The leaked data claimed to be from Okta includes user IDs, full names, company names, office addresses, phone numbers, email addresses, positions/roles, and other information.
Dozens of environments and hundreds of individual user accounts have already been compromised in an ongoing campaign targeting Microsoft Azure corporate clouds. The activity is in some ways scattershot — involving data exfiltration, financial fraud, impersonation, and more, against organizations in a wide variety of geographic regions and industry verticals — but also very honed, […]
A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate their identity and configure settings properly before they enter sensitive information. Two worlds collide in […]
Enlarge Getty Images OpenAI officials say that the ChatGPT histories a user reported result from his ChatGPT account being compromised. The unauthorized logins came from Sri Lanka, an Open AI representative said. The user said he logs into his account from Brooklyn, New York. “From what we discovered, we consider it an account take over […]
Iranian crypto exchange Bit24.cash leaks user passports and IDs Pierluigi Paganini January 07, 2024 Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3 billion. […]
MyEstatePoint Property Search Android app leaks user passwords Pierluigi Paganini January 05, 2024 The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing […]
In its latest stride towards user security, Mozilla has rolled out Firefox 121, bringing along a slew of crucial updates to address 18 vulnerabilities, five of which carry a ‘high‘ severity rating. This release not only fortifies the browser against potential exploits but also underscores Mozilla’s commitment to user safety. High-Severity Vulnerabilities Fixed in Firefox […]
Dec 15, 2023NewsroomPrivacy / User Tracking Google on Thursday announced that it will start testing a new feature called “Tracking Protection” starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit “cross-site tracking by restricting website access […]
Attackers target user accounts without robust authentication measures, creating new OAuth apps with high privileges to ensure continued access and hide their malicious activities.