Vigilante discovered an emerging threat actor group attacking large online retailers using brute force checkers with large, frequently updated combo lists of login credentials.

Vigilante discovered an emerging threat actor group attacking large online retailers using brute force checkers with large, frequently updated combo lists of login credentials.
Over the past week, Vigilante has observed an uptick in Deep and Dark Web (DDW) communities experiencing an increase in scams targeting DDW users, overwhelmed DDW moderators, and degraded webpage performance of popular DDW forums and marketplaces.
In this episode of Infosec’s Cyber Work Podcast series, host Chris Sienko spoke with Adam Darrah about foreign vote tampering and other election security concerns for the upcoming 2020 election. Click here to listen to podcast.
With the country in the midst of a developing pandemic and in need of accurate information and resources, government agencies like the Centers for Disease Control (CDC) and the U.S. Department of Health and Human Services (HHS) are vitally important. Criminals will always endeavor to exploit these types of events for their own malicious purposes.
Earlier this month, Vigilante discovered that SMS marketing firm, Rocket Text (rocket-text.com), failed to secure its Mongo database exposing just over 600 million customer emails and 63 million phone numbers.
VIgilante has identified a trend of threat actors are using Remote Desktop Protocol (RDP), not email, to gain access to a victim’s network.
Vigilante assesses that cyber threat actors will continue to exploit the current fallout surrounding Iran to meet their own ends, complicating efforts to differentiate between official state sponsorship, hacktivism, independent threat actors showcasing their expertise, and disinformation campaigns; all increasing the risk of a policy miscalculation.
Vigilante is a cybersecurity startup that cuts against that grain… To Listen to the Podcast or Read More Click Here
Hackers are now using rich personally identifying information, including device types and browser versions, cookies and web histories, and even voice recordings to gain account access or commit fraud. To read more click here.