credentials
Detecting attackers obfuscating their IP address inside AWS
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials …
MFA spending on the rise, but organizations still unclear on best practices
While MFA adoption and spending is on the rise, organizations are still unclear on best practices and methodologies, Yubico and 451 Research reveal. The findings show that MFA …
Facebook Messenger users targeted by a large-scale scam
A large-scale scam campaign targeting Facebook Messenger users all over the world has been detected by Group-IB. Digital Risk Protection (DRP) analysts have found evidence …
Bad bot traffic reaching an all-time high over the past year
In 2020, Imperva saw the highest percentage of bad bot traffic (25.6%) since 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated …
Stop using your employees as scapegoats: Change their behavior
Remote workforces pose new challenges for organizations, with the largest issue centered around fortifying the security of at-home workers. We’ve recently witnessed large …
The importance of a zero trust-based approach to identity security
97 percent of senior security executives say attackers are increasingly trying to steal one or more types of credentials, a CyberArk survey reveals. As organizations move …
The war against the virus also fueling a war against digital fraud
TransUnion’s latest analysis of global online fraud trends found that since the COVID-19 pandemic began, fraudsters are increasing their rate of digital schemes against …
Tackling cross-site request forgery (CSRF) on company websites
Everyone with half a mind for security will tell you not to click on links in emails, but few people can explain exactly why you shouldn’t do that (they will usually offer a …
Cybercriminals capitalizing on our reliance on the cloud
90% of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to a research from Centrify. Most cloud environments …
New phishing campaign targets taxpayer credentials
A new phishing campaign is targeting U.S. taxpayers with documents that purport to contain tax-related content, but ultimately deliver NetWire and Remcos malware – two …
Credential exposure trends: You need a better password
SpyCloud researchers recovered more than 4.6 billion pieces of personally identifiable information and nearly 1.5 billion stolen account credentials from 854 breach sources in …
Rampant password reuse puts companies and customers at risk
25.9 million business account credentials and over 543 million breach assets tied to employees in the Fortune 1000 are readily available on the criminal underground, SpyCloud …