Authentication, Download and Passwords - Cyber Security Informer

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Malwarebytes

FEBRUARY 25, 2025

A malicious app claiming to be a financial management tool has been downloaded 100,000 times from the Google Play Store. In this case, the loan app evaded detection on Google Play, by loading a WebView to redirect users to an external website from where they could download the app hosted on an Amazon EC2 server.

Passwords

Passwords Password Management Phishing Authentication

Home Assistant, Pwned Passwords and Security Misconceptions

Troy Hunt

MARCH 10, 2021

Pwned Passwords is a repository of 613M passwords exposed in previous data breaches, which makes them very poor choices for future use. They're totally free and they have a really cool anonymity API that ensures no useful information about the password being searched for is ever exposed.

Passwords

Passwords IoT Password Management Data breaches

Pwned Passwords, Open Source in the.NET Foundation and Working with the FBI

Troy Hunt

MAY 27, 2021

Both these announcements are being made at a time where Pwned Passwords is seeing unprecedented growth: Getting closer and closer to the 1B requests a month mark for @haveibeenpwned 's Pwned Passwords. Speaking of natural fits, Pwned Passwords is perfect for this model and that's why we're starting here.

Passwords

Passwords Accountability Cybercrime Authentication

Pwned Passwords, Version 5

Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today. 3,768,890 passwords.

Passwords

Passwords Accountability Authentication Data breaches

Hunting SMB Shares, Again! Charts, Graphs, Passwords & LLM Magic for PowerHuntShares 2.0

NetSpi Technical

NOVEMBER 14, 2024

Running PowerHuntShares I’ve provided more details on the GitHub page, but PowerHuntShares is a simple PowerShell script that can be downloaded and run using PowerShell 5.1 Download PowerHuntShares here. You can download the template file here , and then use it to search for things you care about using the command below.

Passwords

Passwords Risk Data collection Backups

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

Of those malicious apps, 5,200 could subvert one of the strongest security practices available today, called multifactor authentication, by prying into basic text messages sent to a device. They dont crack into password managers or spy on passwords entered for separate apps.

Phishing

Phishing Passwords Mobile Authentication

GUEST ESSAY: How the FIDO Alliance helps drive the move to passwordless authentication

The Last Watchdog

DECEMBER 6, 2021

For IT leaders, passwords no longer cut it. This traditional authentication method is challenging to get rid of, mostly because it’s so common. Every new account you sign up for, application you download, or device you purchase requires a password. Lowering password use. So why are they still around?

Authentication

Authentication Passwords Mobile Phishing

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. HIBP confirmed that the stolen archive had 31M records, including email address, screen name, bcrypt password hash, and timestamps for password changes.

Internet

Internet Internet Data breaches Authentication

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. By stealing these tokens, attackers can often reuse them in their own web browser, and bypass any authentication normally required for that account. Microsoft Corp. government inboxes.

Cybercrime

Cybercrime Passwords Authentication Malware

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. ” WHOLESALE PASSWORD THEFT. “We were doing the right things, just not fast enough.

Passwords

Passwords Ransomware Password Management Malware

Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI

Troy Hunt

AUGUST 29, 2023

Further, the passwords from the malware will shortly be searchable in the Pwned Passwords service which can either be checked online or via the API. Pwned Passwords is presently requested 5 and a half billion times each month to help organisations prevent people from using known compromised passwords.

Malware

Malware Passwords Password Management Antivirus

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. To extract cookies from Chromium-based browsers, it downloads a module from the C&C to bypass App-Bound encryption.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

NOVEMBER 5, 2024

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Keep threats off your devices by downloading Malwarebytes today. Here’s how it works.

Accountability

Accountability Authentication Malware Banking

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

Troy Hunt

APRIL 5, 2023

In its simplest form, the illegal data marketplace has long involved the exchange of currency for personal records containing attributes such as email addresses, passwords, names, etc. We block known breached passwords. We implement two factor authentication. So, we (the good guys) adapt and build better defences.

Marketing

Marketing Passwords Authentication Accountability

How AI was used in an advanced phishing campaign targeting Gmail users

Malwarebytes

FEBRUARY 13, 2025

Around the same time, users receive legitimate looking emails from what appears to be an authentic Google domain to add credibility to what the caller is claiming to have happened. And if cybercriminals manage to steal the session cookie, they can log in as you, change the password and grab control of your account.

Phishing

Phishing Artificial Intelligence Identity Theft Accountability

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Malwarebytes

MAY 16, 2024

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. A type of phishing we’re calling authentication-in-the-middle is showing up in online media. Use a password manager. That’s a great thing.

Authentication

Authentication Phishing Password Management Scams

Hackers Steal Phone, SMS Records for Nearly All AT&T Customers

Krebs on Security

JULY 12, 2024

AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed). For its part, Snowflake says it now requires all new customers to use multi-factor authentication. In a regulatory filing with the U.S.

