article thumbnail

FBI warns of malicious free online document converters spreading malware

Security Affairs

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” reads the alert.

Malware 115
article thumbnail

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Executing this series of keypresses prompts Windows to download password-stealing malware.

Phishing 257
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Building Password Purgatory with Cloudflare Pages and Workers

Troy Hunt

Which led me to a moment of clarity just yesterday as I was pondering revenge tactics and, in a flash of inspiration, came up with the idea of Password Purgatory: purgatory: a place or state of temporary suffering or misery You know how we all hate password complexity criteria? All they have to do first is create a password.

Passwords 355
article thumbnail

I Wanna Go Fast: How Many Pwned Password Queries Can You Make Per Second?

Troy Hunt

There's a time and a place for going fast, and there's no better place to do that than when querying Have I Been Pwned's Pwned Passwords service. (Ok, In December last year, Pwned Passwords saw not just a fresh batch of 225M new passwords from the NCA , but it also welcomed the ongoing ingestion of new passwords from the FBI.

Passwords 319
article thumbnail

Passwords Advice

Adam Shostack

Bruse Marshall has put together a useful comparison of password requirements from OWASP ASVS v3 and v4. Bruce Marshall has put together a comparison of OWASP ASVS v3 and v4 password requirements: OWASP ASVS 3.0 & 4.0 We should judge standards on their delivery of these important contextual documents. Comparison.

Passwords 130
article thumbnail

Microsoft Executives Hacked

Schneier on Security

Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.

Hacking 335
article thumbnail

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Below is the hypothesis reported in the document.

Media 118