IT Security Guru

JANUARY 9, 2025

Resolution #1: Adopt a Proactive Approach to Cybersecurity to Combat AI-Driven Attacks Adopt a proactive approach to cybersecurity that integrates advanced defence mechanisms with fundamental best practices to mitigate and combat AI-driven attacks. This will require expertise in cryptography, IT infrastructure and cybersecurity.

Cybersecurity 113

Cybersecurity Cyber threats Architecture Digital transformation 113

The Last Watchdog

NOVEMBER 22, 2021

With so much critical data now stored in the cloud, how can people protect their accounts? Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.”

Passwords 270

Passwords Authentication Accountability Mobile 270

Malwarebytes

MARCH 31, 2025

Last year a burger restaurant sent customers into a spin after sending them a fake order confirmation email, which led to customers fearing that their accounts had been hacked. But as a cybersecurity brand we want you to feel like you can trust usevery single day of the year. Use a different password for every account.

Scams 138

Scams Passwords Accountability Password Management 138

Malwarebytes

OCTOBER 22, 2024

Meta, the company behind Facebook and Instagram says its testing new ways to use facial recognition—both to combat scams and to help restore access to compromised accounts. The social media giant is testing the use of video selfies and facial recognition to help users get their hijacked accounts back. What do you think?

Accountability 118

Accountability Scams Media Artificial Intelligence 118

The Last Watchdog

APRIL 28, 2022

Passwords have become ubiquitous with digital. The humble password is nothing more than a digital key that opens a door. And they use passwords to open a device, a system, an account, a file and so on. Which begs the question: why do people create their own passwords? Related: The coming of passwordless access.

Passwords 237

Passwords Encryption Phishing Social Engineering 237

The Last Watchdog

OCTOBER 10, 2024

Where a traditional threat intelligence or investigations tool may provide a small number of records directly correlated to the search input, IDLink expands the pool of results to include identity data correlated across shared usernames, emails, passwords, and PII – with flexible options around pivoting depth, confidence levels, and visualization.

Risk 286

Risk Cybercrime Identity Theft Phishing 286

Security Affairs

OCTOBER 28, 2024

While conventional “internal” employees account for 29% of identities, non-employees or “external identities” in aggregate (contractors, vendors, etc.) account for nearly half of the total users (48%). So, what’s a bit of increased risk where usernames and passwords are concerned? A lot, it turns out.

B2B 124

B2B Cybersecurity Risk Identity Theft 124

SecureWorld News

NOVEMBER 27, 2024

Getting ready to go Add a simple cybersecurity checklist along with your packing routine before you depart for some rest and relaxation. Password protect your devices Set your devices to require the use of a PIN, passcode or extra security feature (like a fingerprint or facial scan).

Cybersecurity 104

Cybersecurity Wireless Accountability Internet 104

eSecurity Planet

MARCH 31, 2025

Streaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. Karin Zilberstein, vice president of Product at cybersecurity company Guardio, says the platform consistently ranks among the top 10 most imitated companies in phishing schemes. Use a strong, unique password for your Netflix account.

Scams 91

Scams Artificial Intelligence Phishing Passwords 91

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Use a password manager : Simplifies managing strong, unique passwords across accounts.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. While skepticism is healthy, excessive distrust can lead to the dismissal of genuine outreach or important instructionsundermining cybersecurity efforts.

Cybersecurity 130

Cybersecurity Technology Scams Risk 130

Malwarebytes

FEBRUARY 11, 2025

They dont crack into password managers or spy on passwords entered for separate apps. If enough victims unwittingly send their passwords, the cyber thieves may even bundle the login credentials for sale on the dark web. The requests are bogus and simply a method for harvesting passwords.

Phishing 124

Phishing Passwords Mobile Authentication 124

Schneier on Security

NOVEMBER 17, 2022

Twitter is having intermittent problems with its two-factor authentication system: Not all users are having problems receiving SMS authentication codes, and those who rely on an authenticator app or physical authentication token to secure their Twitter account may not have reason to test the mechanism. This is not a good sign.

Authentication 363

Authentication Passwords Accountability Media 363

Schneier on Security

JANUARY 29, 2024

The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.

Hacking 330

Hacking Accountability Passwords Cybersecurity 330

Krebs on Security

APRIL 12, 2021

Someone is selling account information for 21 million customers of ParkMobile , a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses.

Mobile 362

Mobile Passwords Accountability Cybercrime 362

Security Boulevard

JANUARY 29, 2025

Old accounts are often unmaintained and forgotten - which can be problematic when you want to "clean up" some of your digital footprint by deleting them or go back to secure them with stronger passwords/MFA. How do you find these old accounts when your recollection isn't enough? Some methods may be more effective for some users.

Accountability 52

Accountability Password Management Data breaches Passwords 52

Anton on Security

APRIL 13, 2023

because of the security of the GCP platform most compromises in the cloud are simply from lack of passwords, poor password strength, reused and leaked credentials, or straightforwardly misconfigured software ” [ A.C. — this make all the jokes about it being ‘so 1980s’ but this is the reality today. You can have fun in the cloud!

Cybersecurity 221

Cybersecurity Passwords Accountability Ransomware 221

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. The report concludes that "while DeepSeek R1 does not instantly generate fully functional malware, its ability to produce semi-functional code should be a wake-up call for the cybersecurity industry."

