A researcher has cautioned that a vulnerability in Anomaly, a fork of Mastodon, could allow hackers to obtain users’ password information. Mastodon has been…
Category
Credential stuffing attack
AWS
Over 1800 Android and iOS apps’ source code provides access to AWS credentials
The Symantec Danger Hunter team discovered 1859 applications on Android and iOS that contained hard-coded Amazon Web Expert services (AWS). They obtain tokens that…
Account Takeover
Box account’s 2-factor authentication system can be circumvented
Cybersecurity researchers have revealed information on a now-patched bug in Box multi-factor authentication (MFA). The bug could be exploited to circumvent SMS-based login verification.…
Credential stuffing attack
RIPE NCC Internet registry reports a credential-stuffing attack
Last month, internet registry RIPE NCC Access reported a ‘Credential-Stuffing’ attack that affected its single-sign-on (SSO) platform. According to RIPES, though no SSO accounts…