Tag: password
-
Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of Windows domains, storing account data, group policies, and password hashes. Compromise of its core file effectively hands attackers the keys to the kingdom. Attack Overview The breach began when attackers…
-
150,000 Records of Home Health Care Firm Exposed on Web
Researcher Finds Database of Sensitive Patient Info With No Password Protection. An unencrypted database containing nearly 150,000 patient records of a California provider of home health and palliative care services was left exposed on the internet, said a cybersecurity researcher who discovered the unsecured data cache. Why does this keep happening in the healthcare sector?…
-
NIST SP 800-63B Rev. 4 Password Updates
Stay ahead of compliance with NIST 800-63B Rev 4. The latest password updates and how to enforce stronger security in Active Directory. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/nist-sp-800-63b-rev-4-password-updates/
-
Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer
New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam. First seen on hackread.com Jump to article: hackread.com/vietnamese-hackers-fake-copyright-notice-lone-none-stealer/
-
How secure are passkeys, really? Here’s what you need to know
Passwords are weak links”, 88% of breaches involve stolen creds. Learn more from Specops Software about how passkeys deliver phishing resistance, simpler logins & lower support costs (with some hurdles to adoption). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-secure-are-passkeys-really-heres-what-you-need-to-know/
-
Service Accounts in Active Directory: These OG NHIs Could Be Your Weakest Link
While non-human identities (NHIs) in cloud and SaaS operations may be getting lots of attention right now, securing your Active Directory service accounts can go a long way in reducing risk. Here are three steps you can take right now. Key takeaways Expect sprawl: Agentic AI and cloud native development accelerate non-human identity (NHI) growth. …
-
New npm Malware Steals Browser Passwords via Steganographic QR Code
A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the npm alias janedu (registration email janedu0216@gmail[.]com), the package masquerades as a harmless JavaScript/TypeScript utility library while quietly…
-
Microsoft DCU’s Takedown of RaccoonO365
When I saw the name of the Microsoft Digital Crime Unit’s latest target, “RaccoonO365” I probably reacted to it differently than most. With the help of a friend in Lagos, we’ve been watching the money launderers and things have reached a point that they now refer to what we previously called “Business Email Compromise” or…
-
LastPass: Fake password managers infect Mac users with malware
LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lastpass-fake-password-managers-infect-mac-users-with-malware/
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
Budget-Friendly Secrets Management Strategies
Why Are Non-Human Identities Critical for Budget-Friendly Security? How can organizations maintain a fortified security posture while staying within budget constraints? This challenge is particularly pressing when considering the management of Non-Human Identities (NHIs), which play a pivotal role in cost-effective secrets management. NHIs encompass machine identities, including encrypted passwords, tokens, and keys, that are……
-
Enhancing Your Team’s Capabilities in NHIDR
How Secure Are Your Organization’s Machine Identities? Have you ever considered the sheer number of machine identities roaming within your organization’s networks, each carrying sensitive secrets that require careful management? Where threats are evolving faster than ever before, Non-Human Identities (NHIs) play a pivotal role. These machine identities are a blend of secrets”, encrypted passwords,…
-
Gain Confidence with Stronger Cloud Defenses
How Can Non-Human Identities Fortify Your Cloud Security Strategy? When thinking about cybersecurity, how often do you consider the role of Non-Human Identities (NHIs)? With more organizations migrate to cloud-based systems, managing these machine identities has become critical to maintaining secure cloud. NHIs, which encompass encrypted passwords, tokens, and keys, function like digital passports and……
-
Crims bust through SonicWall to grab sensitive config data
Vendor pulls plug on cloud backup feature, urges admins to reset passwords and re-secure devices First seen on theregister.com Jump to article: www.theregister.com/2025/09/18/sonicwall_breach/
-
Study Finds 1.2M Medical Devices Exposed on Internet
Default credentials, weak passwords, misconfigurations and a variety of other security shortcomings are exposing millions of medical devices and their data on the internet, said Soufian El Yadmani, CEO and co-founder of Modat, who shared recent research findings. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/study-finds-12m-medical-devices-exposed-on-internet-i-5494
