Credentials

Fake DocuSign docs used to secure corporate credentials in mishing campaign – Go Health Pro

by
Fake DocuSign docs used to secure corporate credentials in mishing campaign – Go Health Pro

A targeted mobile phishing (mishing) campaign was observed that leveraged a DocuSign impersonation scheme that aimed to harvest corporate credentials from company executives. ZimperiumLabs reported Dec. 18 that the DocuSign campaign was similar to a pattern of spear phishing attempts that enterprises have been tracking in which attackers specifically target the mobile devices of their … Read more

Yearlong supply-chain attack targeting security pros steals 390K credentials – Go Health Pro

by
Yearlong supply-chain attack targeting security pros steals 390K credentials – Go Health Pro

Screenshot showing a graph tracking mining activity. Credit: Checkmarx But wait, there’s more On Friday, Datadog revealed that MUT-1244 employed additional means for installing its second-stage malware. One was through a collection of at least 49 malicious entries posted to GitHub that contained Trojanized proof-of-concept exploits for security vulnerabilities. These packages help malicious and benevolent … Read more

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned – Go Health Pro

by
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned – Go Health Pro

Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket … Read more

x