The Hacker News

SEPTEMBER 27, 2023

A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. The malware is a modular remote access trojan (RAT) with information

Password Management 144

Password Management Passwords Malware Software 144

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. And specifically, asking me whether I used LastPass or any other password manager. I don’t use third-party password managers for precisely this reason, and here’s my logic. The answer is no.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 118

Encryption Password Management Cryptocurrency Social Engineering 118

Zero Day

NOVEMBER 12, 2024

NordPass is one of our favorite password managers to help you keep your information secure.

Password Management 111

Password Management Passwords Information Security 111

Troy Hunt

AUGUST 30, 2023

They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing 362

Phishing Password Management Passwords Banking 362

Google Security

JANUARY 30, 2024

Posted by Sherif Hanna, Group Product Manager, Pixel Security Helping Pixel owners upgrade to the easier, safer way to sign in Your phone contains a lot of your personal information, from financial data to photos. This is why the Pixel team has been especially excited about passkeys —the easier, safer alternative to passwords.

Password Management 121

Password Management Passwords Accountability Phishing 121

Jane Frankland

MAY 16, 2025

Auto-fill Exploits: A small but critical sign when your password manager doesnt autofill it might be a scam site. He explained: There are moments that should raise red flags but dont like when your password manager doesnt autofill. Auto-fills not working in password managers like 1Password may indicate a fake site.

Scams 130

Scams Password Management Passwords Banking 130

Security Affairs

MARCH 10, 2025

DoJ, threat actors may have used private keys extracted by cracking the victim’s password vault stolen from the 2022 security breach suffered by an online password manager. The scale and speed of the theft indicate a coordinated effort, consistent with previous breaches of online password managers and crypto thefts.

Password Management 88

Password Management Cryptocurrency Passwords Data breaches 88

Malwarebytes

FEBRUARY 25, 2025

But when the apps are installed, they steal information from the victims device that can be used to blackmail the victim. Among the stolen information are listed contacts, call logs, text messages, photos, and the devices location. You can make a stolen password useless to thieves by changing it. Set up identity monitoring.

Passwords 145

Passwords Password Management Phishing Authentication 145

Adam Shostack

JANUARY 2, 2025

What I said was a password management company had one job, and if they expose your passwords, you should not use their password management software. In reading that table, I believe that a password manager with central storage falls into the reckless category, although perhaps it's merely risky.

Information Security 130

Information Security Password Management Passwords Accountability 130

Malwarebytes

APRIL 24, 2025

In a data breach notice on its website, Blue Shield says it had begun notifying certain members of a potential data breach that may have included elements of their protected health information. This likely included protected health information. Change your password. Choose a strong password that you dont use for anything else.

Insurance 121

Insurance Data breaches Passwords Phishing 121

Malwarebytes

JANUARY 27, 2025

Stolen information The data breach at Change Healthcare is the largest healthcare data breach in US history. However, the exposed information may include: Contact information: Names, addresses, dates of birth, phone numbers, and email addresses. Change your password. Better yet, let a password manager choose one for you.

Data breaches 129

Data breaches Healthcare Passwords Insurance 129

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Don’t re-use passwords.

Passwords 363

Passwords Password Management Phishing Scams 363

Malwarebytes

OCTOBER 15, 2024

Broadly, Malwarebytes found that: 74% of people “consider US election season a risky time for personal information.” Distrust in political ads is broad—62% said they “disagree” or “strongly disagree” that the information they receive in US election-related ads is trustworthy. The reasons could be obvious.

Scams 140

Scams Identity Theft Cybercrime Accountability 140

Malwarebytes

MARCH 26, 2025

If you have any questions or need more information, please contact the guest directly or through our platform. Press Enter As we explained in more detail here , these instructions will infect their Windows system with an information stealer or Trojan. Find out what information is already out there. Press Ctrl + V.

Phishing 126

Phishing Malware Passwords Password Management 126

Malwarebytes

NOVEMBER 4, 2024

The attack was later claimed by the Rhysida ransomware group on their leak site, where the group posts information about victims that are unwilling to pay. Later, a security researcher disclosed information about the content of the stolen data with the media. Change your password. Enable two-factor authentication (2FA).

Data breaches 122

Data breaches Passwords Ransomware Phishing 122

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Malwarebytes

JUNE 4, 2024

Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Data breaches 125

Data breaches Passwords Phishing Password Management 125

The Last Watchdog

JANUARY 31, 2022

In other words, dynamic passwords are changeable static passwords. Dynamic passwords need to be securely managed. Online and offline password managers come into play here. However, password managers introduce the problem of risk concentration, or putting all of one’s eggs in a single basket.

