anavem.
Back to Tags

Credential Theft

Credential theft attacks, prevention, and response strategies.

9Articles
893Topics

Articles with this Tag

Fake LastPass "Vault Backup" Emails Push 24 Hour Deadline to Steal Master PasswordsSecurity

Fake LastPass "Vault Backup" Emails Push 24 Hour Deadline to Steal Master Passwords

Attackers are using fake "vault backup required" maintenance alerts to pressure LastPass users into ...

Net-NTLMv1 Rainbow Tables: Mandiant's Release Turns a Legacy Windows Setting Into a 12-Hour Credential Recovery RiskSecurity

Net-NTLMv1 Rainbow Tables: Mandiant's Release Turns a Legacy Windows Setting Into a 12-Hour Credential Recovery Risk

Mandiant released Net-NTLMv1 rainbow tables that can recover key material in under 12 hours on sub-$...

Credential-Stealing Chrome Extensions Target Workday, NetSuite, and SAP SuccessFactors in Enterprise Account Hijacking CampaignSecurity

Credential-Stealing Chrome Extensions Target Workday, NetSuite, and SAP SuccessFactors in Enterprise Account Hijacking Campaign

A new wave of credential-stealing Chrome extensions is targeting enterprise HR and ERP platforms in ...

China-Linked UAT-8837 Exploited a Sitecore Zero-Day (CVE-2025-53690) to Gain Initial Access Into North American Critical InfrastructureSecurity

China-Linked UAT-8837 Exploited a Sitecore Zero-Day (CVE-2025-53690) to Gain Initial Access Into North American Critical Infrastructure

China-linked UAT-8837 exploited the Sitecore zero-day CVE-2025-53690 for initial access. What it mea...

StealC "cookie stealer" hackers got hacked: researchers hijacked their malware panels via XSS and stole the stealer's own session cookiesSecurity

StealC "cookie stealer" hackers got hacked: researchers hijacked their malware panels via XSS and stole the stealer's own session cookies

Researchers exploited a StealC panel XSS to steal session cookies, observe operators, and disrupt in...

Facebook Credential Theft Surges With "Browser-in-Browser" Popups That Hide Phishing URLs in Plain SightSecurity

Facebook Credential Theft Surges With "Browser-in-Browser" Popups That Hide Phishing URLs in Plain Sight

Facebook credential theft is being amplified by Browser-in-Browser (BitB) phishing, which renders fa...

Fake Fortinet Sites Weaponize AI Search Summaries to Steal VPN LoginsSecurity

Fake Fortinet Sites Weaponize AI Search Summaries to Steal VPN Logins

Fake Fortinet sites are not a new concept, but this campaign is a meaningful escalation because it t...

Phantom Shuttle: Fake VPN Chrome Extensions Steal Credentials from 170+ High-Value DomainsSecurity

Phantom Shuttle: Fake VPN Chrome Extensions Steal Credentials from 170+ High-Value Domains

Two identically-named Chrome extensions masquerading as legitimate VPN services have been secretly i...

ownCloud Warns of Massive Credential Theft: Enable MFA ImmediatelySecurity

ownCloud Warns of Massive Credential Theft: Enable MFA Immediately

ownCloud has issued an urgent security advisory following a Hudson Rock report revealing that dozens...