account hijacking
High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen?
The Twittersphere went into overdrive on Wednesday as a bunch of prominent, verified Twitter accounts were hijacked and started promoting a COVID-19 cryptocurrency giveaway …
Duration of application DDoS attacks increasing, some go on for days
There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account …
What can merchants do to avoid falling victim to large-scale ATO attacks?
Account Takeover (ATO) attacks happen when a bad actor gains access to a legitimate customer’s eCommerce store account and uses that account for fraud. The impact of ATO …
Phishers are trying to bypass Office 365 MFA via rogue apps
Phishers are trying to bypass the multi-factor authentication (MFA) protection on users’ Office 365 accounts by tricking them into granting permissions to a rogue …
Preventing account takeover and social engineering attacks
Since the COVID-19 outbreak, digital fraud has increased significantly, especially when it comes to account takeover. In this Help Net Security podcast, Angie White, Senior …
Government-backed cyber attackers increasingly targeting journalists
Since the start of the year, journalists and news outlets have become preferred targets of government-backed cyber attackers, Google’s Threat Analysis Group (TAG) has noticed. …
As consumers turn online for purchases, many are targeted by pandemic-related digital fraud
There has been a spike in digital commerce since social distancing became widespread globally, according to a TransUnion research. The research found a 23% increase in global …
How to protect your online streaming accounts from cybercriminals?
Have you secured your streaming services’ accounts? Are you sure someone else, unbeknown to you, isn’t using them as well? As people around the world are being …
Compromised passwords used on 44 million Microsoft accounts
44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking due to use of compromised passwords, Microsoft has shared. The discovery was …
Phishers have been targeting UN, UNICEF, Red Cross officials for months – and still do
Researchers have brought to light a longstanding phishing campaign aimed at the UN and its various networks, and a variety of humanitarian organizations, NGOs, universities …
Avast breached by hackers who wanted to compromise CCleaner again
Czech security software maker Avast has suffered another malicious intrusion into their networks, but the attackers didn’t accomplish what they apparently wanted: …
Researchers reveal the latest lateral phishing tactics
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves. Lateral phishing tactics …