Passwords 232

Passwords Computers and Electronics Password Management Artificial Intelligence 232

Malwarebytes

FEBRUARY 11, 2025

Another 4,800 could even read information from an Android devices Notifications bar to obtain the same info. They dont crack into password managers or spy on passwords entered for separate apps. In reality, those usernames and passwords would just be delivered to cybercriminals on the other side of the website.

Phishing 133

Phishing Passwords Mobile Authentication 133

Malwarebytes

SEPTEMBER 13, 2023

However, there is another, far easier way for criminals to get at LastPass users' passwords, without cracking them: They can simply ask. Armed with this data, attackers can send targeted phishing emails that attempt to steal the passwords needed to unlock the stolen password vaults. Use a password manager.

Phishing 144

Phishing Accountability Passwords Password Management 144

Malwarebytes

APRIL 28, 2025

This means those 21 million images could reveal everything from work processes to employees private information. Change the passwords that may have been seen. You can make a stolen password useless to thieves by changing it. Choose a strong password that you dont use for anything else. Set up identity monitoring.

Passwords 95

Passwords Phishing Spyware Password Management 95

Malwarebytes

NOVEMBER 19, 2024

Instead of the video editor, users got information stealing malware. But if they click the “GET NOW” button, they’ll download the information stealer and infect their device. Lumma steals information from cryptocurrency wallets and browser extensions, as well as two-factor authentication details. dmg” for macOS.

Cryptocurrency 124

Cryptocurrency Artificial Intelligence Accountability Passwords 124

Malwarebytes

SEPTEMBER 22, 2023

Some T-Mobile customers logged into their accounts on Wednesday to find another customer’s billing and account information showing on their online dashboards. It said a "temporary system glitch" had misplaced some subscriber account information, causing it to appear on other subscribers’ profile pages. Change your password.

Mobile 125

Mobile Data breaches Accountability Passwords 125

Malwarebytes

FEBRUARY 25, 2025

The attacker may have accessed over three million files containing personal information. This is one of these cases where a company most people have never heard of has amassed a mountain of information about many people. These data brokers gather information from several sources and sell them on to interested buyers.

Data breaches 105

Data breaches Passwords Phishing Password Management 105

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 123

Healthcare Data breaches Passwords Identity Theft 123

Malwarebytes

SEPTEMBER 10, 2024

Payment provider Slim CD has disclosed a security incident that may have exposed the full credit card information of anyone paying at a merchant that uses Slim CD’s services. However, the company said the criminals only had access to credit card and other information between June 14 and June 15, 2024. Change your password.

Data breaches 123

Data breaches Identity Theft Passwords Phishing 123

Security Affairs

OCTOBER 29, 2024

“Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.” Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft 127

Identity Theft Passwords Malware Banking 127

Malwarebytes

APRIL 15, 2025

The Hertz Corporation, on behalf of Hertz, Dollar, and Thrifty brands, is sending breach notifications to customers who may have had their name, contact information, driver’s license, andin rare casesSocial Security Number exposed in a data breach. Change your password. Better yet, let a password manager choose one for you.

Data breaches 109

Data breaches Ransomware Passwords B2B 109

The Last Watchdog

NOVEMBER 22, 2021

No personal information. Keep information like your birthday, high school graduation year, or address out of your passwords. 4) Use a password manager. Since memorable passwords are difficult to crack, the opposite is equally true: Safe passwords are hard to recall.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Malwarebytes

JANUARY 10, 2025

BayMark) notified an unknown number of patients that attackers stole their personal and health information. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you.

Ransomware 103

Ransomware Data breaches Passwords Phishing 103

Schneier on Security

DECEMBER 26, 2022

Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised. If you’re changing password managers, look at my own Password Safe. News articles.

Passwords 299

Passwords Encryption Backups Password Management 299

Malwarebytes

MARCH 19, 2025

Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers’ personal information. The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers. Change your password.

Banking 100

Banking Data breaches Computers and Electronics Passwords 100

Malwarebytes

FEBRUARY 13, 2025

Don’t enter personal information on a website unless you are certain it is legitimate. Use a password manager to autofill credentials only on trusted sites. Protect yourand your family’spersonal information by using identity protection. Monitor your accounts for signs of unauthorized access or data leaks.

Phishing 110

Phishing Artificial Intelligence Identity Theft Accountability 110

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own.

Risk 345

Risk Passwords Password Management Accountability 345

Malwarebytes

MARCH 14, 2025

Depending on the type of app these records can contain financial data, location data, and other personal information. But you can keep this information in mind before you install an app. Change your password. You can make a stolen password useless to thieves by changing it. Enable two-factor authentication (2FA).

Passwords 94

Passwords Data breaches Phishing Password Management 94

Malwarebytes

NOVEMBER 6, 2024

Consider making it easier for your staff by using a single-sign-on service or alternatively by providing them with a password manager. Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes. Know what legal body you need to inform in case of a breach.

Small Business 103

Small Business Backups Firewall VPN 103