Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware 238

Spyware Cyber threats Security Defenses Cyber Attacks 238

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. One of Scattered Spider’s first big victims in its 2022 SMS phishing spree was Twilio , a company that provides services for making and receiving text messages and phone calls.

Identity Theft 271

Identity Theft Phishing Cryptocurrency Accountability 271

Krebs on Security

APRIL 30, 2025

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

Identity Theft 197

Identity Theft Phishing Cryptocurrency Cybercrime 197

The Last Watchdog

DECEMBER 6, 2022

Much more effective authentication is needed to help protect our digital environment – and make user sessions smoother and much more secure. Underscoring this trend, Uber was recently hacked — through its authentication system. The best possible answer is coming from biometrics-based passwordless, continuous authentication.

Authentication 203

Authentication Healthcare Artificial Intelligence Passwords 203

The Last Watchdog

DECEMBER 16, 2021

In 2022 we expect to see more aggressive and complex ransomware efforts. If 2021 was the year that Zero Trust security reached mainstream IT — and it was — then 2022 will become the realization that it cannot be done without identity first. Central importance of identity. The ascendency of CISOs.

CISO 262

CISO Ransomware Risk Authentication 262

Krebs on Security

FEBRUARY 11, 2025

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

Artificial Intelligence 216

Artificial Intelligence Engineering Software Internet 216

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. That leaderboard currently lists Sosa as #24 (out of 100), and Tylerb at #65.

Hacking 345

Hacking Phishing Cybercrime Passwords 345

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. Editors note: This report was authored by Gautham Ashok & Alexa Feminella. Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Schneier on Security

DECEMBER 22, 2022

It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes.

Authentication 71

Authentication 71

Security Affairs

MAY 24, 2025

The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. “Implement basic cyber hygiene to include being suspicious, robust passwords, multifactor authentication, and installation of antivirus tools.” FBI warns Silent Ransom Group has targeted U.S.

Social Engineering 113

Social Engineering Antivirus Phishing Engineering 113

The Last Watchdog

MARCH 1, 2023

The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures. In fact, source code leaks caused major issues for many organizations in 2022. However, unlike passwords intended for a single user, secrets must be distributed.

Authentication 222

Authentication CISO Passwords Software 222

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 136

Data collection Authentication Hacking Government 136

Troy Hunt

AUGUST 30, 2023

Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing 362

Phishing Password Management Passwords Banking 362

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Hunt also verified the authenticity of the information included in the stolen archive. The exposed token had been available since December 2022 and was reportedly rotated multiple times since then.

Internet 128

Internet Internet Data breaches Authentication 128

Duo's Security Blog

NOVEMBER 1, 2022

In the 2022 Duo Trusted Access Report: Logins in a Dangerous Time , we examine the dramatic shift beyond discussions of password complexity to those where investing in multi-factor authentication (MFA) and passwordless technology are mandatory costs of doing business. of all authentications. Yet, they wait on the wire.

Authentication 144

Authentication Passwords CISO Accountability 144

Security Affairs

OCTOBER 18, 2022

Fortinet confirmed that many systems are still vulnerable to attacks exploiting the CVE-2022-40684 zero-day vulnerability. Fortinet is urging customers to address the recently discovered CVE-2022-40684 zero-day vulnerability. A proof-of-concept (PoC) exploit code for the CVE-2022-40684 flaw has been released online.

Authentication 143

Authentication Firewall Hacking Risk 143

Krebs on Security

NOVEMBER 11, 2023

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. 9, 2022 and Dec. So once again I sought to re-register as myself at Experian.

Accountability 340

Accountability Authentication Passwords Identity Theft 340

Security Affairs

JULY 4, 2024

Twilio states that threat actors have identified the phone numbers of users of its two-factor authentication app, Authy, TechCrunch reported. This week the messaging firm told TechCrunch that “threat actors” identified data of Authy users, a two-factor authentication app owned by Twilio, including their phone numbers.

Authentication 133

Authentication Social Engineering Phishing Accountability 133

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking 333

Hacking Social Engineering Phishing Scams 333

Security Affairs

OCTOBER 19, 2024

“This attack requires an authenticated client to click a link in order for an unauthenticated attacker to initiate remote code execution.” The researchers pointed out that despite IE’s end of support in June 2022, the vulnerability still impacted certain Windows applications. dll), allowing type confusion to occur.

