Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” “ Sanixer “) from the Ivano-Frankivsk region of the country.

Passwords 363

Passwords Accountability Hacking Password Management 363

IT Security Guru

OCTOBER 26, 2023

Enter Two-Factor Authentication, or 2FA for short. Here’s a shocking stat: according to the Verizon Data Breach Investigations Report , 81% of hacking-related breaches leverage either stolen or weak passwords. Always use VPN for your safety to protect your data from prying eyes. What Exactly is 2FA?

Authentication 132

Authentication Passwords Mobile Identity Theft 132

Zero Day

JUNE 6, 2025

Also: Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more Individually, any one of those pieces of data can be exploited by the wrong people. The records are being linked to the same ones compromised by cybercriminals in a data breach that AT&T announced in July of 2024.

Password Management 128

Password Management Passwords Artificial Intelligence Software 128

Webroot

JUNE 17, 2025

Research shows that the travel and tourism sector ranked third in cyberattacks, with nearly 31% of hospitality organizations experiencing a data breach and a record 340 million people affected by cybercrimes. Fewer than 1 in 3 travelers (31%) protect their data with a virtual private network (VPN) when traveling internationally.

VPN 82

VPN Scams Computers and Electronics Phishing 82

Malwarebytes

NOVEMBER 6, 2024

Lock things down Having a strict policy to protect your important assets with strong passwords and multi-factor authentication (MFA) should be a no-brainer. Use a firewall and VPN A firewall protects an entry point to a network while a VPN creates an encrypted tunnel between two networks.

Small Business 99

Small Business Backups Firewall VPN 99

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 175

Accountability VPN Software Antivirus 175

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. “These guys were not leet , just damn persistent.”

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

Security Affairs

JUNE 2, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 126

Data breaches VPN Cloud Migration Cybercrime 126

Adam Levin

FEBRUARY 7, 2019

While the personal data of 4,557 students, or 2,800 Girl Scouts , or 3,000 Minnesotans might pale in comparison to the steady flow of mega breaches from the likes of Equifax or Collection #1-5, but any of them have the ability to effectively sink a business financially.

Data breaches 168

Data breaches Passwords VPN Risk 168

SecureWorld News

JUNE 3, 2024

It did not contain sensitive data. The access was possible because the demo account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake's corporate and production systems. A better solution is to move towards passwordless authentication wherever possible. MFA as a user experience is far from perfect.

Data breaches 106

Data breaches Authentication Accountability Passwords 106

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Krebs on Security

JULY 10, 2022

“I was able to answer the credit report questions successfully, which authenticated me to their system,” Turner said. That’s because Experian does not offer any type of multi-factor authentication options on consumer accounts. But now he’s wondering what else he could do to prevent another account compromise.

Accountability 338

Accountability Passwords Authentication Password Management 338

Security Affairs

FEBRUARY 16, 2024

The threat actor compromised network administrator credentials through the account of a former employee that was used to successfully authenticate to an internal virtual private network (VPN) access point. The threat actor likely obtained the employee’s account credentials from a third-party data breach.

Government 144

Government VPN Accountability Authentication 144

Cisco Security

AUGUST 4, 2021

Zero Trust principles help protect against identity and access-based security risks by requiring all users, whether inside or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture checks before granted access to applications and data. LinkedIn.

Authentication 145

Authentication Architecture Passwords Cyber Risk 145

Security Affairs

AUGUST 12, 2024

OpenVPN is an open-source software that provides a secure and flexible way to establish a Virtual Private Network (VPN) connection. Attackers can exploit the flaws to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.

Data breaches 137

Data breaches Authentication VPN Hacking 137

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 80

Authentication Ransomware VPN Passwords 80

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 141

VPN Accountability Firewall Data breaches 141

Adam Levin

NOVEMBER 15, 2019

News that Virtual Private Network ( VPN ) provider NordVPN was breached spread quickly. While the breach of a major VPN service is newsworthy, this one wasn’t particularly. But one of the watchwords of good cyber hygiene, a VPN, was breached. Who Is Using VPNs? SMB vs. Enterprise.

VPN 114

VPN Cybersecurity Firewall Data breaches 114

Security Affairs

OCTOBER 21, 2023

Okta says that threat actors broke into its support case management system and stole authentication data, including cookies and session tokens, that can be abused in future attacks to impersonate valide users. HAR files can also contain sensitive data, including authentication information. ” concludes the advisory.

