Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Password Manager. Show all posts
Password Manager
Credentials cyber attack Cybersecurity Digital Security Hacking Infostealer malware MFA Password Manager

Cybercriminals Intensify Attacks on Password Managers

 

Cybercriminals are increasingly setting their sights on password managers as a way to infiltrate critical digital accounts.

According to Picus Security’s Red Report 2025, which analyzed over a million malware samples from the past year, a quarter (25%) of all malware now targets credentials stored in password managers. Researchers noted that this marks a threefold surge compared to the previous year.

“For the first time ever, stealing credentials from password stores is in the top 10 techniques listed in the MITRE ATT&CK Framework,” they said. “The report reveals that these top 10 techniques accounted for 9Beyond the growing frequency of attacks, hackers are also deploying more advanced techniques. 3% of all malicious actions in 2024.”

Advanced Hacking Techniques

Dr. Suleyman Ozarslan, co-founder and VP of Picus Labs, revealed that cybercriminals use sophisticated methods like memory scraping, registry harvesting, and breaching both local and cloud-based password stores to extract credentials.

To counter this rising threat, Ozarslan emphasized the importance of using password managers alongside multi-factor authentication (MFA). He also warned against password reuse, particularly for password.

Beyond the growing frequency of attacks, hackers are also deploying more advanced techniques. Picus Security highlighted that modern cybercriminals are now favoring long-term, multi-stage attacks that leverage a new generation of malware. These advanced infostealers are designed for stealth, persistence, and automation.

Researchers compared this evolution in cyber threats to “the perfect heist,” noting that most malware samples execute over a dozen malicious actions to bypass security defenses, escalate privileges, and exfiltrate data.

A password manager is a cybersecurity tool that securely stores, generates, and auto-fills strong passwords across websites and apps. By eliminating the need to remember multiple passwords, it strengthens security and reduces the risk of breaches. Experts consider it an essential component of cybersecurity best practices.
Read more »
Windows
Google Google Chrome Password Manager Technology Windows

Passwords Vanish for 15 Million Windows Users, Google Says "Sorry"

Passwords Vanish for 15 Million Windows Users, Google Says "Sorry"

Google says “sorry” after a bug stopped Windows users from finding or saving their passwords. The issue began on 24th July and stayed till 25th July, before it was fixed. The problem, google said was due to “a change in product behavior without proper feature guard,” an incident sharing similarities with the recent Crowdstrike disruption.

The disappearing password problem affected Chrome users worldwide, causing them trouble finding saved passwords. Users even had trouble finding newly saved passwords. Google has fixed the issue now, saying the problem was in the M127 version of Chrome Browser on Windows devices.

Who were the victims?

It is difficult to pinpoint the exact numbers, but based on Google’s 3 Billion Chrome users worldwide, with the majority of Chrome users, we can get a positive estimate. According to experts, around 15 million users experienced the vanishing password problem.  "Impacted users were unable to find passwords in Chrome's password manager. Users can save passwords, however it was not visible to them. The impact was limited to the M127 version of Chrome Browser on the Windows platform," said Google.

The password problem is now fixed

Fortunately, Google has now fixed the issue, users only need to restart their Chrome browsers. “We apologize for the inconvenience this service disruption/outage may have caused,” said Google. If a user has any inconveniences beyond what Google has covered, they are free to contact Google Workplace Support.

Chrome Password Manager: How to use it?

Google's Chrome password manager may be accessed through the browser's three-dot menu by selecting Passwords & Autofill, then Google Password Manager. Alternatively, you can install the password manager Chrome app from the password manager settings and then access it from the Google Apps menu. If Chrome invites you to autofill a password, clicking Manage Passwords will take you directly there.

Things that went missing besides passwords recently

According to cybersecurity reporter Brian Krebs, the email verification while creating a new Google Workplace Account also went missing for a few Chrome users. 

The authentication problem, which is now fixed, allowed threat actors to skip the email verification needed to create a Google Workplace account, allowing them to mimic a domain holder at third-party services. This allowed a threat actor to log in to third-party services like a Dropbox account.  

Read more »
Technology
App security LastPass Password Manager Tech Giant Technology

Tech Giant Apple Launches Its Own Password Manager App

 

People with knowledge of the matter claim that Apple Inc. launched a new homegrown app this week called Passwords, with the goal of making it simpler for users to log in to websites and apps. 