Internet 142

Internet Internet Engineering Malware 142

SecureList

DECEMBER 19, 2022

The first one, later identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability that allows an authenticated attacker to remotely trigger the next vulnerability – CVE-2022-41082. After CVE-2022-41040 and CVE-2022-41082 were revealed, Microsoft provided mitigation guidance followed by a few updates.

Malware 145

Malware Passwords Authentication Internet 145

SecureList

MAY 16, 2023

Download the full version of the report (PDF) Kaspersky Incident Response in various regions and industries In 2022, 45.9% Key trends in 2022: initial attack vectors and impact In 2022, attackers most often penetrated organizations’ infrastructure by exploiting various vulnerabilities in public-facing applications (42.9%).

Ransomware 141

Ransomware Encryption Security Awareness Passwords 141

Security Affairs

JANUARY 31, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added an Apple improper authentication bug, tracked as CVE-2022-48618 , to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 133

Authentication Cybersecurity Risk Information Security 133

The Last Watchdog

JANUARY 15, 2025

Czech cybersecurity startup Wultra has raised 3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats. Prague, Czech Republic, Jan.

Banking 130

Banking Authentication Technology Marketing 130

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page.

Mobile 342

Mobile Phishing Authentication Accountability 342

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 359

Social Engineering Mobile Passwords Cybercrime 359

Security Affairs

MAY 5, 2025

Sansec identified these backdoors in the following packages which were published between 2019 and 2022.” ” Below are the backdoored extensions that were published between 2019 and 2022. In older versions (2019), this required no authentication, but newer versions require a secret key. ” continues the report.

eCommerce 94

eCommerce Hacking Authentication Software 94

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members.

Cybercrime 345

Cybercrime Passwords Authentication Malware 345

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. “ Annie.”

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

SecureWorld News

FEBRUARY 13, 2025

According to a 2023 study by Sumsub , deepfake fraud attempts increased by 704% between 2022 and 2023. Traditionally, attackers relied on phishing emails to impersonate executives, but deepfakes now enable fraudsters to conduct real-time video and voice calls that appear authentic.

Social Engineering 87

Social Engineering Authentication Identity Theft Education 87

SecureWorld News

JULY 12, 2024

On July 12, 2024, AT&T disclosed a data security incident that occurred in 2022. RELATED: Snowflake Data Breach Rocks Ticketmaster, Live Nation, and Others ] "Companies using Snowflake should immediately implement multi-factor authentication (MFA) to enhance security and protect sensitive data.

Data breaches 120

Data breaches Passwords Authentication Artificial Intelligence 120

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022. 11-12, 2022. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. .” technology companies during the summer of 2022.

Cryptocurrency 317

Cryptocurrency Ransomware Retail Government 317

Krebs on Security

JULY 12, 2024

AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed). For its part, Snowflake says it now requires all new customers to use multi-factor authentication. In a regulatory filing with the U.S.

Data breaches 347

Data breaches Passwords Authentication Accountability 347

Security Affairs

MARCH 10, 2025

The Qilin ransomware group has been active since at least 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare. The attackers breached the organization via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA).

Ransomware 118

Ransomware VPN Healthcare Malware 118

Krebs on Security

JANUARY 9, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. 27, 2022, Experian’s PR team acknowledged receipt of my Dec. It’s also worth mentioning that reports of hijacked Experian.com accounts persisted into late 2022. ” Sen.

Identity Theft 352

Identity Theft Accountability Authentication Web Fraud 352

Security Affairs

OCTOBER 15, 2022

Palo Alto Networks addressed a high-severity authentication bypass vulnerability affecting the PAN-OS 8.1 Palo Alto Networks released security patches to address a high-severity authentication bypass flaw, tracked as CVE-2022-0030 (CVSS score 8.1), impacting the PAN-OS 8.1 SecurityAffairs – hacking, CVE-2022-0030).

Firewall 145

Firewall Authentication Software Hacking 145

Security Affairs

JANUARY 25, 2025

The duo found Subaru’s admin panel hosted on a subdomain, allowing password resets for employee accounts without confirmation, bypassing two-factor authentication. Researchers used the valid employee email to reset the password, bypass two-factor authentication, and gain access to the panels functionality. ” wrote Curry.

Hacking 126

Hacking Accountability Passwords Authentication 126