Authentication, Cryptocurrency, Passwords and Web Fraud

Authentication

Cryptocurrency

Passwords

Web Fraud

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. Coinbase is the world’s second-largest cryptocurrency exchange, with roughly 68 million users from over 100 countries. million Italians.

Passwords

Passwords Phishing Accountability Mobile

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking

Hacking Social Engineering Phishing Scams

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords

Passwords Encryption Password Management Cryptocurrency

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another.

Passwords

Passwords Password Management Phishing Scams

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

However, far more interesting is their program for rewarding people who choose to sell Kopeechka usernames and passwords for working email addresses. com, a website that mimics the legitimate Scamdoc.com site for measuring the trustworthiness and authenticity of various sites. com site,” the Trend researchers wrote.

Accountability

Accountability Scams Cryptocurrency Advertising

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile

Mobile Cryptocurrency Accountability Passwords

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

Kodex’s first big client was cryptocurrency giant Coinbase , which confirmed their partnership but otherwise declined to comment for this story. In other cases, hackers will try to guess the passwords of police department email systems.

Mobile

Mobile Government Media Technology

Cyber Security Informer

How Coinbase Phishers Steal One-Time Passwords

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Webinars

Trending Sources

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Webinars

How 1-Time Passcodes Became a Corporate Liability

When Low-Tech Hacks Cause High-Impact Breaches

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

The Life Cycle of a Breached Database

Service Rents Email Addresses for Account Signups

Busting SIM Swappers and SIM Swap Myths

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Stay Connected