From Data Leaks to Bot-led Takeovers: Understanding Leaked Credentials vs Compromised Accounts

If we had a nickel for every time someone asked us the difference between leaked credentials and compromised accounts… Well, we’d be able to treat the team to a packet of Oreos one of these days. Why does it matter? Well, according to CISA, 54% of cyberattacks involve the use of valid accounts. As a result, understanding the risk of compromised accounts and leaked credentials is critical.  This article tackles the terms head-on, and discusses how threat actors get their hands on sensitive account details, diving deep into the different types of vulnerability and what they mean for protecting your organization.
2024 in Cybercrime_ KELA Predictions

2024 in Cybercrime: KELA Predictions

While some cybercriminals are on their holiday vacations (yes, we observed zero new ransomware victims on New Year’s Eve), the lull won’t continue long. Ahead of the new battles of 2024, KELA elaborates on the most expected trends in cybercrime for this year.

Your Compromise Is Confirmed: How Threat Actors Access Hotel Accounts on

Over the last few months, several phishing campaigns were spotted using compromised credentials of hotels and homeowners. Particularly interesting is a widespread operation that employs these credentials to contact guests on via their internal messenger (1, 2, 3, 4). In a fraudulent message, the attackers impersonate a hotel and lure victims into visiting a malicious phishing page designed to steal their credit card details.

5 Questions About Hamas-Israel War

As we approach the end of 2023, the Hamas-Israel war still rages on, and so do cyberattacks accompanying it. KELA selected 5 questions out of those we’ve been asked by our clients and partners (aside from “how are you?”) in the past 70+ days, and represent the cybersecurity angle of a physical war.

5 Questions (and Answers) About the Kyivstar Attack

Following a cyberattack on December 12, 2023, Kyivstar, a major Ukrainian mobile network operator, faced a significant digital crisis. The incident has been discussed as one of the most powerful attacks on a telecommunication organization. Confusing claims surfaced from hacktivist groups like Killnet and its successor, Deanon Club, along with Solntsepek. In this blog, KELA dives into the details of the Kyivstar cyberattack, exploring the conflicting stories and the potential involvement of a Russian nation-state actor.