Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Malwarebytes

FEBRUARY 20, 2023

From March 19, users of Twitter won’t be able to use SMS-based two-factor authentication (2FA) unless they have a subscription to the paid Twitter Blue service. You can still use the authentication app and security key methods. To avoid losing access to Twitter, remove text message two-factor authentication by Mar 19, 2023.

Authentication 98

Authentication Phishing Mobile Accountability 98

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

The Last Watchdog

DECEMBER 8, 2022

Only 33 percent consistently use two-factor authentication (2FA). Only 28 percent don’t use repeated passwords•Only 20 percent use a password manager. Using strong passwords (random combinations of letters and numbers are best) and storing them securely in a password manager.

Cybersecurity 203

Cybersecurity Passwords Password Management Ransomware 203

Malwarebytes

FEBRUARY 14, 2025

In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The data contains names, email addresses, usernames, passwords, phone numbers, addresses, company names, and additional personal information. Choose a strong password that you dont use for anything else.

Accountability 83

Accountability Data breaches Passwords Phishing 83

Security Through Education

JANUARY 18, 2023

What are some personal cybersecurity concerns for 2023? Business email compromise (BEC) attacks have been predicted to soar in 2023 according to Forbes Advisor. Use strong passwords, and ideally a password manager to generate and store unique passwords. And what are some ways we can protect ourselves?

Cybersecurity 98

Cybersecurity Social Engineering Scams IoT 98

Malwarebytes

NOVEMBER 13, 2024

One particular campaign that we tracked peaked in April 2023, but then really slowed down during the summer months. Use a different password for every account (a password manager is super helpful in generating and storing all your passwords), and set up multi-factor authentication (MFA) wherever you can.

Scams 131

Scams Accountability Retail Advertising 131

Malwarebytes

JANUARY 16, 2024

As we can see from the description in the database, the root of the problem is that it’s possible to direct password reset emails to unverified email addresses. CVE-2023-7028 ( CVSS score 10 out of 10): an issue has been discovered in GitLab CE/EE affecting all versions from 16.1 This performs secure authentication on your behalf.

Accountability 130

Accountability Passwords Authentication Password Management 130

Malwarebytes

MAY 22, 2024

USDoD is also believed to be involved in a breach at TransUnion , the data of which was (partly) dumped in September, 2023. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA).

Passwords 145

Passwords Data breaches Phishing Password Management 145

Malwarebytes

DECEMBER 19, 2023

A month ago, in November 2023, the company stated that the number of affected customers was limited to around 4 million, because banking information related to mortgage payments is hosted with a third-party provider, whose systems were believed not to be compromised. You can make a stolen password useless to thieves by changing it.

Data breaches 132

Data breaches Identity Theft Passwords Phishing 132

Webroot

OCTOBER 31, 2024

Source: Coveware We’ve seen a drop-off from the highs last year – fueled by Cl0p ransomware group making over $100 Million in a few months in late 2023. Akira: The Healthcare Menace The Akira ransomware group was first observed in March 2023 and immediately became one of the most formidable threats in the threat landscape.

Malware 104

Malware Ransomware Passwords Healthcare 104

Malwarebytes

JANUARY 15, 2024

In November 2023, real estate services company Fidelity National Financial (FNF) got its systems knocked offline for a week after a cyberincident. But it could also be another reason: In December 2023, the gang’s infrastructure was taken down by law enforcement. Choose a strong password that you don’t use for anything else.

Data breaches 123

Data breaches Identity Theft Passwords Ransomware 123

CyberSecurity Insiders

MARCH 3, 2023

The NCSC of the United Kingdom opposes Twitter’s decision to forgo multi-factor authentication in the coming weeks. So, Britain’s cyber arm of GCHQ is urging Twitter users to use other online services in securing their online accounts, by adding an extra layer of security- on top of password managers and a 14-16 character password.

Cybersecurity 127

Cybersecurity Ransomware Encryption Password Management 127

Malwarebytes

JULY 12, 2024

Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.

