Remove Accountability Remove Authentication Remove Hacking
article thumbnail

NSA on Authentication Hacks (Related to SolarWinds Breach)

Schneier on Security

The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” From the summary : Malicious cyberactors are abusing trust in federated authentication environments to access protected data.

article thumbnail

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. “And I just am not seeing anything this egregious in terms of viruses and spams from the other email service providers.”

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 242
article thumbnail

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

Facebook, Instagram , TikTok , and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. THE MIDDLEMEN.

article thumbnail

Google Authenticator App now supports Google Account synchronization

Security Affairs

Google announced that its Authenticator app for Android and iOS now supports Google Account synchronization. Google announced that its Google Authenticator app for both iOS and Android now supports Google Account synchronization that allows to safely backup users one-time codes to their Google Account.

article thumbnail

Hacking Grindr Accounts with Copy and Paste

Troy Hunt

The vulnerability allow an attacker to hijack any account. I asked for technical detail so I could validated the authenticity of his claim and the info duly arrived. On a surface of it, things looked bad: complete account takeover with a very trivial attack. Full account takeover.

article thumbnail

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida. That user appears to have deleted their Telegram account several days ago, presumably in response to intense media coverage of the breach.

Hacking 342