Security experts have discovered a new version of ViperSoftX, a malware that steals cryptocurrency and targets password managers, such as KeePass and 1Password.
ViperSoftX campaign steals cryptocurrency and targets password managers Read More »
The Federal Bureau of Investigation (FBI) have spotted cybercriminals using proxies and configurations to launch credential stuffing attacks against US companies.
Cybercriminals use proxies and configurations to launch credential stuffing attacks Read More »
GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
Alert: Threat actors continue to exploit patched Pulse Secure VPN devices Read More »
News aggregator Flipboard warned that an unauthorized person gained access to subset of user account data and cryptographically protected passwords.
Flipboard confirms data breach, resets passwords Read More »
A massive data breach dubbed “Collection #1” exposed nearly 800 million email addresses and millions of passwords. Security expert Troy Hunt was alerted of the leaked data made available for free download from popular MEGA cloud storage service. The data consisted of over 12,000 separate files and more than 87GB of data.
Nearly 800M email records exposed in massive data breach Read More »
