#account-takeover — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #account-takeover, aggregated by home.social.
-
LinkedIn Account Attack Alert Issued For 1.2 Billion Users https://www.forbes.com/sites/daveywinder/2026/04/04/linkedin-account-attack-alert-issued-for-12-billion-users/ #cybersecurity #LinkedIn #socialengineering #AccountTakeover #credentialstealing
-
One does not simply exfiltrate a reset token using an email array.
And yet, Frodo (Matei "Mal" Bădănoiu) and Samwise (Raul Bledea) from Pentest-Tools.com did exactly that in FuelCMS.
Know someone's email? That's enough. Slip your address alongside theirs in a “forgot password” request and the token lands in your inbox. Their account is yours. You shall not (safely) parse!🧙
Chain it with PTT-2025-026 and you're looking at a 9.8 Critical unauthenticated RCE. One array to rule them all! 💍
Full PoC here: https://pentest-tools.com/research
#offensivesecurity #vulnerabilityresearch #infosec #accounttakeover
-
#FBI: Kontoübernahme-Betrug mit mehr als 262 Millionen US-Dollar Schaden | Security https://www.heise.de/news/FBI-warnt-vor-Kontouebernahme-Betrug-mit-mehr-als-262-Millionen-US-Dollar-Schaden-11093745.html #CyberCrime #AccountTakeover
-
Account Takeover Fraud Caused $262 Million in Losses in 2025: FBI https://www.securityweek.com/account-takeover-fraud-caused-262-million-in-losses-in-2025-fbi/ #Fraud&IdentityTheft #accounttakeover #Cybercrime #cybercrime #Report #fraud #FBI
-
Account Takeover Scams Surge as FBI Reports Over $262 Million in Losses https://thecyberexpress.com/account-takeover-fraud-sees-sharp-spike/ #InternetCrimeComplaintCenter(IC3) #phishingdomainsandwebsites #AccountTakeover(ATO)fraud #MultifactorAuthentication #TheCyberExpressNews #socialengineering #phishingwebsites #AccountTakeover #BlackFridaySale #TheCyberExpress #FirewallDaily #SEOpoisoning #Governance #CyberNews #ATOFraud #FBI
-
Account Takeover: What Is It and How to Fight It https://hackread.com/account-takeover-what-is-it-how-to-fight-it/ #AccountTakeover #Cybersecurity #Security #ATO
-
Vulnerability Exposed All Open VSX Repositories to Takeover https://www.securityweek.com/vulnerability-exposed-all-open-vsx-repositories-to-takeover/ #Vulnerabilities #accounttakeover #vulnerability #opensource #OpenVSX
-
Vulnerability Exposed All Open VSX Repositories to Takeover https://www.securityweek.com/vulnerability-exposed-all-open-vsx-repositories-to-takeover/ #Vulnerabilities #accounttakeover #vulnerability #opensource #OpenVSX
-
Masz wystawioną do Internetu Grafanę? Lepiej do niej zerknij… możliwe przejęcie konta
Grafana to otwartoźródłowa platforma do analizy i prezentacji danych, szeroko stosowana nie tylko w IT. Pozwala tworzyć panele prezentujące różne metryki, co powoduje, że jest popularnym rozwiązaniem wśród inżynierów IT i adminstratorów. Użytkownikom “domowym” może być znana między innymi z paneli prezentujących informacje udostępniane przez urządzenia klasy smart home (np....
#WBiegu #AccountTakeover #Grafana #Js #Openredirect #Websec #XSS
-
Lessons from the 23andMe Breach and NIST SP 800-63B – Source: securityboulevard.com https://ciso2ciso.com/lessons-from-the-23andme-breach-and-nist-sp-800-63b-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #Threats&Breaches #accounttakeover #ActiveDirectory #DataBreaches #datasecurity #NIST80063
-
Microsoft 365 Targeted in New Phishing, Account Takeover Attacks – Source: www.securityweek.com https://ciso2ciso.com/microsoft-365-targeted-in-new-phishing-account-takeover-attacks-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #accounttakeover #securityweekcom #Microsoft365 #securityweek #Phishing
-
Rethinking Credential Security – Source: securityboulevard.com https://ciso2ciso.com/rethinking-credential-security-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #passwordsecurity #accounttakeover #ActiveDirectory #Identity&Access #threatintel
-
The OpenID Shared Signals Framework – Source: securityboulevard.com https://ciso2ciso.com/the-openid-shared-signals-framework-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #credentialscreening #CyberSecurityNews #SecurityBoulevard #accounttakeover #Cybersecurity
-
Achieving CyberSecure Canada Certification – Source: securityboulevard.com https://ciso2ciso.com/achieving-cybersecure-canada-certification-source-securityboulevard-com/ #rssfeedpostgeneratorecho #RegulationandCompliance #SecurityBloggersNetwork #credentialscreening #CyberSecurityNews #SecurityBoulevard #passwordsecurity #accounttakeover #ActiveDirectory #Identity&Access
-
Defending Against Account Takeovers
Account takeovers (ATOs) are among the most damaging cyberattacks, often leading to data breaches or financial loss. Crowdalert combines real-time monitoring with human verification to stop ATOs before they escalate, prompting users to verify suspicious actions.
Ready to protect your organization? https://crowdalert.com
#Crowdalert #Cybersecurity #AccountTakeover #ATO #SecOps #ThreatDetection
-
Gmail Users Beware Of AI Scam that Takeovers Your Gmail Account https://cybersecuritynews.com/gmail-ai-scam-call-account-takeover/ #CyberSecurityNews #AccountTakeover #GmailSecurity #Phishing #AIScam #SCAM
-
AWS Patches Vulnerabilities Potentially Allowing Account Takeovers https://www.securityweek.com/aws-patches-vulnerabilities-potentially-allowing-account-takeovers/ #accounttakeover #CloudSecurity #cloud #AWS
-
AWS Patches Vulnerabilities Potentially Allowing Account Takeovers https://www.securityweek.com/aws-patches-vulnerabilities-potentially-allowing-account-takeovers/ #accounttakeover #CloudSecurity #cloud #AWS
-
📬 Bots machen die Hälfte des gesamten Internetverkehrs aus
#Cyberangriffe #Internet #KünstlicheIntelligenz #AccountTakeover #badbots #imperva #NanhiSingh #WebScrapingBot https://sc.tarnkappe.info/a86b90