Malware 110

Malware Cybersecurity Cyber threats Threat Detection 110

eSecurity Planet

FEBRUARY 25, 2025

In a recent cybersecurity development, threat actors exploited weak security practices by targeting Microsoft accounts that lack two-factor authentication (2FA). As discussed on WindowsForum, this “password spray and pray” attack highlights the importance of robust authentication measures.

Passwords 57

Passwords Authentication Accountability Threat Detection 57

Anton on Security

OCTOBER 12, 2022

My favorite quotes from the report follow below: “in Q2 threat actors frequently targeted weak and default-password issues for initial compromise, factoring in over half of identified Incidents.” [A.C.?—?that Google Cloud “Once inside, threat actors frequently engaged in cryptomining , accounting for nearly two-thirds of incidents (65%).”

Cybersecurity 246

Cybersecurity Malware Accountability Passwords 246

Hacker's King

DECEMBER 25, 2024

However, its immense popularity has made it a target for malicious actors seeking unauthorized access to user accounts. Tools designed for password cracking often exploit weak security practices, but understanding these methods is vital for safeguarding your account. Weak or simple passwords are particularly vulnerable.

Passwords 52

Passwords Social Engineering Accountability Scams 52

Hacker's King

DECEMBER 26, 2024

If your account falls into the wrong hands, it can lead to the loss of personal memories, private messages, or even a damaged online reputation. While hacking attempts continue to evolve, so do the strategies to secure your account. Unlike passwords or codes, biometric data is unique to you and cannot be easily replicated.

Accountability 52

Accountability Hacking Social Engineering Passwords 52

eSecurity Planet

MARCH 24, 2025

The compromised database contains approximately 6 million lines of data, including critical assets such as JKS files, encrypted SSO passwords, key files, and enterprise manager JPS keys. Immediate mitigation measures include: Resetting passwords, particularly for privileged LDAP accounts. (region-name).oraclecloud.com),

Risk 119

Risk Passwords Hacking Encryption 119

eSecurity Planet

APRIL 2, 2025

According to cybersecurity firm Hudson Rock, the hack was made possible by a set of stolen credentials compromised in 2021. Identity theft and account takeover: By impersonating customers using leaked support tickets, hackers can gain unauthorized access to accounts. How can malicious actors exploit this?

Identity Theft 122

Identity Theft Cybersecurity Scams Accountability 122

Anton on Security

FEBRUARY 7, 2024

My favorite quotes from the report follow below: “ Credential abuse resulting in cryptomining remains a persistent issue , with threat actors continuing to exploit weak or nonexistent passwords to gain unauthorized access to cloud instances, while some threat actors are shifting to broader threat objectives.” [ A.C. — the

Cybersecurity 246

Cybersecurity Ransomware Passwords Cryptocurrency 246

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. “If you have my seed phrase, you can copy and paste that into your wallet, and then you can see all my accounts. . But on Nov.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Malwarebytes

JANUARY 3, 2025

If interested, the victim will receive a download link and a password for the archive containing the promised installer. The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. fr leyamor[.]com

Scams 140

Scams Identity Theft Media Accountability 140

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability 351

Accountability Advertising Passwords Phishing 351

Malwarebytes

FEBRUARY 25, 2025

Losing data related to a financial account can have severe consequences. If you find an app from this family or another information stealer on your device, there are a few guidelines to follow to limit the damage: Change your password. You can make a stolen password useless to thieves by changing it.

Passwords 144

Passwords Password Management Phishing Authentication 144

The Last Watchdog

MARCH 19, 2025

Holistic Identity: The New Cyber Battleground Organizations have traditionally focused on securing individual account credentials, but SpyClouds research indicates that cybercriminals have expanded their tactics beyond conventional account takeover. ” Additional Report Findings: 17.3

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Schneier on Security

JUNE 28, 2022

Thought experiment story of someone of someone who lost everything in a house fire, and now can’t log into anything: But to get into my cloud, I need my password and 2FA. To get my passwords, I need my 2FA. To get my 2FA, I need my passwords. And, thus, get access to my accounts. I am in cyclic dependency hell.

Passwords 309

Passwords Password Management Backups Risk 309

Hacker's King

DECEMBER 28, 2024

Your Gmail account stores valuable information such as emails, contacts, and documents. A compromised password can lead to identity theft and data breaches. To safeguard your Gmail password, you need to adopt a few best practices that will enhance your accounts security and keep cyber threats at bay.

Passwords 52

Passwords Identity Theft Accountability Data breaches 52

SecureWorld News

JULY 8, 2024

Case in point: a colossal password compilation dubbed "RockYou2024" has emerged, containing nearly 10 billion unique passwords. This unprecedented leak has put the cybersecurity community and beyond on high alert—as if it was not already there—highlighting the ongoing need for robust digital security practices.

Passwords 126

Passwords Password Management Education Accountability 126

SecureWorld News

FEBRUARY 6, 2025

Grubhub detected unusual activity within its environment, later traced to an account associated with a third-party service provider used for customer support. Upon discovery, the company swiftly terminated access to the compromised account and removed the provider from its systems. What happened?

Data breaches 92

Data breaches Accountability Social Engineering Passwords 92

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else.

Data breaches 108

Data breaches Passwords Ransomware Phishing 108