Tag: login
-
OpenAI Was Not Breached, Say Researchers
Kela researchers explain that infostealers are to blame for compromised OpenAI logins First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-was-not-breached-say/
-
FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials
Tags: banking, credentials, credit-card, cyber, cybersecurity, finance, india, login, malware, mobile, phishing, threatA new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications. Dubbed >>FinStealer,
-
Edge Devices Face Surge in Mass Brute-Force Password Attacks
Scale of Long-Running Attacks ‘Unprecedented,’ Warns The Shadowserver Foundation. Honeypots designed to track malicious internet activity have detected a surge in brute-force password login attempts against edge devices, and especially – but not exclusively – targeting equipment manufactured by Palo Alto Networks, Ivanti and SonicWall, said The Shadowserver Foundation. First seen on govinfosecurity.com Jump to…
-
Why cyber hygiene remains critical in the era of AI-driven threats
Tags: access, ai, attack, authentication, breach, business, cyber, cyberattack, cybersecurity, data, email, exploit, Internet, login, malicious, mfa, network, phishing, resilience, risk, software, strategy, technology, threat, update, vulnerability, zero-trustCyber-attacks are an assumed inevitable for businesses today. As companies increasingly handle large amounts of valuable data, safeguarding operations has never been more important. Now, half (50%) of IT decision-makers report information security as their most time-consuming task[1].While AI offers a promising solution, security leaders must get the basics right first. Only by practicing good…
-
Massive Brute Force Attack Launched With 2.8 Million IPs To Hack VPN Firewall Logins
Massive brute force attacks targeting VPNs and firewalls have surged in recent weeks, with cybercriminals using as many as 2.8 million unique IP addresses daily to conduct relentless login attempts. The Shadowserver Foundation, a nonprofit cybersecurity organization, has confirmed this alarming trend through data collected from its global honeypot infrastructure. These attacks primarily target devices…
-
PlayStation Network Down; Outage Leaves Gamers Frustrated (Updated)
PlayStation Network Down: PSN is experiencing a major outage, affecting account login, online gaming, PlayStation Store, and more…. First seen on hackread.com Jump to article: hackread.com/playstation-network-down-outage-gamers-frustrated/
-
PlayStation Network Down; Outage Leaves Gamers Frustrated
PlayStation Network Down: PSN is experiencing a major outage, affecting account login, online gaming, PlayStation Store, and more…. First seen on hackread.com Jump to article: hackread.com/playstation-network-down-outage-gamers-frustrated/
-
Suspected botnet targets edge devices using brute force attacks
Researchers warn of a surge in attempted logins targeting devices from SonicWall, Palo Alto Networks and others. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/botnet-edge-devices-brute-force/739565/
-
Yahoo Finance: U.S. Lawmakers Push to Ban China’s DeepSeek AI Over Security Risks Feroot Security Analysis
Washington, D.C. U.S. lawmakers announced a bill to ban DeepSeek, the Chinese AI chatbot app, from government devices following a security analysis by Feroot Security that revealed alarming privacy and national security risks. The research suggests that DeepSeek collects user data, including digital fingerprints, login credentials, and behavioral information, potentially sending it to servers…The post…
-
Breach Roundup: Hacker Claims 20 Million OpenAI Logins Taken
Also: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges…
-
Bogus Microsoft ADFS login pages leveraged for widespread credential theft
First seen on scworld.com Jump to article: www.scworld.com/brief/bogus-microsoft-adfs-login-pages-leveraged-for-widespread-credential-theft
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
North Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
OpenAI Data Breach Threat Actor Allegedly Claims 20 Million Logins for Sale
Tags: breach, credentials, cyber, cybersecurity, data, data-breach, email, login, openai, password, threatOpenAI may have become the latest high-profile target of a significant data breach. A threat actor has surfaced on underground forums, claiming possession of email and password credentials for a staggering 20 million OpenAI accounts. This alleged breach has raised serious concerns among tech users and cybersecurity experts worldwide. The threat actor, who remains anonymous,…
-
Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US
DeepSeek has computer code that could send some user login information to China Mobile. The post Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/researchers-link-deepseeks-blockbuster-chatbot-to-chinese-telecom-banned-from-doing-business-in-us/
-
Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials
A global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations. First seen on hackread.com Jump to article: hackread.com/hackers-fake-microsoft-adfs-login-pages-steal-credentials/
-
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics such as brute force login attempts and Adversary-in-the-Middle (AiTM) techniques. With a growing reliance on…
-
Microsoft Advertisers Account Hacked Using Malicious Google Ads
Tags: attack, credentials, cyber, cybercrime, cybersecurity, exploit, google, login, malicious, malware, microsoft, network, phishing, riskCybersecurity experts have uncovered a sophisticated phishing campaign targeting Microsoft advertising accounts. The attack, orchestrated through malicious Google Ads, aims to steal login credentials of users accessing Microsoft’s advertising platform. This incident highlights the growing risk of malvertising, where cybercriminals exploit legitimate ad networks to deceive users. How the Attack Works The phishing campaign leverages…
-
New Apple SLAP FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser
Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These vulnerabilities impact Apple Silicon chips, exposing critical security risks in devices built on the M2/A15…
-
New Phishing Scam Targets Amazon Prime Membership to Steal Credit Card Data
A recent investigation has uncovered a sophisticated phishing campaign leveraging malicious PDF files to redirect unsuspecting users to fake Amazon-branded phishing websites. Researchers from Unit 42 reported that this campaign utilizes PDFs containing embedded links as an initial lure to compromise users and steal sensitive information such as login credentials and credit card details. Attack…
-
Privacy Roundup: Week 4 of Year 2025
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
New Phishing Framework Attack Multiple Brands Login Pages To Steal Credentials
Researchers have identified a sophisticated phishing tactic leveraging Cloudflare’s workers.dev, a free domain name service, to execute credential theft campaigns. The modus operandi involves a generic phishing page that can impersonate any brand, with significant technical ingenuity aimed at deceiving unsuspecting users and evading detection. The phishing page, hosted on the URL >>workers-playground-broken-king-d18b.supermissions.workers.dev,
-
Employees of failed startups are at special risk of stolen personal data through old Google logins
As if losing your job when the startup you work for collapses isn’t bad enough, now a security researcher has found that employees at failed startups are at particular risk of having their data stolen. This ranges from their private Slack messages to Social Security numbers and, potentially, bank accounts. The researcher who discovered the…
-
DDoS-Angriff auf einen staatlichen Login-Dienst in den Niederlanden
Update grootschalige DDoS-aanvallen op Logius-diensten First seen on logius.nl Jump to article: www.logius.nl/actueel/update-grootschalige-ddos-aanvallen-op-logius-diensten
-
Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google.”The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages,” Jérôme Segura, senior director…