infostealer
Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy
Richi Jennings | | authentication credentials, Compromised Credential, compromised credentials, compromised credentials monitoring, credential, Credential Compromise, credential database, Credential Dumping, credential harvesting, credential hijacking, credential loss, Credential Monitoring, credential stealing, credential stuffing, credential stuffing attack, Credential Stuffing Attacks, credentialstuffing, haveibeenpwned, HaveIBeenPwned.com, HIBPwned, info stealer, information stealer, infostealer, infostealers, malicious apps that steal passwords, Naz.API, password stuffing, SB Blogwatch, stuffingattacks, Troy Hunt
Have I been pwned? Yes, you probably have. Stop reusing passwords, already. Here’s what else you should do ...
Security Boulevard
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard
Concerns About Infostealer Malware on the Rise
A SpyCloud report found more than half of respondents are extremely concerned about their ability to thwart attacks that exfiltrate authentication data ...
Security Boulevard
Infostealer Malware Threat Grows as MFA Fatigue Attacks Spread
Information stealer malware flourished on underground criminal networks in 2022, along with a rise in multifactor authentication (MFA) fatigue attacks, according to research from Accenture’s Cyber Threat Intelligence team. Infostealers are malicious software ...
Security Boulevard
Digital artists targeted in RedLine infostealer campaign
2021-06-17: updated with information from Twitter user ARC In this post, we'll look at a campaign, that targeted multiple 3D or digital artists using NFT, with malware named RedLine. This malware is ...
Sextortion scam with a twist lures friends into opening malicious attachments
In a peculiar take on the traditional sextortion scam, bad actors have started threatening to distribute stolen nude pics of your friend’s girlfriend. The novel campaign targets the friends of an already ...
Phishing Campaign Used Subpoena-Themed Email to Deliver Infostealer
David Bisson | | email, infostealer, IT Security and Data Protection, Latest Security News, Phishing
Digital fraudsters launched a new phishing campaign that used subpoena-themed emails to deliver information-stealing malware. Detected by Cofense, the campaign targeted employees of insurance and retail companies with phishing emails informing them ...
Separ Infostealer Using “Living off the Land” Tactics to Target Businesses
The Separ infostealer is using what’s known as “Living off the Land” tactics to target businesses as part of an ongoing attack campaign. Digital security company Deep Instinct detected the campaign and ...