Data breaches 144

Data breaches Passwords Phishing Password Management 144

Malwarebytes

AUGUST 27, 2024

Since then it has gone through several mergers and acquisitions According to the data breach notification, the breach occurred on May 29, 2023, but wasn’t discovered until July 30, 2024. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.

Data breaches 117

Data breaches Passwords Phishing Password Management 117

eSecurity Planet

JUNE 20, 2024

Keeper and Bitwarden are password manager products that help your business manage its application credentials across all platforms. Bitwarden is great for mid-sized businesses and teams that want to self-host a password manager. Keeper is a strong solution for both small businesses and large enterprises.

Password Management 109

Password Management Passwords Authentication Accountability 109

Duo's Security Blog

SEPTEMBER 6, 2023

While there are areas where passkeys could be better, it is clear that they are the leading contender to improve authentication by an order of magnitude and bring an end to passwords. Apple OS releases in 2023 are targeted to include support for iCloud with Managed Apple IDs, supporting the same kind of sync capability as Apple IDs.

Passwords 105

Passwords Password Management Authentication Threat Detection 105

Malwarebytes

DECEMBER 21, 2023

On October 25, 2023, Xfinity discovered suspicious activity and subsequently determined that between October 16 and 19 unauthorized access to its internal systems occured. On October 10, 2023, Citrix released security updates to address Citrix Bleed, but many organizations struggle to patch in a timely manner.

Data breaches 121

Data breaches Passwords Identity Theft Accountability 121

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). When we compare the number of data breach victims in the first half of 2024 (H1 2024) then we see an increase of 490 percent compared to the first half of 2023.

Data breaches 126

Data breaches Passwords Identity Theft Phishing 126

eSecurity Planet

JUNE 21, 2024

Keeper and Dashlane are top password managers prioritizing multi-layered encryption systems for secure password sharing. Both password managers are suitable for small to large businesses. 5 Keeper, a low-cost password manager, highlights security with strong end-to-end encryption and authentication.

Password Management 104

Password Management Passwords Encryption VPN 104

Malwarebytes

SEPTEMBER 13, 2023

To avoid the deactivation of certain features of your LastPass account, log in before September 26, 2023 to confirm your account information. If you fall for a phish, make your data useless: If you entered a password, change it, if you entered credit card details, cancel the card. Use a password manager.

Phishing 144

Phishing Accountability Passwords Password Management 144

Malwarebytes

APRIL 10, 2024

Separately, Google released on online tool in 2023 where users can request that certain search results that contain their personal information be removed. While hackers may have plenty of novel tools at their disposal, the best defenses you can implement today are the use of unique passwords and multifactor authentication.

Passwords 119

Passwords Authentication Data privacy Accountability 119

Malwarebytes

MARCH 25, 2024

On December 13, 2023, Vans said it detected unauthorized activities on its IT systems, attributed to “external threat actors.” Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA).

Data breaches 133

Data breaches Phishing Identity Theft Passwords 133

SecureList

JANUARY 25, 2024

In our previous privacy predictions piece , we outlined trends for 2023. We have not seen any spikes in demand for privacy insurance by individuals in 2023. Given that privacy concerns are rising, we suggest that although our prediction was not fulfilled in 2023, this is a long-term trend that we will observe for years to come.

Passwords 125

Passwords Authentication Technology Insurance 125

Malwarebytes

NOVEMBER 7, 2023

Okta says it found that from September 28 to October 17, 2023 an attacker had unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers. Okta administrators are now forced to re-authenticate if we detect a network change. Choose a strong password that you don’t use for anything else.

Accountability 137

Accountability Passwords Data breaches Phishing 137

Malwarebytes

JULY 2, 2024

As one of the largest insurance companies in the US, Prudential employs 40,000 people worldwide and reported revenues of over $50 billion in 2023. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA).

