account hijacking
Traditional identity fraud losses soar, totalling $52 billion in 2021
A study shows that traditional identity fraud losses, caused by criminals illegally using victims’ information to steal money, exploded in 2021 to $24 billion — an alarming …
Attackers have come to love APIs as much as developers
Cequence Security released a report revealing that both developers and attackers have made the shift to APIs. Of the 21.1 billion transactions analyzed in the last half of …
Phishing kits that bypass MFA protection are growing in popularity
The increased use of multi-factor authentication (MFA) has pushed developers of phishing kits to come up with ways to bypass that added account protection measure. A current …
GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry. About the fixed …
Why are we still asking KBA questions to authenticate identity?
Do you remember the name of your second-grade teacher? How about your maternal grandfather’s middle name? If you’ve ever forgotten a password, you’ve no doubt experienced the …
Retail industry security incidents soaring, worsened by the supply chain crisis
Imperva’s 12-month analysis on cybersecurity risks in the retail industry suggests that the 2021 holiday shopping season will be further disrupted by cybercriminals …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
ATO attacks increased 307% between 2019 and 2021
Sift released a report which details the evolving methods fraudsters employ to launch account takeover (ATO) attacks against consumers and businesses. The report details a …
Fraudsters increasingly focusing on digital accounts, whether existing or fake ones
Fraudsters are increasingly focusing on digital accounts, whether that is by compromising existing user accounts or creating fake new accounts to commit fraud, an Arkose Labs …
Turning the tide on surging account takeovers in the media industry
Account takeovers (ATOs) are on the rise, fueled by the widespread use of automated bots. The media industry, which includes social networks, content streaming, gambling, …
Cyber criminals are targeting digital artists
Cyber criminals looking for a quick payout and valuables are targeting digital artists using NFTs (non-fungible tokens), warns security researcher Bart Blaze. The attackers …
What happens to email accounts once credentials are compromised?
Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments