Credentials – Page 2 – OWASP Jakarta

Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials

Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices. “This malware uses famous Android app icons to mislead users and trick victims into installing the Read more

By adminowasp, 1 year ago

News

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said Read more

By adminowasp, 1 year ago

News

New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials

New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests. “This malware is modular, designed primarily to steal authentication material found Read more

By adminowasp, 1 year ago

News

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The vulnerability has been codenamed LeakyCLI by cloud security firm Read more

By adminowasp, 1 year ago

News

Mispadu Trojan Targets Europe, Thousands of Credentials Compromised

Mispadu Trojan Targets Europe, Thousands of Credentials Compromised The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden. Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturing, law firms, and commercial facilities, according Read more

By adminowasp, 1 year ago

News

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that’s used to target Laravel applications and steal sensitive data. “It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio,” Juniper Read more

By adminowasp, 1 year ago

News

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) Read more

By adminowasp, 1 year ago

News

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and Read more

By adminowasp, 1 year ago

News

Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials

Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials Feb 06, 2024NewsroomSocial Engineering / Malvertising Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. “This malware is designed to steal credentials and crypto Read more

By adminowasp, 1 year ago

News

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials Jan 17, 2024NewsroomBotnet / Cloud Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for “victim identification and exploitation Read more

By adminowasp, 2 years ago