credentials
Hang up the Phone: MFA’s Insecure Reliance on SMS
It’s hard enough to get people to use multi-factor authentication (MFA)—you know, something you know, you have and you are. Most websites, email accounts and other devices are secured (if at all) ...
Credential Theft on the Rise, in Part Due to Remote Work
Credential theft has been on the rise in recent years; more than 80% of hacks are the result of credential theft (most of it coming from successful phishing attempts), according to the ...
The Pandemic of Credential-based Cyberattacks
The first half of 2020 is barely in the history books, and it is safe to assume that most business leaders are eager to close this chapter. Globally, there remains plenty of ...
F5 BIG-IP Exploit, WiFi Router Security Updates, Password Reuse
In episode 129 for July 13th 2020: Impact of the F5-BIG-IP critical vulnerability, security updates and your WiFi router, and details about new research that shows how billions of compromised credentials are ...
Fake Outlook Credential Upgrade Campaign Phishes for Employee Credentials
Bad actors are using a message disguised as an official notification from the Outlook team to trick people into entering their credentials into a phishing website, leaking them in the process and ...
Billions of Leaked Credentials Available on the Dark Web
Researchers have found over 15 billion credentials from more than 100,000 data breaches on the dark web, including access to everything from streaming services to banking accounts and financial services. Despite what ...
Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials
A phishing attack is using VPN impersonation to trick people into revealing their Microsoft Office 365 credentials. With so many people working from home, VPN use has increased considerably. Most companies rely ...
European Cyber Units Dismantle InfinityBlack Hacking Group in Poland
InfinityBlack, a hacking group based in Poland and Switzerland, was taken down by Polish and Swiss law enforcement after the arrest of five alleged active members. InfinityBlack has a very specific operating ...
The Linux Foundation Takes on Digital Trust With ToIP Foundation
The Linux Foundation announced it will host the Trust over IP (ToIP) Foundation, an independent project to enable trustworthy exchange and verification of data between any two parties on the internet in ...
Zoom Phishing Campaign Tricks People into Revealing Login Credentials
A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways. The practice of Zoom-bombing is ...