-
How weak passwords and other failings led to catastrophic breach of Ascension
A deep-dive into Active Directory and how “Kerberoasting” breaks it wide open. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/09/how-weak-passwords-and-other-failings-led-to-catastrophic-breach-of-ascension/
-
SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers
SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts.The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of…
-
Brute force attacks hitting SonicWall firewall configuration backups
Tags: attack, authentication, backup, breach, cloud, computer, computing, credentials, data, defense, encryption, firewall, Hardware, login, mfa, password, phishing, software, technology, threatWhat are brute force attacks?: Brute force attacks use trial and error to crack passwords, login credentials, and encryption keys. They’ve been around since the beginning of the computer age, yet are still effective. Why? In part because people still use easily guessable passwords like ‘1234’, or their company’s name, or default passwords left on…
-
SonicWall Advises Users to Reset Logins After Config Backup Leak
SonicWall has alerted its customers to reset all login credentials after a recent leak exposed firewall configuration backups. The vendor emphasizes three critical stages”, containment, remediation, and monitoring”, to minimize risk and restore secure access. Users should follow each stage in order, beginning with containment to block further exposure, proceeding to remediation to reset passwords…
-
SonicWall Advises Users to Reset Logins After Config Backup Leak
SonicWall has alerted its customers to reset all login credentials after a recent leak exposed firewall configuration backups. The vendor emphasizes three critical stages”, containment, remediation, and monitoring”, to minimize risk and restore secure access. Users should follow each stage in order, beginning with containment to block further exposure, proceeding to remediation to reset passwords…
-
AI is altering entry-level cyber hiring, and the nature of the skills gap
The certification trap and broken pipelines: Other experts argued that an over reliance on CVs and certifications is one of the biggest barriers to hiring success in cybersecurity because it acts to shut out otherwise qualified candidates.”Despite bringing valuable experience and perspectives, people with 10 years of work experience are put off because there is…
-
Malicious PyPI Packages Deliver SilentSync RAT
IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
-
Warning: Brute force attacks hitting SonicWall firewall configuration backups
Tags: attack, authentication, backup, breach, cloud, computer, computing, credentials, data, defense, encryption, firewall, Hardware, login, mfa, password, phishing, software, technology, threatWhat are brute force attacks?: Brute force attacks use trial and error to crack passwords, login credentials, and encryption keys. They’ve been around since the beginning of the computer age, yet are still effective. Why? In part because people still use easily guessable passwords like ‘1234’, or their company’s name, or default passwords left on…
-
New Raven Stealer Malware Hits Browsers for Passwords and Payment Data
New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it’s a growing risk for everyday users. First seen on hackread.com Jump to article: hackread.com/raven-stealer-malware-browsers-passwords-payment-data/
-
Warum SelfPassword-Resets heutzutage unverzichtbar sind
Passwörter sind die am häufigsten genutzten, aber auch anfälligsten Authentifizierungsfaktoren in Unternehmen. Daher ist es auch nicht verwunderlich, dass ein erheblicher Anteil aller Helpdesk-Anfragen auf vergessene oder abgelaufene Passwörter zurückzuführen ist. Für IT-Abteilungen bedeutet das nicht nur eine dauerhafte Belastung durch Routineaufgaben, sondern auch die Bindung wertvoller Ressourcen, die an anderer Stelle dringend benötigt werden.…
-
CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy
Tags: ai, api, ciso, control, crowdstrike, cybersecurity, data, data-breach, detection, marketplace, password, risk, service, soc, trainingCrowdStrike’s Agentic Security Platform: CrowdStrike developed its Agentic Security Platform precisely to help organizations keep pace with increasingly AI-equipped adversaries. “The increasing speed of the adversary, the increasing use of generative AI means from a defensive standpoint, we want to leverage these technologies as well to match and hopefully exceed the speed and efficiency of…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…