account hijacking
0mega ransomware gang changes tactics
A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a …
Kodi forum breach: User data, encrypted passwords grabbed
The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a …
Fake ChatGPT for Google extension hijacks Facebook accounts
A new Chrome extension promising to augment users’ Google searches with ChatGPT also leads to hijacked Facebook accounts, Guardio Labs researchers have found. While this …
DHL, MetaMask phishing emails target Namecheap customers
A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
How an effective fraud prevention strategy can force fraudsters to invest more in their attacks
Since the early stages of the pandemic, account takeover fraud (ATO) has significantly transformed, quickly becoming one of the fastest-growing cybersecurity threats with 22% …
API abuses and attacks create new challenges for retailers
Imperva releases The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research of cybersecurity threats targeting the retail industry. …
130 Dropbox code repos plundered after successful phishing attack
Dropbox has suffered a data breach, but users needn’t worry because the attackers did not gain access to anyone’s Dropbox account, password, or payment information. …
Emotional and physical effects of identity theft are on the rise
The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or …
Shadow APIs hit with 5 billion malicious requests
Cequence Security released its first half 2022 report titled, “API Protection Report: Shadow APIs and API Abuse Explode.” Chief among the findings was approximately 5 billion …
How does identity crime affect victims?
The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or …
Uber says Lapsus$ gang is behind the recent breach
Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …