Authentication, Document, Information Security and Passwords

Removing Passwords, Without Compromising Security

Duo's Security Blog

JANUARY 26, 2024

In today’s complex IT landscape, one of the biggest problems faced by a Chief Information Security Officer (CISO) and their IT security team are forgotten and stolen passwords. On average, employees lose 11 hours per year resetting passwords and an average company spends ~$5M per year on setting and resetting passwords.

Passwords

Passwords Authentication Mobile CISO

Threat actors hacked the Dropbox Sign production environment

Security Affairs

MAY 2, 2024

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached the production infrastructure of the DropBox Sign eSignature service and gained access to customer information and authentication data.

Hacking

Hacking Authentication Passwords Accountability

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Subject lines included “your document” and “photo of you???”. ” To defend against ransomware campaign like this one, NJCCIC provided the following recommendations: Security Awareness Training : Engage in security awareness training to enhance defense mechanisms and recognize potential signs of malicious communications. .”

Phishing

Phishing Ransomware Security Awareness Authentication

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

FEBRUARY 12, 2024

Once they’re in, they can grab your emails, usernames, passwords, and more. They might even lock you out of your own accounts by resetting your passwords. Avoid entering any data if you see a warning message about a site’s authenticity. Most browsers will alert you if a site isn’t secure.

DNS

DNS VPN Encryption Passwords

The Rise of Passkeys

Duo's Security Blog

FEBRUARY 13, 2024

Then, in turn, they can digitally sign that message and use that secret to set up an encrypted session to send it back and then both parties can communicate bidirectionally securely. So, we began with the use of passwords. Using concepts from Public Key Cryptography WebAuthn was born to verify identity securely.

eCommerce

eCommerce Authentication Encryption Passwords

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

The company also confirmed that the attack did not affect the availability or operation of their nbn® or mobile services. “We can confirm that no credit or debit card numbers have been compromised, as we do not store this information. ” reads the statement published by the company. ”continues the statement.

Data breaches

Data breaches Telecommunications Banking Mobile

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

The experts pointed out that the exploiting the vulnerabilities requires user authentication, as well as deep knowledge of the proprietary protocol of CODESYS V3 and the structure of the different services that the protocol uses. Codesys published an advisory for these flaws, the document is available here.

Authentication

Authentication Firmware Hacking Passwords

Microsoft publishes mitigations for the PetitPotam attack

Security Affairs

JULY 26, 2021

Microsoft published mitigations for the recently discovered PetitPotam attack that allows attackers to force remote Windows machines to share their password hashes. The NTLM authentication hash can be used to carry out a relay attack or can be lately cracked to obtain the victim’s password. ” reads the advisory.

Authentication

Authentication Passwords Encryption Hacking

The importance of computer identity in network communications: how to protect it and prevent its theft

Security Affairs

DECEMBER 9, 2020

The confidentiality of information in internet communications. Internet communications use the protocol called TCP/IP (Transmission Control Protocol/Internet Protocol), which allows information to be transmitted from one computer to another through a series of intermediate computers and networks. Mutual authentication of interlocutors.

Authentication

Authentication Encryption Passwords Social Engineering

Trusted relationship attacks: trust, but verify

SecureList

MAY 28, 2024

But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. Access is set up using a certificate or a login/password pair, and in rare cases multi-factor authentication is added. Rounding out the top three is targeted phishing.

VPN

VPN Accountability Passwords Antivirus

PCI v4 is coming. Are you ready?

Pen Test Partners

SEPTEMBER 13, 2023

Justification must be documented within the newly added Appendix E (Customized Approach Template). Section 3 Sensitive authentication data must now be encrypted or protected if stored before authorization. Organisations will need an inventory of all known scripts used within these pages and it must be documented and tracked.

Authentication

Authentication Passwords Media Encryption

DEV-1101 AiTM phishing kit is fueling large-scale phishing campaigns

Security Affairs

MARCH 14, 2023

AiTM phishing allows threat actors to circumvent multifactor authentication (MFA) through reverse-proxy functionality. The proxy server allows attackers to access the traffic and capture the target’s password and the session cookie. but not before urging the victim to complete a CAPTCHA step. ” Microsoft said.

