Tag: credentials

security

SANS Stormcast Thursday, July 2nd, 2026: MetaMask Phishing; Adobe Patches; Google Chrome Patches; Apple Hide-My-Email Vuln

Why Ask Credentials If There Are Secret Codes? https://isc.sans.edu/diary/Why%20Ask%20Credentials%20If%20There%20Are%20Secret%20Codes%3F/33118 Adobe Patches and Updated Patch Release Policy https://helpx.adobe.com/security/Home.html https://blog.adobe.com/security/protecting-customers-faster-how-adobe-is-responding-to-ai-accelerated-vulnerability-discovery Google Chrome Update (link had issues loading while recording) https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html Apple Hide My Email Vulnerability https://www.404media.co/apple-hide-my-email-vulnerability-reveals-peoples-real-email-addresses/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
pinball

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)

This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It&#x27s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].

Mehr lesen →
soc

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices across government and private sector organizations using compromised credentials. This activity, referred to as FortiBleed, involves the exposure of leaked credentials associated with approximately 74,000 Fortinet devices, including firewalls and virtual private network (VPN) gateways.   To defend against this […]

Mehr lesen →