Data breaches

Data breaches Passwords Authentication Accountability

Android Keyboard Apps with 2 Million downloads can remotely hack your device

Security Affairs

DECEMBER 2, 2022

CyRC experts warn of weak or missing authentication mechanisms, missing authorization, and insecure communication vulnerabilities in the three apps. “An exploit of the authentication and authorization vulnerabilities could allow remote unauthenticated attackers to execute arbitrary commands. PC Keyboard versions 30 and prior.

Hacking

Hacking Authentication Mobile Passwords

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Automatic Logins Using Lastpass.

Risk

Risk Password Management Passwords Accountability

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

eSecurity Planet

AUGUST 19, 2022

One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). Even cloud infrastructures rely on cookies to authenticate their users. Browsers allow users to maintain authentication, remember passwords and autofill forms.

Authentication

Authentication Password Management Passwords Malware

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. GreyNoise also observed an instance of an attack using wget to download a shell script for reverse shell access. CVE-2024-8957 (CVSS score of CVSS 7.2)

Firmware

Firmware Manufacturing IoT Healthcare

Google Docs used by infostealer ACRStealer as part of attack

Malwarebytes

FEBRUARY 20, 2025

ACRStealer is often distributed via the tried and tested method of download as cracks and keygens , which are used in software piracy. With the capture of usernames and passwords from web browsers, attackers can access your accounts, including email, social media, and financial services. ID-number}.

Identity Theft

Identity Theft Malware Financial Services Antivirus

Should you allow your browser to remember your passwords?

Malwarebytes

NOVEMBER 2, 2023

At Malwarebytes we’ve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you’re just getting started. Encryption.

Passwords

Passwords Password Management Data breaches Authentication

Russia stole the passwords of 50 million users

CyberSecurity Insiders

NOVEMBER 23, 2022

Now, the latest that has been published by Group-IB claims Moscow’s involvement in the password stealing of over 50 million users. NOTE – Better to craft a password that has a minimum of 14 characters. Using a 2FA such as an OTP authentication makes complete sense in securing an account from hackers. .

Passwords

Passwords Scams Authentication Cybercrime

The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?

Malwarebytes

JANUARY 30, 2025

The Chinese startup has certainly taken the app stores by storm: In just a week after the launch it topped the charts as the most downloaded free app in the US. For those returning from a short holiday away from the news, DeepSeek is a new player on the Artificial Intelligence (AI) field.

Artificial Intelligence

Artificial Intelligence Risk Marketing Passwords

A Closer Look at the LAPSUS$ Data Extortion Group

Krebs on Security

MARCH 23, 2022

22, Microsoft said it interrupted the LAPSUS$ group’s source code download before it could finish, and that it was able to do so because LAPSUS$ publicly discussed their illicit access on their Telegram channel before the download could complete. In a blog post published Mar.

Social Engineering

Social Engineering Accountability Mobile Passwords

Many major websites allow users to have weak passwords

Malwarebytes

NOVEMBER 29, 2023

A new study that examines the current state of password policies across the internet shows that many of the most popular websites allow users to create weak passwords. For the Georgia Tech study , the researchers designed an algorithm that automatically determined a website’s password policy.

Passwords

Passwords Password Management Authentication Internet

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. In an Aug.

Mobile

Mobile Phishing Authentication Accountability

The sound of you typing on your keyboard could reveal your password

Malwarebytes

DECEMBER 12, 2023

As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound.

Passwords

Passwords Artificial Intelligence Password Management Cybercrime

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

For the past three years, the source — we’ll call him “Bill” to preserve his requested anonymity — has been watching one group of threat actors that is mass-testing millions of usernames and passwords against the world’s major email providers each day.

Accountability

Accountability Authentication Passwords Hacking

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. There are 21,222,975 unique passwords. It'll be 99.x%

Data breaches

Data breaches Passwords Password Management Accountability

The sound of you typing on your keyboard could reveal your password

Malwarebytes

DECEMBER 12, 2023

As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound.

Passwords

Passwords Artificial Intelligence Password Management Cybercrime

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

These pages act as a sort of gateway to external websites specifically designed to steal the usernames and passwords from the coveted advertisers’ Google accounts. Figure 12: The actual phishing page that follows Finally, all the data is combined with the username and password and sent to the remote server via a POST request.

Advertising

Advertising Accountability Phishing Scams

News alert: SquareX discloses ‘Browser Syncjacking’ – a new attack to hijack browser

The Last Watchdog

JANUARY 30, 2025

The extension then silently authenticates the victim into a Chrome profile managed by the attackers Google Workspace. Once this authentication occurs, the attacker has full control over the newly managed profile in the victims browser, allowing them to push automated policies such as disabling safe browsing and other security features.

Social Engineering

Social Engineering Engineering Authentication Media

Small business owners, secure your web shop

Malwarebytes

FEBRUARY 5, 2025

A cybercriminal specializing in breaching Shopify stores is posting huge data sets as free downloads. boAt Lifestyle data free download For example, boAt is reportedly Indian’s most active company that markets audio-focused electronic gadgets. Keep your software up to date. Do not store customer details that you no longer need.

