Feb 01, 2023Ravie LakshmananEnterprise Security / Authentication Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were … [Read more...] about Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
accounts
Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts
GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The Microsoft-owned code hosting service said it learned of the attack on September 16, 2022, adding the campaign impacted "many victim organizations." The fraudulent … [Read more...] about Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group (TAG), the actively in-development malicious software is said to have been used against less than two dozen accounts in Iran, with the … [Read more...] about Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The trojans, which Doctor Web first came across in July 2022, were discovered in the system partition of at least four different smartphones: P48pro, radmi note 8, Note30u, and … [Read more...] about Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts
Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's systems, Twitter's systems would tell the person what Twitter account the submitted email addresses or phone number was associated … [Read more...] about Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts
Stop Putting Your Accounts At Risk, and Start Using a Password Manager
Image via KeeperRight Now, Get 30% Off Keeper, the Most Trusted Name in Password Management. In one way or another, almost every aspect of our lives is online, so it's no surprise that hackers target everything from email accounts to banks to smart home devices, looking for vulnerabilities to exploit. One of the easiest exploits is cracking a weak password. That's why using a … [Read more...] about Stop Putting Your Accounts At Risk, and Start Using a Password Manager
Scammers used phishing QR codes to hijack QQ accounts
Folks today are generally mostly aware that clicking links from questionable sources, for example in e-mails, isn’t a good idea. However, when it comes to scanning QR codes, people are often much less vigilant. In fact, QR codes can be even more dangerous: while you can check a link with your own eyes before clicking, that’s not the case with a QR code. So perhaps this story … [Read more...] about Scammers used phishing QR codes to hijack QQ accounts
Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
Spain's National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used … [Read more...] about Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
The BloodyStealer virus and gamer accounts on the dark web
In March this year, our experts discovered an ad on an underground forum for a piece of malware dubbed BloodyStealer by its creators. The ad states that it steals following data from infected devices: Passwords, cookies, bank card details, browser autofill data; Device data; Screenshots; Desktop and uTorrent client files; Bethesda, Epic Games, GOG, Origin, Steam, Telegram, and … [Read more...] about The BloodyStealer virus and gamer accounts on the dark web
Instagram Launches ‘Security Checkup’ to Help Users Recover Hacked Accounts
Instagram earlier this week introduced a new "Security Checkup" feature that aims to keep accounts safe and help users—whose accounts may have been compromised—to recover them. In order to gain access to accounts, users will be prompted to perform a series of steps, which include checking recent login activity, reviewing profile information, and updating contact details such as … [Read more...] about Instagram Launches ‘Security Checkup’ to Help Users Recover Hacked Accounts