Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
19 résultats taggé credentials  ✕
JFrog Detects Malicious PyPi package Stealing Crypto Tokens https://jfrog.com/blog/malicious-pypi-package-hijacks-mexc-orders-steals-crypto-tokens/
24/04/2025 13:45:24
QRCode
archive.org
thumbnail

Learn how JFrog detected a malicious package that steals MEXC credentials and crypto trading tokens to buy and sell futures on crypto trading platforms.

JFrog EN 2025 PyPi MEXC credentials stealer malicious ccxt-mexc-futures supply-chain-attack
Cisco warns of Webex for BroadWorks flaw exposing credentials https://www.bleepingcomputer.com/news/security/cisco-warns-of-webex-for-broadworks-flaw-exposing-credentials/
04/03/2025 20:09:51
QRCode
archive.org
thumbnail

Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely.

bleepingcomputer EN 2025 Credentials Computer Cisco WebEx Broadworks
Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials | Datadog Security Labs https://securitylabs.datadoghq.com/articles/mut-1244-targeting-offensive-actors/
14/12/2024 10:58:04
QRCode
archive.org
thumbnail
  • In this post, we describe our in-depth investigation into a threat actor to which we have assigned the identifier MUT-1244.
  • MUT-1224 uses two initial access vectors to compromise their victims, both leveraging the same second-stage payload: a *phishing campaign targeting thousands of academic researchers and a large number of trojanized GitHub repositories, such as proof-of-concept code for exploiting known CVEs.
  • Over 390,000 credentials, believed to be for WordPress accounts, have been exfiltrated to the threat actor through the malicious code in the trojanized "yawpp" GitHub project, masquerading as a WordPress credentials checker.
  • Hundreds of victims of MUT-1244 were and are still being compromised. Victims are believed to be offensive actors—including pentesters and security researchers, as well as malicious threat actors— and had sensitive data such as SSH private keys and AWS access keys exfiltrated.
  • We assess that MUT-1244 has overlap with a campaign tracked in previous research reported on the malicious npm package 0xengine/xmlrpc and the malicious GitHub repository hpc20235/yawpp.
securitylabs.datadoghq.com EN 2024 pentesters script-kiddies offensive actors MUT-1244 PoC PoC-abuse MUT-1224 credentials steal
Abnormal Security https://abnormalsecurity.com/blog/adversary-in-the-middle-dropbox-phishing-open-enrollment
20/11/2024 22:00:32
QRCode
archive.org
thumbnail

Discover how Dropbox was exploited in a sophisticated phishing attack that leveraged AiTM tactics to steal credentials during the open enrollment period.

abnormalsecurity EN 2024 exploited sophisticated phishing attack leveraged aitm tactics steal credentials open dropbox enrollment discover period
Extracting Plaintext Credentials from Palo Alto Global Protect https://shells.systems/extracting-plaintext-credentials-from-palo-alto-global-protect/
20/11/2024 21:29:30
QRCode
archive.org
thumbnail

In C:\Users\username\AppData\Local\Palo Alto Networks\GlobalProtect there was a file called panGPA.log that contained something interesting:

shells.systems EN PoC Plaintext Credentials Palo Alto Global Protect
A Single Cloud Compromise Can Feed an Army of AI Sex Bots https://krebsonsecurity.com/2024/10/a-single-cloud-compromise-can-feed-an-army-of-ai-sex-bots/
06/10/2024 23:26:24
QRCode
archive.org

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which…

krebsonsecurity EN 2024 Cloud Compromise credentials Cybercriminals AI-powered chat services
Cryptographers’ Feedback on the EU Identity Wallet https://blog.xot.nl/2024/06/23/cryptographers-feedback-on-the-eu-identity-wallet/index.html
29/06/2024 10:41:55
QRCode
archive.org

A handful cryptographers were asked for feedback on the architecture of the European Identity Wallet (the Architecture Reference Framwork (ARF), currently at version 1.4.0). We seized the opportunity to write a short report to urge Europe to reconsider the design, and to base it on the use of anonymous (aka attribute-based) credentials.

Anonymous credentials were designed specifically to achieve authentication and identification that are both secure and privacy-preserving. As a result, they fully meet the requirements put forth in the eiDAS 2.0 regulation. (The current design does not.) Moreover, they are by now a mature technology. In particular we recommend to use the BBS family of anonymous credentials, which are efficient and mathematically proven secure.

blog.xot.nl EB eid EU Identity Wallet Anonymous credentials architecture
Cybercriminals Exploit Docusign With Customizable Phishing Templates https://abnormalsecurity.com/blog/cybercriminals-exploit-docusign
17/05/2024 09:27:38
QRCode
archive.org
thumbnail

