Multifactor Authentication Password Management

LastPass: Keylogger on home PC led to cracked corporate password vault

How did the crooks get in given that the needed access credentials of 4 developers at LastPass were locked up in a secure password vault to which only four developers had access?” Access to the vault password] was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which […]

Data Breaches Multifactor Authentication Password management Security

LastPass users: time to change passwords, settings and….

The hacker copied information from backup that contained basic customer account information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service. The threat actor was also able to copy a backup of customer vault data from the encrypted […]

Data Breaches Multifactor Authentication Password management

Crypto exchange Gemini leaks private data of 5.3 million users

The American crypto exchange Gemini has leaked the private data of 5.3 million users, which has subsequently been used for targeted phishing attacks. It concerns e-mail addresses and partial telephone numbers. According to Gemini, the data was stolen from an unnamed “third-party” supplier. No further details about the data breach have been provided. Gemini does […]

Multifactor Authentication Password Management Security

Gambling platform DraftKings theft of $300,000 via credential stuffing

Online gambling platform DraftKings has been hit by a credential stuffing attack in which attackers managed to break into users’ accounts and steal some $300,000. Credential stuffing uses previously leaked email addresses and passwords to gain automated account access. Attackers check whether they can also log in to website B with credentials stolen from website […]

Multifactor Authentication Password management Security

Politicans required strong password on Twitter

To protect accounts related to the US presidential election, Twitter will require a strong password for these accounts. These users are also recommended to set up two-factor authentication. The microblogging service has announced this on its own website. In this way, Twitter wants to protect so-called “high-profile accounts” during the upcoming presidential elections. These include […]