Small Business

Small Business Data breaches Phishing Malware

Beyond the Surface: the evolution and expansion of the SideWinder APT group

SecureList

OCTOBER 15, 2024

The document or LNK file starts a multi-stage infection chain with various JavaScript and.NET downloaders, which ends with the installation of the StealerBot espionage tool. All the documents use the remote template injection technique to download an RTF file that is stored on a remote server controlled by the attacker.

Malware

Malware Encryption Architecture Phishing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. A booking photo of Noah Michael Urban released by the Volusia County Sheriff.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Black Friday Triggers Near 700% Rise in Retail Cyber Scams

SecureWorld News

DECEMBER 4, 2024

In one strategy, brand impersonation phishing, attackers send a phishing email designed to look like a favorite retailer, enticing their target to click a link for a discount, when in fact the link downloads malware to their device. Make logins secure Firstly, ensure all staff have strong passwords (12-16 characters).

Retail

Retail Scams Phishing Cyber threats

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

Approachable Cyber Threats

OCTOBER 7, 2024

What changed, and what is NIST's updated password guidance and the role of password strength in 2024?” One area where best practices have evolved significantly over the past twenty years is password security best practices. What are the key takeaways from NIST's updated password guidance?”

Passwords

Passwords Password Management Authentication Risk

The March Madness Cyber Threat

Adam Levin

MARCH 17, 2022

Sensitive information including passwords and financial information can be exfiltrated and ransomware can be deployed to block access to critical data. Change passwords regularly. Discouraging the use of file attachments when they’re not strictly necessary helps prevent downloaded malware. Invest in security-based products.

Cyber threats

Cyber threats Phishing Passwords Malware

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

Adding multi-factor authentication (MFA) at these various providers (where available) and/or establishing a customer-specific personal identification number (PIN) also can help secure online access. Armed with access to your inbox, thieves can then reset the password for any other service or account that is tied to that email address.

Accountability

Accountability Mobile Banking Passwords

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

The Last Watchdog

DECEMBER 8, 2022

This overconfidence is cause for concern for many cybersecurity professionals as humans are the number one reason for breaches (how many of your passwords are qwerty or 1234five?). Only 33 percent consistently use two-factor authentication (2FA). Only 28 percent don’t use repeated passwords•Only 20 percent use a password manager.

Cybersecurity

Cybersecurity Passwords Password Management Ransomware

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

IT Security Guru

JANUARY 30, 2025

Data Breaches Data breaches are fairly common among cybercriminals who break into a platforms database and steal sensitive information like personal details, passwords and financial data. Malware Infections Malware is simply dangerous programs installed on devices through suspicious downloads or links. Thats true. Enable 2FA.

Cyber Risk

Cyber Risk Risk Penetration Testing Accountability

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Distribution of programming languages used in writing web applications, 2021–2023 ( download ) We analyzed data obtained through web application assessments that followed the black, gray and white box approaches. Broken Authentication 5. Broken Authentication 5. More than a third (39%) used the microservice architecture.

Passwords

Passwords Authentication Architecture Risk

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Home Assistant, Pwned Passwords and Security Misconceptions

Trending Sources

Pwned Passwords, Open Source in the.NET Foundation and Working with the FBI

Pwned Passwords, Version 5

Hunting SMB Shares, Again! Charts, Graphs, Passwords & LLM Magic for PowerHuntShares 2.0

Phishing evolves beyond email to become latest Android app threat

GUEST ESSAY: How the FIDO Alliance helps drive the move to passwordless authentication

Internet Archive was breached twice in a month

FBI Hacker Dropped Stolen Airbus Data on 9/11

The Hidden Cost of Ransomware: Wholesale Password Theft

Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

How AI was used in an advanced phishing campaign targeting Gmail users

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Hackers Steal Phone, SMS Records for Nearly All AT&T Customers

Android Keyboard Apps with 2 Million downloads can remotely hack your device

10 Behaviors That Will Reduce Your Risk Online

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

PTZOptics cameras zero-days actively exploited in the wild

Google Docs used by infostealer ACRStealer as part of attack

Should you allow your browser to remember your passwords?

Russia stole the passwords of 50 million users

The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?

A Closer Look at the LAPSUS$ Data Extortion Group

Many major websites allow users to have weak passwords

How 1-Time Passcodes Became a Corporate Liability

The sound of you typing on your keyboard could reveal your password

Gift Card Gang Extracts Cash From 100k Inboxes Daily

The 773 Million Record "Collection #1" Data Breach

The sound of you typing on your keyboard could reveal your password

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

News alert: SquareX discloses ‘Browser Syncjacking’ – a new attack to hijack browser

Small business owners, secure your web shop

Beyond the Surface: the evolution and expansion of the SideWinder APT group

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Black Friday Triggers Near 700% Rise in Retail Cyber Scams

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

The March Madness Cyber Threat

Why & Where You Should You Plant Your Flag

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

Top 10 web application vulnerabilities in 2021–2023

Stay Connected