The company introduced the new app as part of iOS 18, iPadOS 18 and macOS 15, the next major versions of its iPhone, iPad and Mac operating systems, said the people, who asked not to be identified because the initiative hasn’t been announced. The password-generating and password-tracking software was unveiled on June 10 at Apple's Worldwide Developers Conference. 

The new app is backed by iCloud Keychain, a long-standing Apple tool for syncing passwords and account information across several devices. This capability was previously concealed within the company's settings app or displayed when a user logged into a website. 

Apple is attempting to encourage more people to use safe passwords and improve the privacy of its devices by making the feature available as a standalone app. However, the action increases competition with third-party apps. The new app will compete with password managers such as 1Password and LastPass, and Apple will allow users to import credentials from rival services. 

The app displays a list of user logins and divides them into categories such as accounts, Wi-Fi networks, and Passkeys, an Apple-supported password replacement that uses Face ID and Touch ID.

Like most password managers, the data can be auto-filled into websites and apps when a user logs in. The software will also function with the Vision Pro headset and Windows computers. It also supports verification codes and functions as an authentication software similar to Google Authenticator. 

The Passwords push is only one part of the WWDC event. The primary focus will be Apple's artificial intelligence project, which will include features such as notification summaries, fast photo editing, AI-generated emoji, and a more powerful Siri digital assistant. Apple will also announce a collaboration with OpenAI to utilise the ChatGPT chatbot.
Read more »
Vulnerabilties and Exploits
Android AutoSpill AutoSpill attack cybersecurity research Password Manager Stolen Credentials Vulnerabilties and Exploits

AutoSpill Attack Steal Credentials from Android Password Managers


Security researchers from the International Institute of Information Technology (IIIT) in Hyderabad, India, have discovered a new vulnerability with some Android password managers in which some malicious apps may steal or capture users’ data credentials in WebView. 

The threat actors carry out the operation particularly when the password manager is trying to autofill login credentials. 

In a presentation at the Black Hat Europe security conference, the researchers revealed that the majority of Android password managers are susceptible to AutoSpill even in the absence of JavaScript injection. 

How AutoSpill Works

WebView is frequently used in Android apps to render web content, which includes login pages, within the app, rather than redirecting users to the main browser, which would be more challenging on small-screen devices. 

Android password managers automatically enter a user's account information when an app loads the login page for services like Apple, Facebook, Microsoft, or Google by utilizing the WebView component of the platform. 

According to the researchers, it is possible to exploit vulnerabilities in this process to obtain the auto-filled credentials on the app that is being invoked. 

The researchers added that the password managers on Androids will be more vulnerable to the attack if the JavaScript injections are enabled. 

One of the main causes of the issue regarding AutoSpill is Android’s inability to specify who is responsible for handling the auto-filled data securely, which leaves the data vulnerable to leakage or capture by the host app.

In an attack scenario, the user's credentials could be obtained by a rogue app presenting a login form without leaving any trace of the breach.

Impact and Patch Work

Using Android's autofill framework, the researchers tested AutoSpill against a number of password managers on Android 10, 11, and 12. They discovered that 1Password 7.9.4, LastPass 5.11.0.9519, Enpass 6.8.2.666, Keeper 16.4.3.1048, and Keepass2Android 1.09c-r0 are vulnerable to assaults.

It was found that Google Smart Lock 13.30.8.26 and DashLane 6.2221.3 had different technical approaches for the autofill process, wherein they did not compromise data to the host app unless JavaScript injection was used.

The researchers submitted their recommendations for fixing the issue along with their results to the security team of Android and the affected software manufacturers. Their report was accepted as legitimate, however, no information regarding the plans for rectifying it was disclosed.  

Read more »
Vulnerability and Exploits.
2FA Apple Devices Digital Identity iPhone Mac Password Manager PDF Exploits Safari Safari Browser Apple Sensitive Information Unauthorized access Vulnerability and Exploits.

iLeakage Attack: Protecting Your Digital Security

The iLeakage exploit is a new issue that security researchers have discovered for Apple users. This clever hack may reveal private data, including passwords and emails, and it targets Macs and iPhones. It's critical to comprehend how this attack operates and take the necessary safety measures in order to stay safe.

The iLeakage attack, detailed on ileakage.com, leverages vulnerabilities in Apple's Safari browser, which is widely used across their devices. By exploiting these weaknesses, attackers can gain unauthorized access to users' email accounts and steal their passwords. This poses a significant threat to personal privacy and sensitive data.

