account hijacking
Phishers’ techniques and behaviours, and what to do if you’ve been phished
Once a user has been phished, how long does it takes for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva …
751 domains hijacked to redirect visitors to exploit kit
An unknown attacker has managed to modify the name servers assigned to 751 domains, which resulted in some visitors to the hijacked domains being redirected to a site hosting …
Password Reset MITM: Exposing the need for better security choices
Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …
Offer of nude celeb photos turns Twitter users into spammers
If not careful, Twitter users who are dead set on seeing nude photos of WWE star Paige will end up on marketers’ spam lists and with their own Twitter account pushing …
Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in …
Yahoo notifies more users of malicious account activity
Yahoo has sent out another round of account compromise notifications, warning users that hackers may have accessed their accounts by using forged cookies instead of passwords. …
Egyptian civil society NGOs targeted with sophisticated phishing
In the last few months, a number of Egyptian civil society organizations, lawyers, journalists, and independent activists have been targeted with personalized and generic …
Clinton campaign chief’s Twitter, iCloud accounts hijacked
Some 12 hours after WikiLeaks published emails stolen from the email account of Hillary Clinton campaign Chairman John Podesta, someone has hijacked the man’s Twitter …
Hackers compromised Telegram accounts, identified 15 million users’ phone numbers
Hackers have managed to compromise over a dozen Telegram accounts belonging to Iranian political activists and identify phone numbers tied to 15 million Iranian Telegram …
Botnet-powered account takeover campaign hit unnamed bank
A single attacker has mounted two massive account takeover (ATO) campaigns against a financial institution and an entertainment company earlier this year, and used a gigantic …
GoToMyPC remote desktop service resets all passwords in wake of attack
GoToMyPC, a remote computer administration service offered by Citrix, has forced a password reset for all customers in the wake of what they call a “very sophisticated …
How attackers can hijack your Facebook account
Positive Technologies researchers have demonstrated that knowing a user’s phone number and how to exploit a vulnerability in the SS7 network is enough to hijack that …
Featured news
Sponsored
Don't miss
- 100+ domains seized to stymie Russian Star Blizzard hackers
- October 2024 Patch Tuesday forecast: Recall can be recalled
- Best practices for implementing threat exposure management, reducing cyber risk exposure
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
- CUPS vulnerabilities could be abused for DDoS attacks