Article, CSO, Data breaches and Passwords

Article

CSO

Data breaches

Passwords

Timeline of the latest LastPass data breaches

CSO Magazine

JANUARY 11, 2023

On November 30, 2022, password manager LastPass informed customers of a cybersecurity incident following unusual activity within a third-party cloud storage service. While LastPass claims that users’ passwords remain safely encrypted, it admitted that certain elements of customers’ information have been exposed.

Data breaches

Data breaches Password Management Passwords Encryption

Hacked home computer of engineer led to second LastPass data breach

CSO Magazine

FEBRUARY 28, 2023

Password management company LastPass, which was hit by two data breaches last year , has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November.

Data breaches

Data breaches Engineering Password Management Hacking

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

The password hall of shame (and 10 tips for better password security)

CSO Magazine

APRIL 15, 2021

Pop quiz: What has been the most popular — and therefore least secure — password every year since 2013? If you answered “password,” you’d be close. Qwerty” is another contender for the dubious distinction, but the champion is the most basic, obvious password imaginable: “123456.”

Passwords

Passwords Data breaches

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

GoDaddy WordPress data breach: A timeline

CSO Magazine

NOVEMBER 30, 2021

GoDaddy WordPress data breach timeline. Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.” To read this article in full, please click here million active and inactive customers.

Data breaches

Data breaches CISO Passwords

PayPal sued for negligence in data breach that affected 35,000 users

CSO Magazine

MARCH 6, 2023

A pending class action lawsuit accuses online payments giant PayPal of failing to adequately safeguard the personal information of its users, leaving them vulnerable to identity theft and related ills at the hands of the unidentified perpetrators of a data breach that occurred late last year.

Data breaches

Data breaches Identity Theft Passwords

How corporate data and secrets leak from GitHub repositories

CSO Magazine

OCTOBER 5, 2021

He wanted to leak an SSH username and password into a GitHub repository and see if any attacker might find it. The biggest eye-opener for me was how quickly it was exploited," he tells CSO. Check out this checklist for minimizing damage from a data breach. | Get the latest from CSO by signing up for our newsletters. ]

CSO

CSO Data breaches Passwords

Credential stuffing explained: How to prevent, detect, and defend against it

CSO Magazine

MAY 27, 2021

Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts. Billions of login credentials have landed in the hands of hackers over the past several years as a result of data breaches. Check out the password hall of shame (and 10 tips for better password security). |

CSO

CSO Passwords Data breaches Accountability

4 ways cybercriminals hide credential stuffing attacks

CSO Magazine

JANUARY 13, 2022

Credential stuffing is a cyberattack in which exposed usernames and passwords are used to gain fraudulent access to user accounts through large-scale, automated login requests. To read this article in full, please click here Attackers are asking: What does it look like to make a legitimate request? How can we emulate that?

CSO

CSO Data breaches Passwords Accountability

Cash App customer investment data hacked

CSO Magazine

APRIL 5, 2022

million past and present customers of its investment services, as names, brokerage portfolio values and account numbers were compromised in a data breach. To read this article in full, please click here In an SEC filing made on Monday, Cash App parent company Block, Inc., said that it was working to contact roughly 8.2

Hacking

Hacking Data breaches Passwords Accountability

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

CSO Magazine

OCTOBER 6, 2022

Password manager vendor Dashlane has announced updates to its suite of enterprise offerings. These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses.

Authentication

Authentication Small Business Password Management Passwords

Uber links cyberattack to LAPSUS$, says sensitive user data remains protected

CSO Magazine

SEPTEMBER 20, 2022

Uber has linked its recent cyberattack to an actor (or actors) affiliated with the notorious LAPSUS$ threat group, responsible for breaching the likes of Microsoft, Cisco, Samsung, Nvidia and Okta this year. The announcement came as the ride-hailing giant continues to investigate a network data breach that occurred on Thursday, September 15.

Data breaches

Data breaches Accountability Passwords Malware

Nvidia hackers release code-signing certificates that malware can abuse

CSO Magazine

MARCH 4, 2022

Nvidia confirmed it was the target of an intrusion and that the hackers took "employee passwords and some Nvidia proprietary information," but did not confirm the size of the data breach. What happened with the Nvidia data breach? To read this article in full, please click here

Malware

Malware Data breaches Firmware Passwords

Notification no-nos: What to avoid when alerting customers of a breach

SC Magazine

JUNE 11, 2021

Expectations around how corporate America responds to and communicates around data breaches has evolved significantly over the past two decades,” said T.J. When a data breach is discovered, the heat is on the IS/IT department(s) and, in many organizations, there is a culture of blame,” said Winick. Here is a sampling.

Data breaches

Data breaches Media Identity Theft CSO

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection

Threat Detection Authentication Accountability Data breaches

Cyber Security Informer

Timeline of the latest LastPass data breaches

Hacked home computer of engineer led to second LastPass data breach

Webinars

Trending Sources

The password hall of shame (and 10 tips for better password security)

Webinars

GoDaddy WordPress data breach: A timeline

PayPal sued for negligence in data breach that affected 35,000 users

How corporate data and secrets leak from GitHub repositories

Credential stuffing explained: How to prevent, detect, and defend against it

4 ways cybercriminals hide credential stuffing attacks

Cash App customer investment data hacked

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

Uber links cyberattack to LAPSUS$, says sensitive user data remains protected

Nvidia hackers release code-signing certificates that malware can abuse

Notification no-nos: What to avoid when alerting customers of a breach

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Stay Connected