Home Tags Credentials

Tag: credentials

Researchers find 53 apps distributing malware for stealing Facebook credentials - some of which have been active since April 2017 and have been downloaded over 100,000 times.
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts.

The network-operator role should not be able to delete other con...
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of GUI command a...
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device.

This could result in arbitra...
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. The vulnerabili...
Easy as A, B, CTRL+P Security shortcomings in Intel's Active Management Technology (AMT) create a means for miscreants to bypass login credentials on corporate laptops.…
The Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affec...
Loki malware, built to steal credentials, is distributed via Microsoft Excel and other Office applications rigged with malicious 'scriptlets' to evade detection.
Attackers bypass HTTPS encryption protection by registering new TLS certificate.
The cybercrime group blamed for attacks on the SWIFT financial network launches a spearphishing campaign to steal employee credentials at a London cryptocurrency company.

Still Stealing

Two years ago we published a blogpost about a popular malware that was being distributed from the Google Play Store.
In October and November 2017 we found 85 new malicious apps on Google Play that are stealing credentials for VK.com
Find shows people still suck at passwords A data dump containing over 1.4 billion email addresses, passwords, and other credentials, all in clear text, has been found online by security shop @4iQ.…