Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Infosec News Feed

An aggregated list of cybersecurity publications
2022-08-04 17:53:00 UTC
HackRead
HackRead
Unprotected Snapchat and Amex sites lead to credential harvesting

By Deeba Ahmed

Open-Redirect vulnerabilities in American Express and Snapchat are being exploited to carry out phishing scams, researchers have revealed.…

This is a post from HackRead.com Read the original post: Unprotected Snapchat and Amex sites lead to credential harvesting

Security American Express Bug Bounty Phishing Security Snapchat Vulnerability
2022-08-04 16:52:00 UTC
Naked Security | Sophos
Naked Security | Sophos
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]

Lastest episode - listen now! (Or read if that's what you prefer.)

Cryptocurrency Cryptography Podcast Vulnerability Cryptocurrency Cryptogram Cybercrime Naked Security Podcast
2022-08-04 15:41:00 UTC
Krebs on Security
Krebs on Security
Scammers Sent Uber to Take Elderly Lady to the Bank

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters.  In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.

Latest Warnings The Coming Storm Web Fraud 2.0 Elder Scams Email Scam Fbi Travis Hardaway Uber
2022-08-04 15:16:00 UTC
Dark Reading
Dark Reading
Massive China-Linked Disinformation Campaign Taps PR Firm for Help

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.

2022-08-04 14:50:00 UTC
Dark Reading
Dark Reading
Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.

2022-08-04 14:00:00 UTC
Dark Reading
Dark Reading
The Myth of Protection Online — and What Comes Next

It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.

2022-08-04 14:00:00 UTC
The Daily Swig
The Daily Swig
Chromium site isolation bypass allows wide range of attacks on browsers

Flaw that opened the door to cookie modification and data theft resolved

2022-08-04 13:26:00 UTC
Dark Reading
Dark Reading
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.

2022-08-04 13:21:00 UTC
Dark Reading
Dark Reading
35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.

2022-08-04 13:17:00 UTC
Dark Reading
Dark Reading
Ping Identity to Go Private After $2.8B Acquisition

The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.