Displaying items by tag: Credentials

COMPANY NEWS: Bitdefender's security researchers have identified a large-scale ad fraud campaign that deployed hundreds of malicious apps in the Google Play Store, resulting in more than 60 million downloads total. The apps display out-of-context ads and even try to persuade victims to give away credentials and credit card information in phishing attacks.

GUEST OPINION:  The financial services sector, a perennial target for cybercriminals, faces an increasingly complex threat landscape. As technology advances and digital transformation accelerates, so too do the opportunities for malicious actors to exploit vulnerabilities.

GUEST RESEARCH: Cado Security, provider of the first cloud forensics and incident response platform, today announced the release of Cado Security Labs 2023 Cloud Threat Findings Report. The report reveals noteworthy discoveries about the evolving cloud threat landscape, shedding light on the heightened risk of cyberattacks due to the rapid adoption of cloud-focused services.

Security vendor WatchGuard Technologies' AuthPoint Total Identity Security bundles AuthPoint multi-factor authentication with dark web credential monitoring capabilities and a corporate password manager.

Seventy-two percent of Australia’s 50 million stolen credentials were accounted to the country’s media and telecommunications division—a 99% increase compared to 2021—while the Australian public sector accounted for nearly 20% of the country’s total data breaches, according to risk intelligence provider Flashpoint’s report on the state of Australia’s cyber threat intelligence.

Last year, 4,518 data breaches were reported globally with threat actors exposing or stealing 22.62 billion credentials and personal records, ranging from account and financial information to emails and Social Security numbers, a new security report has revealed.

GUEST OPINION: While it never went away entirely, there's a resurgence in unsanctioned cloud apps and services in enterprise environments – and nuanced action from IT teams is required to address it.

GUEST OPINION: It’s a cybersecurity threat that organisations have been facing for years, and the wave of ransomware attacks is showing no sign of abating.

COMPANY NEWS: Lookout, a leading provider of endpoint and cloud security solutions, today announced it has acquired SaferPass, an innovative password management company that provides secure online identity solutions for both consumers and businesses. By adding password management technology to its suite of security solutions, Lookout is expanding on its mission to deliver proactive protection and safeguard customer data for individuals and businesses.

GUEST OPINION: When using modern software applications, most users don’t spend time considering all the components that make them work.

A protocol used by Microsoft Exchange, the popular email server software used by both individuals and businesses, has been found to be leaking credentials of users, who attempt to authenticate from clients like Microsoft Outlook, due to a defect in its design.

Identity detection and response specialist Attivo Networks' new TheatStrike technology is said to hide real credentials from attacker tools and bind them to their applications, while showing decoy credentials as bait for threat intelligence gathering.

Company News: Attivo Networks, the industry experts in lateral movement attack detection and privilege escalation prevention, announced today a new integration for the Attivo EDN Suite with SentinelOne's Singularity XDR platform. With an uptick in the number of human and machine entities to secure, the attack surface is expanding, making it challenging for organisations to protect their networks from credential-based attacks.

Scammers are taking advantage of the busy shopping season and trying to relieve customers of Westpac of some of their earnings, setting up a site that looks very much like the real thing to try and lure customers into entering their credentials.

Attivo Networks has updated its ThreatPath credential exposure tool to identify and remediate high-risk exposures based on identities with excess privileges, application data sources, at-risk practices such as local admin credentials stored on the endpoint, and shadow admin accounts.

GUEST OPINION by Eyal Arazi, Radware: Migrating workloads to public cloud environment opens up organisations to a slate of new, cloud-native attack vectors which did not exist in the world of premise-based data centres.

GUEST OPINION by Eyal Arazi, Radware: Migrating workloads to public cloud environment opens up organisations to a slate of new, cloud-native attack vectors which did not exist in the world of premise-based data centres.

Security intelligence firm Recorded Future claims to have discovered the most likely source of a collection of data from breaches stretching back years; given the moniker Collection #1, it was disclosed recently by security professional Troy Hunt and said to contain 773 million email addresses and corresponding passwords.

IBM has the strongest credentials in the blockchain sector, according to Juniper Research, which says that the company is “clearly regarded” as being well ahead of competitors.

A partnership between Centrify and BlackBerry sees the former's credentials certified as 'Secured for Good' and supporting single sign on from mobile devices.