Image: Ryoji Iwata
A threat actor is currently selling passwords for the email accounts of hundreds of C-level executives at companies across the world.

The data is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in, ZDNet has learned this week.
The threat actor is selling email and password combinations for Office 365 and Microsoft accounts, which he claims are owned by high-level executives occupying functions such as:
CEO – chief executive officer
COO – chief operating officer
CFO – chief financial officer or chief financial controller
CMO – chief marketing officer
CTOs – chief technology officer
President
Vice president
Executive Assistant
Finance Manager
Accountant
Director
Finance Director
Financial Controller
Accounts Payables
Access to any of these accounts is sold for prices ranging from $100 to $1,500, depending on the company size and user’s role.

The seller’s ad on Exploit.in
Image via KELA
A source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.
The source, which requested that ZDNet not use its name, is in the process of notifying the two companies, but also two other companies for which the seller published account passwords as public proof that they had valid data to sell.
These were login details for an executive at a UK business management consulting agency and for the president of a US apparel and accessories maker.

Sample login provided by the seller as public proof
Image via KELA

The seller refused to share how he obtained the login credentials but said he had hundreds more to sell.
According to data provided by threat intelligence firm KELA, the same threat actor had previously expressed interest in buying “Azor logs,” a term that refers to data collected from computers infected with the AzorUlt info-stealer trojan.
Infostealer logs almost always contain usernames and passwords that the trojan extracts from browsers found installed on infected hosts.
This data is often collected by the infostealer operators, who filter and organize it, and then put it on sale on dedicated markets like Genesis, on hacking forums, or they sell it to other cybercrime gangs.
“Compromised corporate email credentials can be valuable for cybercriminals, as they can be monetized in many different ways,” KELA Product Manager Raveed Laeb told ZDNet.
“Attackers can use them for internal communications as part of a ‘CEO scam’ – where criminals manipulate employees into wiring them large sums of money; they can be used in order to access sensitive information as part of an extortion scheme; or, these credentials can also be exploited in order to gain access to other internal systems that require email-based 2FA, in order to move laterally in the organization and conduct a network intrusion,” Laeb added.
But, most likely, the compromised emails will be bought and abused for CEO scams, also known as BEC scams. According to an FBI report this year, BEC scams were, by far, the most popular form of cybercrime in 2019, having accounted for half of the cybercrime losses reported last year.
The easiest way of preventing hackers from monetizing any type of stolen credentials is to use a two-step verification (2SV) or two-factor authentication (2FA) solution for your online accounts. Even if hackers manage to steal login details, they will be useless without the proper 2SV/2FA additional verifier. More

When mass data collection and big data analysis exploded on the technology scene, security and encryption, unfortunately, took a back seat.  In a world where data breaches are commonplace — involving everything from device theft to vulnerability exploitation and open AWS buckets exposed to the world — businesses both large and small must now educate […] More

With Amazon Prime Day in full swing, you can find countless monitor deals across brands, giving you a great opportunity to upgrade your existing, outdated monitor or to purchase a new monitor suitable for gaming, working from home, or entertainment.But you better hurry: Prime Day ends tonight at midnight ET. In the meantime, take advantage of Prime Day 2 deals on monitors of all shapes and sizes suitable for every budget: affordable flat screens suitable for daily tasks; curved, high frame-rate models perfect for your next gaming session; large monitors that work as entertainment hubs; and even dual-screen options for the busy home office worker.Also: Best Prime Day deals: Live updatesBest Amazon Prime Day monitor deals More

Matthew Miller  Follow ZDNET: Add us as a preferred source<!–> on Google. XR glasses are fantastic for watching movies on plane or playing Nintendo Switch games on a virtual big screen, but they also have some pretty incredible utility in transferring the display from your laptop or tablet.  Ahead of Black Friday, the Xreal One Pro–> are […] More

Image: Getty Images
YouTube has said it will remove content containing misinformation or disinformation on approved vaccines, as that content poses a “serious risk of egregious harm”. “Specifically, content that falsely alleges that approved vaccines are dangerous and cause chronic health effects, claims that vaccines do not reduce transmission or contraction of disease, or contains misinformation on the substances contained in vaccines will be removed,” the platform said in a blog post. “This would include content that falsely says that approved vaccines cause autism, cancer or infertility, or that substances in vaccines can track those who receive them. Our policies not only cover specific routine immunizations like for measles or Hepatitis B, but also apply to general statements about vaccines.” Exceptions to the rules do exist: Videos that discuss vaccine policies, new trials, historical success, and personal testimonials will be allowed, provided other rules are not violated, or the channel is not deemed to promote vaccine hesitancy. “YouTube may allow content that violates the misinformation policies … if that content includes additional context in the video, audio, title, or description. This is not a free pass to promote misinformation,” YouTube said. “Additional context may include countervailing views from local health authorities or medical experts. We may also make exceptions if the purpose of the content is to condemn, dispute, or satirise misinformation that violates our policies.” If a channel violates the policy three times in 90 days, YouTube said it will remove the channel.

The channel of one anti-vaccine pushing non-profit, the Children’s Health Defense that is chaired by Robert F. Kennedy Jr, was removed. Kennedy claimed the channel’s removal as a free speech issue. Meanwhile, the BBC reported that Russia threatened to ban YouTube after a pair of RT channels in German were banned for COVID misinformation. YouTube said when announcing its expanded policy, it has removed over 130,000 videos for violating its COVID-19 vaccine policies since last year. In August, the video platform said it removed over 1 million COVID-19 misinformation videos. Earlier this year, Twitter began automatically labelling tweets it regarded as having misleading information about COVID-19 and its vaccines, as well as introducing its own strike system that includes temporary account locks and can lead to permanent suspension. While the system has led to the repeated suspension of misinformation peddlers such as US congresswoman Marjorie Taylor Greene, the automated system cannot handle sarcasm from users attempting humour on the topics of COVID-19 and 5G. In April, the Australian Department of Health published a page attempting to dispel any link between vaccines and internet connectivity. “COVID-19 vaccines do not — and cannot — connect you to the internet,” it stated. “Some people believe that hydrogels are needed for electronic implants, which can connect to the internet. The Pfizer mRNA vaccine does not use hydrogels as a component.” Related Coverage More