Data breaches 118

Data breaches Identity Theft Passwords Phishing 118

Duo's Security Blog

JULY 7, 2023

A passkey is a phishing-resistant cryptographic keypair you register for web-based authentication. It’s the strongest authentication method available today, which is why you see passkeys moving to replace passwords altogether. Recently, we released passkeys for the admin panel to make this workflow even easier and more secure.

Authentication 96

Authentication Passwords Mobile Password Management 96

Malwarebytes

OCTOBER 23, 2023

Password manager 1Password says it’s been affected by a breach at Okta , but it reports no user data has been stolen. In the early morning hours of Friday, September 29, 2023 an unknown actor used the same Okta session that was used to create the HAR file to access the Okta administrative portal.

Passwords 117

Passwords Password Management Data breaches Phishing 117

Security Boulevard

MAY 22, 2023

On-demand, Secure SaaS Access Authenticating and authorizing user identities have always been an important aspect of enterprise security. Pinpoint and migrate credentials from fragmented password managers, including bulk credential and password rotation unique to each identity with role-based access control assigned automatically.

Password Management 59

Password Management Passwords Risk Authentication 59

Malwarebytes

JUNE 6, 2024

Allegedly the customer data includes: Names Email addresses Phone numbers Physical address Orders Loyalty and gas card numbers Sales history The data set allegedly also includes information about 358,000 employees and candidates—which is a lot more than are currently employed by Advance Auto Parts (69,000 in 2023). Million for the data set.

Data breaches 126

Data breaches Passwords Phishing Authentication 126

Malwarebytes

DECEMBER 12, 2023

In a filing with Maine’s attorney general on Friday, Norton said that on May 9, 2023, it discovered an “external system breach.” Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA).

Healthcare 125

Healthcare Identity Theft Passwords Data breaches 125

Thales Cloud Protection & Licensing

MARCH 29, 2023

World Backup Day 2023: Five Essential Cyber Hygiene Tips madhav Thu, 03/30/2023 - 05:54 World Backup Day , celebrated each year on March 31st, is a day created to promote backing up data from your devices. Control Access Ensuring password security is one of the easiest steps you can take to protect your data, devices, and accounts.

Backups 71

Backups Encryption Passwords Ransomware 71

Thales Cloud Protection & Licensing

FEBRUARY 6, 2023

Safer Internet Day 2023: Empowering Kids and Families for a Safer Internet divya Tue, 02/07/2023 - 06:44 Save the date for Safer Internet Day 2023 , which will take place on Tuesday, 7 February 2023, the 20th edition of the campaign! Happy Safer Internet Day 2023!

Internet 71

Internet Internet Media Identity Theft 71

Malwarebytes

SEPTEMBER 10, 2024

A subsequent investigation by a third-party specialist revealed that cybercriminals had access to Slim CD’s systems for 10 months, between August 17, 2023, and June 15, 2024. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.

Data breaches 121

Data breaches Identity Theft Passwords Phishing 121

Webroot

OCTOBER 17, 2024

According to the Identity Theft Resource Center, there were 3,205 data compromises in 2023. T-Mobile: About 37 million T-Mobile customers had their personal data compromised in a January 2023 hack that accessed names, addresses and birth dates. That’s a 20% increase over the previous year.

VPN 118

VPN Identity Theft Passwords Scams 118

Malwarebytes

FEBRUARY 27, 2024

The German Federal Office for Information Security (BSI) has published a report on The State of IT Security in Germany in 2023 , and the number one threat for consumers is… identity theft. The report states: “For consumers, the issue of data leaks was prominent in the reporting period (2023).

Identity Theft 118

Identity Theft Data breaches Artificial Intelligence Passwords 118

Malwarebytes

JULY 3, 2024

Money transfer service and payment platform builder Wise also published a statement on its website , informing customers it had shared full names, addresses, contact details, Social Security numbers, and other sensitive information with Evolve as part of a partnership between 2020 and 2023. Enable two-factor authentication (2FA).

Data breaches 108

Data breaches Banking Passwords Phishing 108