Phishing

Phishing Cybercrime Authentication Mobile

How to keep cloud storage secure and safe

CyberSecurity Insiders

SEPTEMBER 7, 2022

As the adoption of cloud storage is growing, it is becoming easy to carry documents, passwords, movies, images, music, etc. Though it is convenient for us, data upload to a third-party platform might fetch some security risks that are as follows. So, here are a few tips that could help in keeping data safe on cloud-.

Passwords

Passwords Accountability Mobile Encryption

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

Spurred into action by the invasion of Ukraine, Spielerkid89 decided to investigate whether he could find Russian IPs with disabled authentication to fool with. By using the Shodan search engine, Spielerkid89 soon discovered an open virtual network computing (VNC) port with disabled authentication.

Authentication

Authentication Cyber Attacks System Administration Internet

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

Security Affairs

JUNE 21, 2021

The group published the link to 13 password-protected archives, allegedly containing sensitive data stolen from the chipmaker. Attention Password for the Archives: XXXXXXXXXXX#1JLDiw8″ reads the post published by the group on its leak site. !!Inside Only use secure networks and avoid using public Wi-Fi networks.

Ransomware

Ransomware Passwords VPN Authentication

19 petabytes of data exposed across 29,000+ unprotected databases

Security Affairs

MAY 7, 2021

Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, all easily searchable and conveniently stored in one place. What were we looking at?

Passwords

Passwords Authentication Identity Theft Engineering

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

In the case investigated by the Spanish authorities, the cybercriminal obtained personal information and bank details of the victims through malicious messages in which they posed as their bank. Do not provide your mobile number account information over the phone to representatives that request your account password or pin.

Banking

Banking Accountability Mobile Cryptocurrency

CERT-UA warns of malspam attacks distributing the Jester info stealer

Security Affairs

MAY 9, 2022

Upon opening the Office documents and activating the embedded macro, the infection process starts. “The government’s team for responding to computer emergencies in Ukraine CERT-UA revealed the fact of mass distribution of e-mails on the topic of “chemical attack” and a link to an XLS-document with a macro.”

Password Management

Password Management VPN Cryptocurrency Government

Personal data of 1.3 million Clubhouse users leaked online

Security Affairs

APRIL 11, 2021

The experts reported their findings to the company, but at the time of this writing, Clubhouse has yet to confirm the authenticity of the exposed data. Enable two-factor authentication (2FA) on all your online accounts. Using a strong and unique password for each web service, a password manager could help you.

Identity Theft

Identity Theft Phishing Password Management Media

Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple

Security Affairs

OCTOBER 26, 2020

develops commercial software used to create, edit, sign, and secure Portable Document Format (PDF) files and digital documents. According to the following the security advisory issued by the software maker and unauthorized third party gained limited access to a company database. M&A documents.

Data breaches

Data breaches Advertising Software Accountability

COVID-19 – Phishing attacks target employees that come back to the office

Security Affairs

MAY 30, 2021

The emails were crafted to steal company and personal credentials, they include a link to a fake Microsoft SharePoint page with two documents that outline new business operations. Upon clicking on the documents, victims have displayed a login panel that prompts them to provide login credentials to access the files.

Phishing

Phishing Authentication Government Accountability

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Security Affairs

MARCH 5, 2022

One of the most clamorous leaks announced this leak is related to documents allegedly stolen from Russian troops that demonstrate the planning of Moscow for this war. At the moment it has not been possible to verify the authenticity of the published documents, therefore the reliability of the source remains difficult to verify.”

Hacking

Hacking Government Banking Media

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Security Affairs

DECEMBER 6, 2020

The files published by the ransomware gang on the leak site include internal projects, business documents, and various aerospace and defense industry standards. After Kopter refused to pay the ransom, LockBit ransomware operators published the stolen files on their leak site on the dark web. Source ZDNet. ” reported ZDNet. .

Ransomware

Ransomware VPN Encryption Authentication

Nude photo theft offers lessons in selfie security

Malwarebytes

FEBRUARY 12, 2021

The prosecution documents [PDF] make for some eye-opening reading. To gain access to the email accounts, he appears to have reset account passwords by correctly guessing password reset questions. He also used lists of compromised passwords to break into one account, and discussed social engineering tricks related to Snapchat.

