The Evolving Threat of Credential Stuffing
Bots are focused on APIs, so companies must take the threat seriously and take immediate action.
MonitorMinor app is a Stalkware lurking in Google Playstore
Are there any applications whose only task is to spy on the user? Yes – until recently, these were still widely available programs on Google Play. Anyone could download and install them on the victim’s phone. What’s more, these applications concealed their presence and could be used to spy on the user.
https://www.cybersecurity-insiders.com/monitorminor-app-is-a-stalkware-lurking-in-google-playstore/
Over half of organisations expect remote workers to increase the risk of a data breach
A large percentage of employees working remotely use for business purposes for their own mobile devices, including a laptop, telephone, or tablet. And vice versa: business equipment is often used for private purposes. All this makes it challenging to protect company data and increases the risk of losing sensitive information.
Automated Bots Are Increasingly Scraping Data & Attempting Logins
Bots connect computers and software to the Internet, but despite all this is a problem for companies that disclose intellectual property as part of their business.
15 power user tips for Microsoft Teams
Forced Home Office is for many an entirely new reality for which they were not prepared. How to coordinate the activities of the team and colleagues and feel safe? How to exchange information and data? Fortunately, there are great tools for this.
https://www.computerworld.com/article/3238014/microsoft-teams-tips-and-tricks.html
Businesses struggle to reduce hacker dwell time
A fundamental and foremost challenge is to reduce the time spent by hackers on the network. The incubation time is quite essential, it is the moment of a break-in, identification, and the start of the attack. Hackers usually use this moment to map networks, identify devices, and data sets.
https://www.itproportal.com/news/businesses-struggle-to-reduce-hacker-dwell-time/
EA Sports down – Gaming giant hit by massive DDoS attacks
EA servers have been targeted by hackers using DDoS attacks. Fortunately, the company is reaching the normal state of its services.
https://www.hackread.com/ea-sports-down-gaming-giant-hit-by-ddos-attacks/
The hacker forum is letting anyone download Quidd data.
Another security breach this time, Quidd user data is circulating in the dark network and in the hacker forum where anyone can get. Hackers have published a vast mass of data on the market to buy and sell digital collectors’ items using the Android and iOS apps.
https://www.hackread.com/quidd-user-accounts-on-hacker-forum-download/
7 Steps to Avoid the Top Cloud Access Risks
The main reason for most cases of cloud data leaks are not software bugs or hackers – it’s mostly the administrators who forget to set up security or do it wrong. Following a few rules will minimize the risk of such incidents, regardless of whether you use Amazon Web Services, Microsoft Azure, or Google Cloud Platform.
https://www.darkreading.com/cloud/7-steps-to-avoid-the-top-cloud-access-risks-/a/d-id/1337545
GitHub accounts stolen in ongoing phishing attacks
GitHub is the target of phishing campaigns; the goal is to collect and steal credentials through landing pages that resemble the GitHub login page.
https://www.bleepingcomputer.com/news/security/github-accounts-stolen-in-ongoing-phishing-attacks/