Social Engineering 137

Social Engineering Data breaches Authentication VPN 137

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 73

Cybercrime Artificial Intelligence Hacking VPN 73

Security Boulevard

FEBRUARY 17, 2025

The more accounts you have, the bigger your attack surface and potential exposure to data breaches. Privacy Services Mullvad has partnered with Obscura VPN Mullvad Mullvad announces its partnership with ObscuraVPN; Mullvad WireGuard VPN servers can be used as the exit hop for the two-party VPN service offered by ObscuraVPN.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Trick or Treat: The Choice is Yours with Multifactor Authentication. Whether you want the ‘trick’ of a malevolent threat actor infiltrating your network by exploiting a compromised password or the ‘treat’ from the peace of mind associated with multifactor authentication, the choice is yours. Fri, 10/29/2021 - 05:29.

Authentication 71

Authentication Passwords VPN Accountability 71

Zero Day

JUNE 20, 2025

Here are the facts and how to protect yourself Wondering if your information is posted online from a data breach? PT Moor Studio/Getty With so much news about data breaches, you have to be careful not to panic each time you hear of a new one. Here's how to check if your accounts are at risk and what to do next.

56

56

Duo's Security Blog

DECEMBER 12, 2023

Certain risks may expose critical infrastructure to cyberattacks, enabling malicious actors to gain unauthorized access to critical business information and potentially causing large-scale data breaches. In fact, IBM's 2023 Cost of a Data Breach Report found that 82% of data breaches involved data stored in the cloud.

Data breaches 125

Data breaches Authentication Passwords Risk 125

Security Affairs

JANUARY 13, 2024

” The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. Rapid7 researchers, they noticed that threat activity targeting Cisco ASA SSL VPN appliances dates back to at least March 2023.

Ransomware 137

Ransomware Backups VPN Authentication 137

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 133

VPN Cybercrime Ransomware Hacking 133

Webroot

OCTOBER 17, 2024

According to the Identity Theft Resource Center, there were 3,205 data compromises in 2023. A data compromise can consist of any of the following: Data breach : Unauthorized access to your confidential information (i.e. many of which resulted in consumer data exposure. That’s a 20% increase over the previous year.

VPN 119

VPN Identity Theft Passwords Scams 119

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 71

Spyware Firewall Artificial Intelligence Malware 71

Duo's Security Blog

JUNE 2, 2021

This report Bridging Healthcare Security Gaps: Better Authentication Improves Controls aims to bring clarity and solutions to these security gaps. In this report you will learn: About zero trust and how multi-factor authentication meets the HIPPA requirements for a third factor of authentication.

Healthcare 119

Healthcare CISO Authentication VPN 119

Duo's Security Blog

FEBRUARY 16, 2022

Retail’s great “digital transformation” sped up, as did the number of data breaches impacting retail. The costs that follow a data breach are trending upward year over year. Data breach costs rose from $3.86 million, according to IBM and the Ponemon Institute’s Cost of Data Breach Report 2021.

Retail 105

Retail Cybersecurity Data breaches Passwords 105

Pen Test Partners

AUGUST 29, 2024

Multi-factor authentication (MFA) : MFA requires multiple forms of identification, adding an extra layer of security. Secure networks : Avoid using untrusted public Wi-Fi to access social media accounts, instead, use mobile data. You absolutely should secure your password manager with Multi-Factor Authentication (MFA).

Media 115

Media Accountability Password Management Passwords 115

Security Affairs

JANUARY 13, 2024

” The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. Rapid7 researchers, they noticed that threat activity targeting Cisco ASA SSL VPN appliances dates back to at least March 2023.

Ransomware 124

Ransomware Backups VPN Authentication 124

CyberSecurity Insiders

APRIL 16, 2021

Organizations with weak cybersecurity have been severely punished with cyber-attacks, data breaches, and huge losses in the past. According to Varonis and RiskBased, over 4 billion records were illegally accessed through data breaches in 2019. Security through a VPN. Password managers and two-factor authentication.

Cybersecurity 106

Cybersecurity Password Management Passwords Encryption 106

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 106

Data breaches Social Engineering Ransomware Malware 106

eSecurity Planet

SEPTEMBER 5, 2024

A VPN (Virtual Private Network) routes your internet traffic through an encrypted tunnel, shielding your data from hackers and ensuring your online activities remain private and secure. A VPN can provide the solution if you want to safeguard your personal information, bypass geo-restrictions, or maintain anonymity online.

VPN 57

VPN Encryption Internet Internet 57

Tech Republic Security

JULY 18, 2023

Use this comprehensive list of strategies to help you safeguard your company's data from threats and data breaches.

Data breaches 148

Data breaches Big data Password Management Antivirus 148

Identity IQ

JULY 8, 2024

RockYou2024: Nearly 10 Billion Passwords Exposed in Data Leak IdentityIQ In a cybersecurity incident that has sent shockwaves through the online community, nearly 10 billion unique passwords have been exposed in the “RockYou2024” data breach. billion passwords. The additional 1.5

Passwords 104

Passwords Identity Theft Data breaches Password Management 104