So far 2022 confirms that passwords are not dead yet. Neither will they be anytime soon. Even though Microsoft and Apple are championing passwordless authentication methods, most applications and websites will not remove this option for a very long time. Think about it, internal apps that you do not want to integrate with third-party identity providers, government services, … [Read more...] about Stop Worrying About Passwords Forever
Passwords
Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords
French video game company Ubisoft on Friday confirmed it was a victim of a "cyber security incident," causing temporary disruptions to its games, systems, and services. The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wide password reset as a precautionary measure. "Also, we can confirm that all our … [Read more...] about Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords
New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught
Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. "This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the … [Read more...] about New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught
Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers
A software package available from the official NPM repository has been revealed to be actually a front for a tool that's designed to steal saved passwords from the Chrome web browser. The package in question, named "nodejs_net_server" and downloaded over 1,283 times since February 2019, was last updated seven months ago (version 1.1.2), with its corresponding repository leading … [Read more...] about Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers
Android Apps with 5.8 million Installs Caught Stealing Users’ Facebook Passwords
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company's Play Store after the apps were caught furtively stealing users' Facebook login credentials. "The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps' functions and, allegedly, to disable … [Read more...] about Android Apps with 5.8 million Installs Caught Stealing Users’ Facebook Passwords
Alert — There’s A New Malware Out There Snatching Users’ Passwords
A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed "Saint Bot," the malware is said to have first appeared on the scene in January 2021, with indications that it's under active development. "Saint Bot is a downloader that appeared quite recently, and slowly is getting … [Read more...] about Alert — There’s A New Malware Out There Snatching Users’ Passwords
How Organizations Can Prevent Users from Using Breached Passwords
There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various systems in your environment, your organization … [Read more...] about How Organizations Can Prevent Users from Using Breached Passwords
Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes
Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants.Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the … [Read more...] about Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes
New Android Malware Now Steals Passwords For Non-Banking Apps Too
Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps—a total of 337 non-financial Android applications on its target list.Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is … [Read more...] about New Android Malware Now Steals Passwords For Non-Banking Apps Too
Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords
The same team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords.WPA, or WiFi Protected Access, is a WiFi security standard that has been designed to authenticate wireless … [Read more...] about Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords