Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.
Global News Feed
POPULAR CYBERSECURITY PUBLICATIONSBy Waqas
Cybercriminals are leveraging two exploit chains (ProxyNotShell/OWASSRF) to target Microsoft Exchange servers, as warned by Bitdefender Labs.
This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers
New Cyberseek™ data shows US is short nearly 530,000 skilled cybersecurity staff.
The security vulnerability allows attackers to spoof a target certificate and masquerade as any website, among other things.
On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer's full credit report -- armed with nothing more than a person's name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between Nov. 9, 2022 and Dec. 26, 2022.
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.
Don't make perfect the enemy of good in vulnerability management. Context is key — prioritize vulnerabilities that are actually exploitable. Act quickly if the vulnerability is on a potential attack path to a critical asset.
The DPRK has turned crypto scams into big business to replenish its depleted state coffers.
By Deeba Ahmed
GoTo-owned LastPass revealed that hackers stole customers' encrypted data in a November 2022 data breach.
This is a post from HackRead.com Read the original post: GoTo’s LastPass Breach: Encrypted Customer Data Taken
BreachAware Insight
THE LATEST CURATED INTEL FROM OUR RESEARCH CENTREListen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.