To safeguard against this threat, it's imperative to take the following steps:

1. Update Software and Applications: Regularly updating your iPhone and Mac, along with the Safari browser, is one of the most effective ways to protect against iLeakage. These updates often contain patches for known vulnerabilities, making it harder for attackers to exploit them.

2. Enable Two-Factor Authentication (2FA): Activating 2FA adds an extra layer of security to your accounts. Even if a hacker manages to obtain your password, they won't be able to access your accounts without the secondary authentication method.

3. Avoid Clicking Suspicious Links: Be cautious when clicking on links, especially in emails or messages from unknown sources. iLeakage can be triggered through malicious links, so refrain from interacting with any that seem suspicious.

4. Use Strong, Unique Passwords: Utilize complex passwords that include a combination of letters, numbers, and special characters. Avoid using easily guessable information, such as birthdays or common words.

5. Regularly Monitor Accounts: Keep a close eye on your email and other accounts for any unusual activities. If you notice anything suspicious, change your passwords immediately and report the incident to your service provider.

6. Install Security Software: Consider using reputable security software that offers additional layers of protection against cyber threats. These programs can detect and prevent various types of attacks, including iLeakage.

7. Educate Yourself and Others: Stay informed about the latest security threats and educate family members or colleagues about best practices for online safety. Awareness is a powerful defense against cyberattacks.

Apple consumers can lower their risk of being victims of the iLeakage assault greatly by implementing these preventive measures. In the current digital environment, being cautious and proactive with cybersecurity is crucial. When it comes to internet security, keep in mind that a little bit of prevention is always better than a lot of treatment.


Read more »
Unauthorized access
2FA Data Breach Email Attacks Encryption Password Password Manager Sensitive data Unauthorized access

Freecycle Data Breach: Urgent Password Update Required

Freecycle, a well-known website for recycling and giving away unwanted stuff, recently announced a huge data breach that has affected millions of its users. This news has shocked the internet world. Concerns over the security of personal information on the internet have been raised by the hack, underscoring once more the significance of using secure passwords and being aware of cybersecurity issues.

According to reports from security experts and Freecycle officials, the breach is estimated to have affected approximately seven million users. The exposed data includes usernames, email addresses, and encrypted passwords. While the company has stated that no financial or highly sensitive information was compromised, this incident serves as a stark reminder of the risks associated with sharing personal data online.

The breach was first reported by cybersecurity researcher Graham Cluley, who emphasized the need for affected users to take immediate action. Freecycle, recognizing the severity of the situation, has issued a statement urging all users to change their passwords as a precautionary measure.

This breach underscores the critical importance of password security. In today's digital age, where data breaches are becoming increasingly common, using strong and unique passwords for each online account is paramount. Here are some key steps users can take to protect their online presence:
  • Change Passwords Regularly: Freecycle users, in particular, should promptly change their passwords to mitigate any potential risks associated with the breach. Additionally, consider changing passwords for other online accounts if you've been using the same password across multiple platforms.
  • Use Strong, Complex Passwords: Create passwords that are difficult to guess, combining uppercase and lowercase letters, numbers, and special characters. Avoid easily guessable information like birthdays or common words.
  • Implement Two-Factor Authentication (2FA): Whenever possible, enable 2FA for your accounts. This adds an extra layer of security by requiring a one-time code or authentication device in addition to your password.
  • Password Manager: Consider using a reputable password manager to generate and store complex passwords securely. These tools can help you keep track of numerous passwords without compromising security.
  • Stay Informed: Regularly monitor your accounts for any suspicious activity and be cautious of phishing emails or messages asking for your login credentials.

Freecycle is not the first and certainly won't be the last platform to experience a data breach. As users, it's our responsibility to take cybersecurity seriously and proactively protect our personal information. While it's concerning that such breaches continue to occur, they serve as reminders that vigilance and good security practices are essential in our interconnected world.
Read more »
Password Manager
Antivirus Data Breach Firewall Infostealer MFA Password Manager

Meduza Stealer Targets Password Managers

 


A critical cybersecurity issue known as Meduza Stealer, a perilous new info stealer, has surfaced. By particularly attacking well-known password managers, this sophisticated virus compromises private user information. Users are urged to exercise caution and take the necessary safety measures by security professionals to protect their data.
According to a recent report by TechRadar Pro, Meduza Stealer has gained notoriety for its ability to bypass traditional security measures, making it challenging to detect and mitigate. The malware primarily focuses on infiltrating prominent password manager applications, a concerning trend given the increasing reliance on such tools to secure online credentials.

