Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

POPULAR CYBERSECURITY PUBLICATIONS
2023-01-25 21:33:00 UTC
HackRead
HackRead
New Wave of Cyberattacks Targeting MS Exchange Servers

By Waqas

Cybercriminals are leveraging two exploit chains (ProxyNotShell/OWASSRF) to target Microsoft Exchange servers, as warned by Bitdefender Labs.

This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers

Security Microsoft Cyber Attack Microsoft Exchange OWASSRF ProxyNotShell Security SSRF Vulnerability
2023-01-25 21:25:00 UTC
Dark Reading
Dark Reading
Despite Slowing Economy, Demand for Cybersecurity Workers Remains Strong

New Cyberseek™ data shows US is short nearly 530,000 skilled cybersecurity staff.

2023-01-25 20:30:00 UTC
Dark Reading
Dark Reading
Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI

The security vulnerability allows attackers to spoof a target certificate and masquerade as any website, among other things.

2023-01-25 19:58:00 UTC
Krebs on Security
Krebs on Security
Experian Glitch Exposing Credit Files Lasted 47 Days

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer's full credit report -- armed with nothing more than a person's name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between Nov. 9, 2022 and Dec. 26, 2022.

A Little Sunshine Data Breaches Web Fraud 2.0 Experian Experian Breach
2023-01-25 19:35:00 UTC
Dark Reading
Dark Reading
GoTo Encrypted Backups Stolen in LastPass Breach

Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.

2023-01-25 18:00:00 UTC
Dark Reading
Dark Reading
Log4j Vulnerabilities Are Here to Stay — Are You Prepared?

Don't make perfect the enemy of good in vulnerability management. Context is key — prioritize vulnerabilities that are actually exploitable. Act quickly if the vulnerability is on a potential attack path to a critical asset.

2023-01-25 17:45:00 UTC
Dark Reading
Dark Reading
North Korea's Top APT Swindled $1B From Crypto Investors in 2022

The DPRK has turned crypto scams into big business to replenish its depleted state coffers.

2023-01-25 17:12:00 UTC
HackRead
HackRead
GoTo’s LastPass Breach: Encrypted Customer Data Taken

By Deeba Ahmed

GoTo-owned LastPass revealed that hackers stole customers' encrypted data in a November 2022 data breach.

This is a post from HackRead.com Read the original post: GoTo’s LastPass Breach: Encrypted Customer Data Taken

Security Hacking News Breach Data GoTo Hacking Lastpass Password Password Manager

BreachAware Insight

THE LATEST CURATED INTEL FROM OUR RESEARCH CENTRE
BreachAware Podcast

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Amazon Music Apple Podcasts Spotify Podcast BreachAware YouTube Channel

Point of View

OUR TAKE ON TRENDING STORIES

Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES