Multifaceted Phishing Scheme Deceives Bitpanda Customers
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information
Coupang disclosed a data breach affecting 33.7 million customers after unauthorized access to personal data went undetected for nearly five months. Penta Security explains how the incident highlights insider credential abuse risks and why encrypting customer data beyond legal requirements can reduce exposure and limit damage. [...]
Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website in April. [...]
Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year.
LummaC2, a C-based MaaS tool first identified in 2022, has resurfaced to exfiltrate credentials and personal data
A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp
An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data
The US passenger rail giant said attackers used previously compromised credentials to crack accounts and access a freight train of personal data.
The two jurisdictions will work together to investigate the credential-stuffing attack that put the personal data of millions at risk.
Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.
American retailer Hot Topic disclosed that two waves of credential stuffing attacks in November exposed affected customers' personal information and partial payment data. [...]
Warning: Poorly configured Google Cloud databases spill billing info, plaintext credentials At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers.…
Thieves broke into IT system using stolen login U-Haul is alerting tens of thousands of folks that miscreants used stolen credentials to break into one of its systems and access customer records that contained some personal data.…
Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed DataAustralian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.
Deli Dollars loyalty accounts hit with stolen credentials from the Dark Web, potentially exposing the personal data of more than 340,000 customers.
Jason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks. [...]
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud
A Brazilian threat actor is targeting Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021
A two-month-long automated credential-stuffing campaign exposed personal information of Chick-fil-A customers, including birthdays, phone numbers, and membership details.
American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. [...]