Lucene search
K

1401 matches found

ThreatPost
ThreatPost
added 2019/08/26 3:43 p.m.54 views

Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk

Web hosting company Hostinger is warning that a breach of one of its servers potentially gave bad actors access to the hashed passwords and personal data of more than 14 million customers. Hostinger, a popular web, cloud and virtual private server hosting provider and domain registrar with 29...

7.5AI score
Exploits0References6
Microsoft Secure
Microsoft Secure
added 2019/08/20 4:0 p.m.20 views

One simple action you can take to prevent 99.9 percent of attacks on your accounts

There are over 300 million fraudulent sign-in attempts to our cloud services every day. Cyberattacks aren’t slowing down, and it’s worth noting that many attacks have been successful without the use of advanced technology. All it takes is one compromised credential or one legacy application to...

7.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2019/08/07 4:30 p.m.57 views

Trust As The Foundation Of Security

Our customers are moving more workloads to the cloud. No surprise there. The siren song of agility, scale, and cost savings can't be resisted. But as we highlighted earlier, security fundamentals are key to a successful cloud migration. In fact, we also shared marketectures to successfully migrat...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2019/08/05 3:49 p.m.107 views

Grammarly: Previously created sessions continue being valid after MFA activation

Hi team, I found one issue related to your 2FA system on https://account.grammarly.com/security POC 1 access the same account on https://account.grammarly.com in two devices 2 on device 'A' go to https://account.grammarly.com/security complete all steps to activate the 2FA system Now the 2FA is...

1.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/08/05 2:4 p.m.57 views

The Risk of Weak Online Banking Passwords

If you bank online and choose weak or re-used passwords, there's a decent chance your account could be pilfered by cyberthieves -- even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial...

7.3AI score
Exploits0
CNVD
CNVD
added 2019/07/23 12:0 a.m.3 views

HPE IceWall SSO Agent Option and IceWall MFA Input Validation Error Vulnerability

HPE IceWall SSO and HPE IceWall MFA are both products of Hewlett Packard Enterprise HPE, U.S.A. HPE IceWall SSO is a single-sign-on program that provides authentication capabilities for users.HPE IceWall SSO Agent Option HPE IceWall SSO Agent Option is an agent-based option for HPE IceWall SSO.HP...

7.1CVSS6.9AI score0.01685EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2019/06/28 6:1 p.m.13 views

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

It might be difficult to fathom how this isn't already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers CSPs that help companies manage their Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/05/08 4:0 p.m.58 views

3 investments Microsoft is making to improve identity management

As a large enterprise with global reach, Microsoft has the same security risks as its customers. We have a distributed, mobile workforce who access corporate resources from external networks. Many individuals struggle to remember complex passwords or reuse one password across many accounts, which...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/05/02 4:0 p.m.40 views

Get security beyond Microsoft products with Microsoft 365

Over time, organizations and individuals acquire stuff. Things we love and things we need. Things we don’t need but can’t seem to get rid of. I was confronted with this challenge when we bought a 1908 craftsman home. How could I make my beloved modern furniture and mandatory kid-friendly gear wor...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/04/05 4:0 p.m.30 views

Steer clear of tax scams

In the month of February, we saw an average of 300,000 phishing attempts across Microsoft’s browsing platforms daily. Our security experts expect these attempted scams to become increasingly more prevalent through the April 15 Tax Day, especially in the two weeks leading up to it, when about 25...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2019/03/14 9:19 p.m.85 views

Threatlist: IMAP-Based Attacks Compromising Accounts at 'Unprecedented Scale'

Attackers mounting password-spraying campaigns are turning to the legacy Internet Message Access Protocol IMAP to avoid multi-factor authentication obstacles – thus more easily compromising cloud-based accounts. That’s according to researchers with Proofpoint, who found that in the past half year...

1.9AI score
Exploits0References6
The Hacker News
The Hacker News
added 2019/03/11 7:52 a.m.146 views

Citrix Data Breach – Iranian Hackers Stole 6TB of Sensitive Data

Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by "international cyber criminals." Citrix said it was warned by the F...

Exploits0
ThreatPost
ThreatPost
added 2019/02/01 9:35 p.m.216 views

Houzz Urges Password Resets After Data Breach

Interior decorating website Houzz on Friday issued a notice that user data – including usernames, passwords and IP addresses – had been accessed by an “unauthorized third party.” Houzz connects consumers to varying home-goods departments or professionals for purchasing furniture. The Palo Alto,...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2019/01/23 3:6 p.m.248 views

U.S. Gov Issues Urgent Warning of DNS Hijacking Attacks

The Department of Homeland Security is ordering all federal agencies to urgently audit Domain Name System DNS security for their domains in the next 10 business days. The department’s rare “emergency directive,” issued Tuesday, warned that multiple government domains have been targeted by DNS...

0.9AI score
Exploits0References5
Carbon Black Blog
Carbon Black Blog
added 2019/01/02 3:42 p.m.82 views

3 Infosec Reflections to Kick off 2019 & Finally Shift the Balance of Power Back to Defenders

Wow. It's already 2019. Talk about a year in 2018 that flew by! I won’t spend this entire blog talking about 2018 but, needless to say, a lot happened in 2018 and it doesn’t look to slow down anytime soon. This time of year, I like to stop and reflect on the previous year and think about moving...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/12/17 5:0 p.m.94 views

Step 2. Manage authentication and safeguard access: top 10 actions to secure your environment

This series outlines the most fundamental steps you can take with your investment in Microsoft 365 security solutions. We will provide advice on activities such as setting up identity management through active directory, malware protection, and more. In this post, we explain how to enable single...

7.5AI score
Exploits0
Citrix
Citrix
added 2018/12/12 12:0 a.m.6 views

Certificate Based Authentication on Gateway Insight

With Client Authentication enabled on an SSL virtual server, the NetScaler appliance asks for the Client Certificate during the SSL handshake. The appliance checks the certificate presented by the client for normal constraints, such as the issuer signature and expiration date. Here are some use...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2018/12/11 2:28 p.m.22 views

Linux.org Redirected to NSFW Page Spewing Racial Epithets

The Linux organization said late Friday that its main domain, Linux.org, was hacked and defaced in a DNS hijacking incident. The group said that someone was able to compromise the registrar account for the domain and point its DNS to another server — as well as lock administrators out from changi...

0.5AI score
Exploits0References7
Akamai Blog
Akamai Blog
added 2018/12/10 1:11 p.m.77 views

Defending Credentials From Automated Attack Tools

By Danny Wasserman The folks on the Akamai Professional Services team are the people who help implement, configure, and tune the cloud security products that protect our customers' web applications from the daily onslaught of bots blasting login attempts against their websites, mobile apps, and...

0.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/12/04 9:45 p.m.73 views

A Breach, or Just a Forced Password Reset?

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefil...

7.4AI score
Exploits0
Rows per page
Query Builder