Dec 13, 2024Ravie LakshmananCyber Attack / Malware A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers … [Read more...] about 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
credentials
Credentials and API Keys Leaking Online
Dec 12, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. "Prometheus servers or exporters, often lacking proper authentication, … [Read more...] about Credentials and API Keys Leaking Online
Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
Nov 25, 2024Ravie LakshmananMobile Security / Privacy Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the … [Read more...] about Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the … [Read more...] about DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and … [Read more...] about Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an … [Read more...] about Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain … [Read more...] about Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
Aug 16, 2024Ravie LakshmananDark Web / Data Breach A 27-year-old Russian national has been sentenced to over three years in prison in the U.S. for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia, pleaded guilty to one count of … [Read more...] about Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Jul 27, 2024NewsroomCybersecurity / Cloud Security Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It … [Read more...] about Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials
Feb 06, 2024NewsroomSocial Engineering / Malvertising Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. "This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors," Trustwave … [Read more...] about Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials