CSO Magazine

MAY 27, 2021

Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts. Billions of login credentials have landed in the hands of hackers over the past several years as a result of data breaches. Check out the password hall of shame (and 10 tips for better password security). |

CSO 119

CSO Passwords Data breaches Accountability 119

Security Boulevard

OCTOBER 16, 2022

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […].

Passwords 52

Passwords CSO Hacking Accountability 52

CSO Magazine

JANUARY 13, 2022

Credential stuffing is a cyberattack in which exposed usernames and passwords are used to gain fraudulent access to user accounts through large-scale, automated login requests. Attackers are asking: What does it look like to make a legitimate request? How can we emulate that?

CSO 130

CSO Data breaches Passwords Accountability 130

Security Affairs

DECEMBER 21, 2022

.” The security breach was discovered by GitHub earlier this month when the company noticed suspicious access to Okta’s code repositories. “Upon investigation, we have concluded that such access was used to copy Okta code repositories,” writes David Bradbury, the Okta Chief Security Officer (CSO) in the mail.

Hacking 100

Hacking CSO Data breaches Engineering 100

CSO Magazine

APRIL 5, 2022

million past and present customers of its investment services, as names, brokerage portfolio values and account numbers were compromised in a data breach. In an SEC filing made on Monday, Cash App parent company Block, Inc., said that it was working to contact roughly 8.2

Hacking 118

Hacking Data breaches Passwords Accountability 118

CSO Magazine

OCTOBER 6, 2022

Password manager vendor Dashlane has announced updates to its suite of enterprise offerings. These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses.

Authentication 75

Authentication Small Business Password Management Passwords 75

CSO Magazine

SEPTEMBER 20, 2022

Uber has linked its recent cyberattack to an actor (or actors) affiliated with the notorious LAPSUS$ threat group, responsible for breaching the likes of Microsoft, Cisco, Samsung, Nvidia and Okta this year. The announcement came as the ride-hailing giant continues to investigate a network data breach that occurred on Thursday, September 15.

Data breaches 83

Data breaches Accountability Passwords Malware 83

CSO Magazine

MARCH 4, 2022

Nvidia confirmed it was the target of an intrusion and that the hackers took "employee passwords and some Nvidia proprietary information," but did not confirm the size of the data breach. What happened with the Nvidia data breach?

Malware 66

Malware Data breaches Firmware Passwords 66

SC Magazine

JUNE 11, 2021

Expectations around how corporate America responds to and communicates around data breaches has evolved significantly over the past two decades,” said T.J. When a data breach is discovered, the heat is on the IS/IT department(s) and, in many organizations, there is a culture of blame,” said Winick. Here is a sampling.

Data breaches 101

Data breaches Media Identity Theft CSO 101

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 133

Threat Detection Authentication Accountability Data breaches 133

SC Magazine

MARCH 10, 2021

For example: passwords being typed or posted, specific motions or commands used to activate control systems to open or unlock doors, etc.”. Odds are more than one was breached here,” said Davisson. “I At the very least, there should have been some form of multi-factor authentication or password vault to protect the [server] account.

Surveillance 129

Surveillance IoT Accountability Passwords 129

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. ICYMI, Equifax forced to pull offline a huge database of consumer data guarded only by credentials "admin/admin" [link] — briankrebs (@briankrebs) September 13, 2017.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

CyberSecurity Insiders

NOVEMBER 1, 2021

Examples of this include keeping software up to date, backing up data, and maintaining good password practices. At the end of the day, lack of education and human error are two of the largest contributors to data breaches. Wes Spencer, VP, External CSO, ConnectWise. Breaches happen everywhere we look.

Cybersecurity 52

Cybersecurity Backups Ransomware Passwords 52