Thousands of stolen Disney+ accounts for sale in hacking forums
Thousands of Disney+ account owners have reported their accounts have been hacked hours after the Disney+ video streaming service was launched.
Adobe Creative Cloud database exposed over 7 million user records
Security researchers discovered an unsecured Adobe Creative Cloud Elasticsearch database that exposed nearly 7.5 million user records.
Cisco Webex and Zoom issue password security guidance to prevent enumeration attacks
Researchers have discovered attackers can take advantage of Webex Meetings API calls to enumerate Webex meeting numbers. Attackers can also launch similar "enumeration attacks" against Zoom platform for ongoing or future meetings .
LastPass security update fixes credential leak bug
LastPass released a new security update that fixes a vulnerability that exposes credentials from a previously visited website. The new version 4.33.0 was released on September 12.
Slack resets passwords exposed in 2015 breach
Slack has reset passwords for close to 1% of overall Slack accounts in response to new information learned from 2015 security breach.
DHS warns of Iranian cybersecurity threats, issues guidance
The Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about recent Iranian cybersecurity threats. The statement also included suggested tips and best practices to stay safe online.
Nansh0u campaign targets Windows MS-SQL and PHPMyAdmin servers
A China-based cyber campaign dubbed "Nansh0u" has targeted tens of thousands of unsecured Windows MS-SQL and PHPMyAdmin servers worldwide.
Flipboard confirms data breach, resets passwords
News aggregator Flipboard warned that an unauthorized person gained access to subset of user account data and cryptographically protected passwords.
Facebook says Millions of Instagram passwords stored in clear text
Facebook provided an update to a previously disclosed incident involving insecurely storing "tens of thousands" of Instagram users' passwords on internal servers in clear text. Facebook now says that "millions" of Instagram accounts are now impacted.
HawkEye Reborn: Password Stealer and Keylogger threat
Cisco's Talos security team has observed ongoing malware distribution campaigns that use a new version of a keylogger and password stealer "HawkEye Reborn v9."