infostealers
![Unfurling Hemlock malware](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Unfurling Hemlock Tossing ‘Cluster Bombs’ of Malware
A threat group dubbed Unfurling Hemlock infects targeted campaign with a single compressed file that, once executed, launches a 'cluster bomb' of as many as 10 pieces of malware that include loaders, ...
Security Boulevard
![passkeys, passwords, mobile strategy](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Criminals are Easily Bypassing Passkeys – How Organizations Can Stay Safe
The problems with passwords drive the interest to adopt newer authentication methods, like passkeys, a type of passwordless technology ...
Security Boulevard
![Snowflake CISO Brad Jones](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Ticketmaster is Tip of Iceberg: 165+ Snowflake Customers Hacked
Richi Jennings | | 2 factor auth, 2-factor authentication, 2fa, Advance Auto Parts, Brad Jones, Breach Forums, BreachForums, Buying event tickets online and cybersecurity, Cloud MFA, Data leak, DUAL FACTOR AUTHENTICATION, Event ticketing industry, infostealer, infostealers, LendingTree, Mandiant, Mandiant report, MFA, mult-factor authentication, multi-factor authenication, Multi-Factor Authentication, Multi-Factor Authentication (MFA), Multifactor Authentication, NYSE:SNOW, Privacy, QuoteWizard, Ransomware, SB Blogwatch, ShinyHunters, snowflake, Taylor Swift, threats, Ticketmaster, two factor authentication, UNC5537
Not our fault, says CISO: “UNC5537” breached at least 165 Snowflake instances, including Ticketmaster, LendingTree and, allegedly, Advance Auto Parts ...
Security Boulevard
![infostealer malware data](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
CoralRaider Group Delivers Three Infostealers via CDN Cache
The latest cyberthreat campaign by the threat actors is targeting victims around the world, Cisco's Talos unit says ...
Security Boulevard
![Troy Hunt, the culprit behind HaveIBeenPwned.com](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy
Richi Jennings | | authentication credentials, Compromised Credential, compromised credentials, compromised credentials monitoring, credential, Credential Compromise, credential database, Credential Dumping, credential harvesting, credential hijacking, credential loss, Credential Monitoring, credential stealing, credential stuffing, credential stuffing attack, Credential Stuffing Attacks, credentialstuffing, haveibeenpwned, HaveIBeenPwned.com, HIBPwned, info stealer, information stealer, infostealer, infostealers, malicious apps that steal passwords, Naz.API, password stuffing, SB Blogwatch, stuffingattacks, Troy Hunt
Have I been pwned? Yes, you probably have. Stop reusing passwords, already. Here’s what else you should do ...
Security Boulevard
![A still from the 1928 animated short, “Steamboat Willie”—the first appearance of Mickey Mouse](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard
![SlashNext vm2 sandbox bucket travel](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
SlashNext Report Shines Light on Scope of Airbnb Fraud
SlashNext found cybercriminals using infostealers and stolen browser cookies to set up fraudulent websites offering 50% discounts on Airbnb bookings ...
Security Boulevard
![Raccoon Malware Aims to Steal Credentials of People Who Use Popular Apps](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Raccoon Malware Aims to Steal Credentials of People Who Use Popular Apps
Security researchers have followed the evolution of a piece of infostealer malware named Raccoon, as it’s being developed and enhanced to work in as many scenarios as possible, including email clients, Internet ...
![Spam Campaign Leveraged RTF Documents to Spread Infostealers](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Spam Campaign Leveraged RTF Documents to Spread Infostealers
A spam campaign leveraged malicious RTF documents to distribute notorious infostealers including Agent Tesla and Lokibot. While digging through a few other spam campaigns, Lastline observed unusual use of the C# compiler ...