Identity Theft

Identity Theft Social Engineering Passwords Accountability

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

Russian state-sponsored cyber actors successfully exploited the vulnerability while targeting an NGO using Cisco’s Duo MFA, enabling access to cloud and email accounts for document exfiltration. Require all accounts with password logins (e.g., service account, admin accounts, and domain admin accounts) to have strong, unique passwords.

Accountability

Accountability Passwords Authentication Firmware

Unsecured AWS bucket exposes over 750,000 birth certificate applications

Security Affairs

DECEMBER 11, 2019

Penetration testing firm Fidus Information Security discovered over 752,000 birth certificate applications that have been exposed online due to an unsecured AWS bucket. . “The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.”

Penetration Testing

Penetration Testing Advertising Authentication Passwords

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. For further information, see our blog post: [link] — Security Response (@msftsecresponse) October 29, 2020.

Authentication

Authentication Advertising Architecture Cybercrime

Researcher compromised the Toyota Supplier Management Network

Security Affairs

FEBRUARY 8, 2023

A JSON Web Token (JWT) is a sort of session token that represents a user’s valid authenticated session on a website. The expert gained access to information on over 14,000 user accounts, information related to all available projects, surveys, and classified documents.

System Administration

System Administration Accountability Passwords Hacking

Expert releases Metasploit modules for Cisco UCS flaws

Security Affairs

AUGUST 29, 2019

. “Due to several coding errors, it is possible for an unauthenticated remote attacker with no privileges to bypass authentication and abuse a password change function to inject arbitrary commands and execute code as root. ” reads the security advisory published by Cisco. ” wrote the expert.

Big data

Big data Authentication Passwords Accountability

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

The Ukrainian Security Service shared indicators of compromise for this attack on the platform “MISP-UA” Below the recommendations by the CERT: Recommendations: Do not download encrypted archives or password archives from the Internet. The SEI EB is used by the Ukrainian government agencies to share documents.

Phishing

Phishing Government Antivirus Passwords

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Security Affairs

AUGUST 26, 2021

Threat actors are targeting Pulse Connect Secure VPN devices exploiting multiple flaws, including CVE-2021-22893 and CVE-2021-22937. CVE-2021-22893 is a buffer overflow issue in Pulse Connect Secure Collaboration Suite prior b9.1R11.4 One file is designed to intercept certificate-based multi-factor authentication.

Malware

Malware VPN Authentication Hacking

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

JUNE 29, 2019

Of those, one contained a large collection of internal business documents. “Backups of employees’ OneDrive accounts were also present and spanned the wide range of information that employees need to perform their jobs: email correspondence, system passwords, sales and marketing contact information, project specifications, and more.”

Banking

Banking Backups Big data Advertising

How Secure Are Your Business’s Communication Methods?

CyberSecurity Insiders

NOVEMBER 19, 2022

Businesses must train employees to use strong passwords and change them as often as possible. They should also use two-factor authentication to prevent hackers from gaining email access. Whether it’s a video or a word document, employees need to guarantee confidentiality and security when transferring and storing files.

Encryption

Encryption Risk Data breaches Technology

Foreign hackers breached Russian federal agencies, said FSB

Security Affairs

MAY 22, 2021

. “The main goal of the hackers was to completely compromise the IT infrastructure and steal confidential information, including documents from closed segments and mail correspondence of key federal executive authorities.” “Webdav-O is another malware that has never been described before.

Computers and Electronics

Computers and Electronics Malware Antivirus Government

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Security Affairs

AUGUST 13, 2023

CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5) CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5) CVE-2023-3260: OS Command Injection (Authenticated RCE; CVSS 7.2) CVE-2023-3263: Authentication Bypass by Alternate Name (Auth Bypass; CVSS 7.5)

Hacking

Hacking Firmware Authentication Software

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Security Affairs

APRIL 8, 2021

Brute-forcing the passwords of LinkedIn profiles and email addresses. The leaked files appear to only contain LinkedIn profile information – we did not find any deeply sensitive data like credit card details or legal documents in the sample posted by the threat actor. Change the password of your LinkedIn and email accounts.

