Credential abuse stories

Delinea Secret Server introduces MFA enforcement at depth to meet increasingly stringent cyber insurance requirements.

The updates include performance boosts for large vaults, advanced search, accessibility and workflow improvements for iOS users.

Most in-house intelligence teams lack the in-country experience and access to quality intelligence necessary for avoiding costly and embarrassing mistakes. 

Barracuda Networks has highlighted how cybercriminals leverage HTML as an attack technique in phishing, credential theft, and malware delivery.

The most observed 2022 cyber incident in Australia’s healthcare was suspicious network scan activity and multiple lateral movement model breaches in 2021.

The report addresses how ransomware remains one of the greatest cyber crime threats to organisations with operators innovating their extortion tactics.

A new report has revealed adversary success in identity theft indicates default cloud security controls are ineffective at preventing attacks.

The Vectra Protect team identified a post-exploitation opportunity in August, allowing malicious actors to steal valid user credentials from Microsoft Teams.

Identity theft and online fraud are becoming more prevalent than ever. A recent IBM study revealed that stolen or compromised credentials were responsible for 19% of data breaches this year.

It has been widely reported recently that South Australian government employees have been the victims of a cyberattack.

Even with education and phishing tests, users continue to hand over legitimate logins to attackers, who in turn exploit them with a high degree of success.

Organisations still operate with limited visibility of user activity associated with web applications, despite the risk of insider threats and credential theft.

By implementing behavioural analytics and smart password practices, security teams can thwart credential-based attacks across the organisation.

The tool is part of Attivo’s Endpoint Detection Net suite, and is aimed at enabling organisations to hide credentials from would-be attackers and their tools.

When the focus has been on adversaries that develop increasingly complex and sophisticated attacks, tried and true techniques such as compromised credentials continue to be amongst the most potent weapons.

SCIM Connector 2.0 allows organisations to set up workflows to synchronise, provision or modify entitlements in Secret Server directly within their IGA platform. 

The survey revealed that online users in Asia Pacific appear to be willing to share their private information in exchange for various personal gains from social media.

“Gamers are a niche demographic known for spending money, so their financial status is also a tempting target.”

New Zealanders reported direct financial losses of $1.7 million. While that is still a substantial loss, the figure is a 71% drop from the previous quarter.

New research from Akamai shows the gaming community is quickly becoming one of the most highly targeted industries for cyber attacks, with hackers largely driven by gaining consumer credentials.

Due to the growing reliance on mobile phones, SIM swapping is increasingly targeted as a way to take over a victim’s online accounts.

This week Google released extra measures in a bid to provide better security for its users’ data.

TechDay spoke to experts and executives in the security industry about the data leak and the implications on phishing and credential stuffing.

This makes the second leak three times bigger than the Collection #1 dump leaked last month.