Password Management

Cybercriminals use proxies and configurations to launch credential stuffing attacks

The Federal Bureau of Investigation (FBI) have spotted cybercriminals using proxies and configurations to launch credential stuffing attacks against US companies.

Cybercriminals use proxies and configurations to launch credential stuffing attacks Read More »

log in, to register, window-3938430.jpg

GitLab issues security update for Critical hard-coded password vulnerability (CVE-2022-1162)

GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.

GitLab issues security update for Critical hard-coded password vulnerability (CVE-2022-1162) Read More »

Mozilla releases Firefox 78 with new ‘Protections Dashboard’ feature

The Mozilla Foundation has released Firefox 78 that includes security fixes for multiple vulnerabilities, as well as a new ‘Protections Dashboard’ feature.

Mozilla releases Firefox 78 with new ‘Protections Dashboard’ feature Read More »

FBI and CISA warning of Chinese targeting COVID-19 research organizations

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of likely targeting and compromise of U.S. COVID-19 research organizations by the People’s Republic of China (PRC).

FBI and CISA warning of Chinese targeting COVID-19 research organizations Read More »

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices Read More »