Identity Theft

Identity Theft Passwords Social Engineering Phishing

‘Land Lordz’ Service Powers Airbnb Scams

Krebs on Security

APRIL 14, 2019

The fake site simply forwards all requests on this page to Airbnb.com, and records any usernames and passwords submitted through the site. Shanon: My partner wants to see the place before we send money over as we done this last time and someone scammed us I ain’t saying your not legit as you have send documents with details on name etc.

Scams

Scams Advertising Accountability Phishing

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

The malware landing page is disguised as a software download URL that was sent via email or a PDF on Google Drive, or via Google documents containing the phishing links. “Most of the observed malware was capable of stealing both user passwords and cookies.

Accountability

Accountability Malware Phishing Social Engineering

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

This list was originally compiled as a standard awareness document for developers and web application security practitioners. It represents a broad consensus about the most critical security risks to APIs. This plan document is the perfect addition to an existing governance policy. Maps to API1-API10.

Software

Software Authentication Risk Encryption

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

. “The current data leak includes snapshots of highly sensitive bank-related documents of the company such as account transaction details, vouchers, letters sent to bank managers, and much more.” In January, Citrix announced then permanent fixes for the above remote code execution vulnerability.

Hacking

Hacking Ransomware Banking Mobile

Mysterious custom malware used to steal 1.2TB of data from million PCs

Security Affairs

JUNE 11, 2021

Most of the stolen files (50%+) were text files, some of them containing software logs, passwords, personal notes, and other sensitive information. Experts found over 650,000 Word documents and.pdf files in the archive. More than 1 million images have been stolen by the malware, including 696,000.png png and 224,000.jpg

Malware

Malware Computers and Electronics Software Financial Services

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

. “On January 30th I discovered a non-password protected database that contained a massive amount of records totaling 440,336,852. “I could see audit logs that contained a large number of email addresses in each document. The archive included audit logs containing a large number of email addresses in each document. .

Advertising

Advertising Retail Manufacturing Malware

Social marketplace Trustanduse exposes nearly half a million users

Security Affairs

JANUARY 12, 2023

The discovered database included sensitive data such as usernames, full personal names, Facebook IDs, phone numbers, and passwords hashed with the BCrypt algorithm, which is considered safe. Security question should not be overlooked’. The company was founded in 2016 and is based in Athens.

Media

Media Accountability Authentication Internet

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall

Firewall Passwords VPN Authentication

Removing Passwords, Without Compromising Security

Threat actors hacked the Dropbox Sign production environment

Webinars

Trending Sources

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Webinars

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

The Rise of Passkeys

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Microsoft publishes mitigations for the PetitPotam attack

The importance of computer identity in network communications: how to protect it and prevent its theft

Trusted relationship attacks: trust, but verify

PCI v4 is coming. Are you ready?

DEV-1101 AiTM phishing kit is fueling large-scale phishing campaigns

How to keep cloud storage secure and safe

Hacker breaches key Russian ministry in blink of an eye

Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

19 petabytes of data exposed across 29,000+ unprotected databases

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

CERT-UA warns of malspam attacks distributing the Jester info stealer

Personal data of 1.3 million Clubhouse users leaked online

Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple

COVID-19 – Phishing attacks target employees that come back to the office

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Nude photo theft offers lessons in selfie security

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Unsecured AWS bucket exposes over 750,000 birth certificate applications

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Researcher compromised the Toyota Supplier Management Network

Expert releases Metasploit modules for Cisco UCS flaws

Russia behind a massive spear-phishing campaign that hit Ukraine

CISA publishes malware analysis reports on samples targeting Pulse Secure devices

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

How Secure Are Your Business’s Communication Methods?

Foreign hackers breached Russian federal agencies, said FSB

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

‘Land Lordz’ Service Powers Airbnb Scams

YouTube creators’ accounts hijacked with cookie-stealing malware

10 Reasons to Trust Your Enterprise APIs

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Mysterious custom malware used to steal 1.2TB of data from million PCs

440M records found online in unprotected database belonging to Estée Lauder

Social marketplace Trustanduse exposes nearly half a million users

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Stay Connected