Malware impersonates Kaspersky antivirus. Security researchers have found malware that steals credentials while pretending to be anti-virus software from Kaspersky.
Even once there's buy-in from fraud and infosec teams, there are often fundamental disconnects in perceptions and points of view that can get in the way of working together.
The nine US-indicted Iranians who stand accused of exfiltrating 31 terabytes of research and data from educational institutions, companies and government agencies, allegedly used phishing schemes to steal university credentials.
The online travel company Orbitz has suffered a major data breach possibly exposing the personal information associated with the owners of up to 880,000 payment cards.
About 10 percent of the email credentials of all those employed at Fortune 500 companies have been leaked on the dark web, according to a new study.
Hardware and electronics manufacturer Lenovo disclosed an insecure credential storage vulnerability in its Fingerprint Manager Pro utility software, which can be exploited for local privilege escalation on a variety of systems.
A credentials-stealing malware program disguised as an Android app was recently found spoofing an Uber user interface, and even leveraging a deep link uniform resource identifier from the ride-sharing app to appear legitimate.
A single file on the dark web with a database of 1.4 billion clear text credentials not only is the largest aggregate found there but it opens a trove of credentials to even the least sophisticated hackers.
A new BeyondTrust survey has revealed that nearly half of all organisations (49 percent) reuse passwords across multiple systems, despite knowing better, reports Brian Chappell.
Russian dark web marketplace Ultimate Anonymity Services (UAS) is selling 35,000 compromised Remote Desktop Protocol servers, which criminals can use to anonymise themselves or access victims' networks.
Two new flaws have been discovered in Windows NTLM security protocols which could result in unauthorised credential use, password cracking and domain compromise.
More than one million Yahoo and Gmail accounts - including usernames, email addresses and plain text passwords - are reportedly for sale on the dark web
SC Media UK's latest Roundtable - The Tesco Hack: could it happen to you?, sponsored by SC Jobs - concluded with a resounding 'yes', so although the details are still not clear, it's clear that we need to prepare.
The theft of millions of password credentials can lead to automated attacks on other companies' sites. But Stephen Singam asks how can they be prepared to spot this risk?
Nearly 800,000 users' details have been stolen from porn chat site Brazzers, leading some pundits to advise users to be more creative with their passwords.
François Amigorena explains why compromised credentials are a major cyber-threat to organisations and how cumbersome security wastes time, whereas contextual awareness allows greater security automatically.
A white hat researcher discovered a pair of data breaches in which email and password credentials of government employees was dumped on Pastebin.
Over 18 million user credentials have been found on a server of a Japanese company who let Chinese hackers use it in their attacks.
A new security report from Kaspersky Lab is shedding light on Steam Stealer, a growing family of malware that hackers are using to steal credentials for Valve Corporation's Steam online gaming platform.
In this week's In Case You Missed It, we look back at NatWest 'smishing' scams, Locky runs rampant, companies taking cyber-security more seriously and other stories.
A free honeypot chock full of fake domain credentials has been created to educate administrators on trapping and blocking attackers.
Cyber-security company Trend Micro have spotted a large uptick in Netflix and Uber credentials being sold by illicit deep web vendors
The modular CoreBot Trojan login credential stealer has started morphing and now it has turned into a fully fledged bank robber instead.
Security credentials hard coded into repositories could have helped hackers, according to research by security consultant Gabor Szathmari.
Users of the JQuery website development tool - who are mainly 'privileged' users like system admins and developers - are being warned they could have been served with the RIG credentials-stealing malware in a hack that was launched more than a week ago.
Context-aware security can make intelligent decisions while allowing mobile users to get the job done.
Fraud and disruption attacks are set to result in losses of £2.1 million per hour on Monday December 2, the busiest day of the year for daily online and mobile retail sales to consumers taking advantage of Cyber Monday discounts.