Cybercriminals are abusing Docusign by selling customizable phishing templates on cybercrime forums, allowing attackers to steal credentials for phishing…

abnormalsecurity EN 2024 phishing customizable templates credentials business docusign selling cybercrime forums Docusign
AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web https://securityaffairs.com/158595/cyber-crime/anydesk-credentials-leaked-dark-web.html
04/02/2024 11:59:37
QRCode
archive.org
thumbnail

Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web.

securityaffairs EN 2024 AnyDesk incident darkweb credentials
Hundreds of network operators’ credentials found circulating in Dark Web https://www.resecurity.com/blog/article/hundreds-of-network-operators-credentials-found-circulating-in-dark-web
30/01/2024 18:23:34
QRCode
archive.org

Following a recent and highly disruptive cyberattack on telecom carrier Orange España the cybersecurity community needs to rethink its approach to safeguarding the digital identity of staff involved in network engineering and IT infrastructure management. Orange España is the second-largest mobile operator in Spain. In early January, an attacker going by the alias ‘Snow’ hijacked Orange España’s RIPE Network Coordination Centre (NCC) account. RIPE is Europe’s regional Internet registry. After this initial breach, Snow sabotaged the telecommunications firm’s border gateway protocol (BGP) and resource public key infrastructure (RPKI) configurations.

resecurity EN 2024 network operators credentials darkweb RIPE BGP
Uncovering thousands of unique secrets in PyPI packages https://blog.gitguardian.com/uncovering-thousands-of-unique-secrets-in-pypi-packages/
16/11/2023 15:01:57
QRCode
archive.org
thumbnail

Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials.

gitguardian EN 2023 GitGuardian PyPI research hardcoded credentials secret packages
New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
18/09/2023 11:48:47
QRCode
archive.org
thumbnail

Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology sectors.

netskope EN 2023 analysis Python NodeStealer Facebook Credentials Login Credentials
Users of cybercrime forums often fall victim to info-stealers, researchers find https://therecord.media/cybercrime-forum-users-infected-with-info-stealing-malware
18/08/2023 10:10:54
QRCode
archive.org
thumbnail

After analyzing millions of computers infected with info-stealing malware, researchers at Hudson Rock said they identified 120,000 that contained credentials used for logging into cybercrime forums.

therecord EN 2023 cybercrime InfoStealer credentials
Hackers Start Selling Data Center Logins for Some of World’s Largest Corporations https://www.bloomberg.com/news/features/2023-02-21/hackers-scored-corporate-giants-logins-for-asian-data-centers
21/02/2023 11:41:19
QRCode
archive.org
thumbnail

Such credentials in the wrong hands could be dangerous, experts say, potentially allowing physical access to data centers. The affected data center operators say the stolen information didn’t pose risks for customer IT systems.

bloomberg EN 2023 datacenters passwords logins credentials steal
Researchers Explore Hacking VirusTotal to Find Stolen Credentials https://www.darkreading.com/threat-intelligence/researchers-explore-hacking-virustotal-to-find-stolen-credentials
22/11/2022 15:57:11
QRCode
archive.org
thumbnail

VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.

darkreading EN 2022 threat-intelligence VirusTotal Credentials
Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
15/09/2022 17:40:33
QRCode
archive.org
thumbnail

In August 2022, the Vectra Protect team identified an attack path that enables malicious actors with file system access to steal credentials for any Microsoft Teams user who is signed in.

Vectra EN 2022 token teams Microsoft credentials steal
Did You Know Your Browser’s Autofill Credentials Could Be Stolen via Cross-Site Scripting (XSS) https://www.gosecure.net/blog/2022/06/29/did-you-know-your-browsers-autofill-credentials-could-be-stolen-via-cross-site-scripting-xss/
18/07/2022 08:43:00
QRCode
archive.org
thumbnail

Cross-Site Scripting (XSS) is a well-known vulnerability that has been around for a long time and can be used to steal sessions, create fake logins and carry out actions as someone else, etc.

In addition, many users are unaware of the potential dangers associated with their browser’s credential autofill feature. This attack vector is not new, but it is unknown to many people and as we investigated further we found that the dangers were extensive. In this post, the GoSecure Titan Labs team will demonstrate that using a browser password manager with autofill could expose your credentials in a web application vulnerable to XSS.

gosecure EN 2022 browsers XSS password-autofill credentials
Zimbra Email - Stealing Clear-Text Credentials via Memcache injection https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/
15/06/2022 18:18:08
QRCode
archive.org
thumbnail

We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts.

sonarsource EN 2022 Zimbra memcache Vulnerability email steal credentials
Fake sites stealing Steam credentials https://www.zscaler.com/blogs/security-research/fake-sites-stealing-steam-credentials
28/03/2022 14:19:53
QRCode
archive.org
thumbnail

Recently, the Zscaler ThreatLabZ team came across multiple fake Counter-Strike: Global Offensive (CS:GO) skin websites aimed at stealing Steam credentilsa.

Zscaler 2020 EN stealing BitB Steam Fake credentials
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio