-
Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials
by
in SecurityNewsResearchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets. It operates as an Electron or NodeJS application, injecting code into vulnerable apps and communicating with C2 servers. The malware’s FUD status is maintained through regular updates…