Identity Attacks Overtake Exploits as Top Ransomware Cause
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage. Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta, or
File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using compromised credentials from stealing their data. [...]
Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]
Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]
Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts
Mandiant warns criminal gang UNC5537, which may be friendly with Scattered Spider, is on the rampage An unknown financially motivated crime crew has swiped a "significant volume of records" from Snowflake customers' databases using stolen credentials, according to Mandiant.…
Roku assures customers that no financial information was stolen and that any purchases made through user accounts have been reimbursed.
A British Library report found the most likely source of the incident was the compromise of third-party account credentials and no MFA was in place to stop the attackers
Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed DataAustralian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.
While text messaging-based MFA goes a long way toward protecting an org against compromised credentials, it also has vulnerabilities of its own. Orgs must look for ways around the flaws associated with test-based MFA by upgrading to multi-factor authentication. Learn more in this article from Specops Software. [...]
Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam
The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts
Slippery AiTM attacks targeted more than 10,000 orgs over the past nine months A widespread phishing campaign that has hit more than 10,000 organizations since September 2021 uses adversary-in-the-middle (AiTM) proxy sites to get around multifactor authentication (MFA) features and steal credentials that are then used to compromise business email accounts.…
Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication (MFA)