The reports state Meduza Stealer has already targeted 19 password managers, putting millions of users at risk. It operates by intercepting and exfiltrating sensitive information stored in these applications, including usernames, passwords, and other confidential data. The stolen information can be used for various malicious purposes, such as unauthorized access to personal accounts, identity theft, or financial fraud.

Meduza Stealer malware adopts evasive techniques to evade detection and remain hidden within targeted systems. Its advanced capabilities enable it to bypass antivirus software and firewalls, making it a significant challenge for security professionals to combat effectively.

Industry experts are urging users of password managers to remain cautious and implement additional security measures. Regularly updating software and using multi-factor authentication are recommended practices that can significantly reduce the risk of falling victim to such attacks. In addition, individuals are advised to exercise caution while clicking on suspicious links or downloading files from unknown sources, as these are often the entry points for malware.

Cybersecurity firms and researchers are working hard to create solutions in response to the threat Meduza Stealer poses. To remain ahead of such new threats, close cooperation between software developers, security professionals, and end users is essential.

Cybersecurity analyst John Smith underlines the value of preventative security measures. He says, "Users must continually upgrade their security procedures and keep up with the most recent threats. People can dramatically lessen their vulnerability to info stealers like Meduza Stealer by using strong passwords, enabling two-factor authentication, and exercising caution."

The development of complex attacks like Meduza Stealer, which are part of the ongoing transformation of the digital environment, highlights the importance of strong security procedures. People may safeguard their important data and reduce the risks brought on by these new cybersecurity threats by keeping themselves informed and putting in place thorough security measures.


Read more »
Vulnerabilities and Exploits
Bleeping Computer GitHub KeePass password exploit Password Manager Vulnerabilities and Exploits

KeePass Vulnerability: Hackers May Have Stolen the Master Passwords


One would expect an ideal password manager to at least keep their users’ passwords safe and secure. On the contrary, a new major vulnerability turned out to be putting the KeePass password manager users at serious risk of their passwords being breached.

Apparently, the vulnerability enables an attacker to extract the master password from the target computer's memory and take it away in plain text, or in other words, in an unencrypted form. Although it is a fairly easy hack, there are expected to be some unsettling repercussions.

Password managers, like in this case KeePass, lock up a user’s login info encrypted and secure behind a master password in order to keep it safe. The vault is a valuable target for hackers since the user is required to input the master password to access everything within.

How is KeePass Vulnerability a Problem? 

Security researcher 'vdohney,' according to a report by Bleeping Computer, found the KeePass vulnerability and posted a proof-of-concept (PoC) program on GitHub.

With the exception of the initial one or two characters, this tool can almost entirely extract the master password in readable, unencrypted form. Even if KeePass is locked and, possibly, if the app is completely closed, it is still capable of doing this.

All this is because the vulnerability extracts the master password from KeePass’s memory. This can be acquired, as the researcher says, in a number of ways: “It doesn’t matter where the memory comes from — can be the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys) or RAM dump of the entire system.”

The exploit is only possible due to some custom code KeePass uses. Your master password is entered in a unique box named SecureTextBoxEx. Despite its name, it turns out that this box is actually not all that secure since each character that is entered essentially creates a duplicate of itself in the system memory. The PoC tool locates and extracts these remaining characters.

‘A Fix is Incoming’ 

Having physical access to the computer from which the master password is to be taken is the only drawback to this security breach. However, that is not always a problem; as the LastPass vulnerability case demonstrated, hackers can access a target's computer by utilizing weak remote access software installed on the device.

In case a device was infected by a malware, it may as well be set up to dump KeePass's memory and send it and the app's database back to the hacker's server, giving the threat actor time to get the master password.

Fortunately, the developer of KeePass promises that a fix is incoming; one of the potential fixes is to add random dummy text that would obscure the password into the app's memory. It may be agonizing to wait until June or July 2023 for the update to be made available for anyone concerned about their master password being compromised. The fix, however, is also available in beta form and may be downloaded from the KeePass website.    

Read more »
Subscribe to: Posts (Atom)