Cyber-Jackpot: 773M Credentials Dumped on the Dark Web
Thousands of individual breaches make up the database, one of the largest troves of stolen credentials ever seen. Source: www.threatpost.com
Web Security
Magecart Returns with Advertising Library Tactic
The threat group also has a new subsidiary, Magecart Group 12. Source: www.threatpost.com
VOIPO Database Exposes Millions of Texts, Call Logs
VOIPO acknowledged that a development server had been accidentally left publicly accessible, and took the server offline. Source: https://threatpost.com
Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims
He said that similar flaws were also found in the Dreamhost, HostGator, OVH and iPage web hosting platforms. Source: www.threatpost.com
Threatpost Poll: Can We Fix 2FA?
Take our short poll to weigh in on the state of two-factor authentication. Source: www.threatpost.com
Data Exposed in OXO, Amazon and MongoDB Leaks
Dual data exposures and a wide-scale data leak due to a vulnerable MongoDB database have kicked off 2019 so far. Source: https://threatpost.com
U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable
As the shutdown continues into its 21st day, dozens of .gov websites haven’t renewed their TLS certificates. Source: https://threatpost.com
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. Source: https://threatpost.com
Google Play Boots 85 Malicious Adware Apps
Once downloaded, the fake apps hide themselves on the victim’s device and continue to show a full-screen ad every 15 minutes. Source: https://threatpost.com
ThreatList: WordPress Vulnerabilities Tripled in 2018
Despite fewer plugins being added to WordPress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018. Source: www.threatpost.com