Coinbase to fix 2FA account activity entry freaking out users
Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]
Stay updated on the latest compromise incidents in infosec. Discover how breaches occur and learn strategies to protect your data and networks.
Search across headline titles and summaries.
Background for this topic.
Compromise in information security means unauthorized access or control over a system, network, or data, often resulting from exploiting vulnerabilities like software bugs, weak credentials, or misconfigurations. It indicates that an attacker has bypassed security measures to read, modify, or disrupt resources without permission.
Such compromises pose risks including data theft, unauthorized system manipulation, and persistent attacker presence. Detecting and containing compromises requires monitoring for unusual activity, applying timely patches, and enforcing strong access controls to limit attacker movement and reduce the impact of exploited weaknesses.
Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]
Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts. [...]
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. [...]
Stamp it out: Infostealer malware at German outfit may be culprit Britain's Royal Mail is investigating after a crew calling itself GHNA claimed it has put 144GB of the delivery giant’s data up for sale, perhaps after acquiring it with the same stolen credentials it used to crack Samsung Germany.…
Lawsuits Allege Cybercrime Gang Medusa Stole Data of 132,000 PeopleAn Arizona-based medical imaging practice with locations in 11 states is notifying patients that their data was compromised in a January cyberattack. Litigation filed against the company allege ransomware gang Medusa stole sensitive data pertaining to at least 132,000 people in the incident.
The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems
Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems
Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners
WP Ultimate CSV Importer flaws expose 20,000 websites to attacks enabling attackers to achieve full site compromise
Customer Credentials Possibly Compromised at EHR Vendor Acquired by Oracle in 2022Oracle is dealing with a hacking incident involving legacy patient data of Cerner electronic health record customers. Oracle, which acquired Cerner in 2022, is reportedly telling clients the hack involved compromised credentials for systems scheduled to migrate to the cloud.