23 matches found
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours...
Lone Hacker Used Infostealers to Access Data at 50 Global Companies
A Hudson Rock report reveals how an Iranian hacker named Zestix breached 50 global companies, including Iberia Airlines and Pickett & Associates, by using stolen passwords and a lack of MFA...
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based...
34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware
As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. "The underground market value of stolen logs and compromised card details is estimated around $5.8...
A Mystery Malware Stole 26 Million Passwords From Windows PCs
The credentials were part of a trove containing 1.2 terabytes of sensitive data extracted between 2018 and 2020...
Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet
A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection ATP and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the...
Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet
A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection ATP and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the...
Ticketmaster Pays Up for Hacking a Rival Company
Employees admitted to using stolen passwords and URL guessing to access confidential data...
Ticketmaster To Pay $10 Million Fine For Hacking A Rival Company
Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems of a competitor repeatedly between 2013 and 2015 in an attempt to "cut the company off at the knees." A subsidiary of Live Nation, the California-based ticket sales and distribution...
Reasonably Clever Extortion E-mail Based on Password Theft
Imagine you've gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it's for isn't very valuable. How do you use it? You convince the owners of the password to send you money. I recently saw a spam e-mail that ties the password to a porn site. The...
Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online
Hackers always first go for the weakest link to quickly gain access to your online accounts. Online users habit of reusing the same password across multiple services gives hackers opportunity to use the credentials gathered from a data breach to break into their other online accounts. Researchers...
Hacked Password Service Leakbase Goes Dark
Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the...
How Cybercrooks Put the Beatdown on My Beats
Last month Yours Truly got snookered by a too-good-to-be-true online scam in which some dirtball hijacked an Amazon merchant's account and used it to pimp steeply discounted electronics that he never intended to sell. Amazon refunded my money, and the legitimate seller never did figure out how hi...
LastPass Bug Lets Hackers Steal All Your Passwords
A critical zero-day flaw has been discovered in the popular cloud password manager LastPass that could allow any remote attacker to compromise your account completely. LastPass is one of the best password manager that also available as a browser extension that automatically fills credentials for...
Ersatz Scheme Deceives Hackers, Protects Stored Passwords
Researchers at Purdue University have developed a scheme that protects stolen passwords from offline cracking. The project is explained in a paper called “ErsatzPasswords – Ending Password Cracking” pdf written by Purdue University researchers Mohammed H. Almeshekah, Christopher N. Gutierrez,...
eBay Password Database Hack Raises Questions
As is the case with most high-profile data breaches, despite an initial disclosure of information, more questions are inevitable. The eBay password database hack is a prime example. Inquiring minds still want to know more about how the stolen passwords are secured and why the online auction house...
Pony Botnet Controller Has 2 Million Stolen, Weak Passwords
So what’s worse: Finding two million passwords harvested by a botnet, or learning that most of the stolen passwords are terribly weak? Researchers at Trustwave found another Pony botnet controller recently that oversees a trove of close to two million website logins, email account credentials, as...
Google Says Gmail Security Measures Have Reduced Account Hijacks By 99 Percent
Gmail accounts are high-priority targets for attackers of all stripes, particularly spam crews and state-sponsored attackers who use them to monitor the activities of activists and journalists. Hijacking those accounts can be quite useful for spammers and malware gangs as well, but Google said th...
Chinese Hackers hit New York Times and Wall Street Journal
The New York Times says Chinese hackers probably working for the military or Chinese government have carried out sustained attacks on its computer systems, breaking in and stealing the passwords of high-profile reporters and other staff members. For the last four months, Chinese hackers have...
Linkedin sued by Member for Hacking Incident
Linkedin sued by Member for Hacking Incident Illinois resident Katie Szpyrka filed a $5 million class action lawsuit against LinkedIn in the US District Court in the Northern District of California on June 15, claiming the business-oriented social networking site violated its own user agreement a...