Please turn on your JavaScript for this page to function normally.
passwordless
Why it’s time to move towards a passwordless future

Adversaries don’t need to use sophisticated methods to gain access to enterprise systems or to deploy ransomware – they can just buy or steal credentials and log in. By …

hand
Rilide browser extension steals MFA codes

Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals …

Tomasz Kowalski
Protect your entire business with the right authentication method

In this Help Net Security interview, Tomasz Kowalski, CEO at Secfense emphasizes the significance of multi-factor authentication in the corporate landscape, highlights the use …

Michael Jabbara
Visa fraud expert outlines the many faces of payment ecosystem fraud

In this Help Net Security interview, Michael Jabbara, the VP and Global Head of Fraud Services at Visa, delves into digital skimming attacks, highlighting their common causes, …

shield
5 rules to make security user-friendly

My mother is 67 years old. She is a brilliant woman, educated and not at all afraid of technology. Yet, when I tried to get her to install Google Authenticator and use …

malware
Exfiltration malware takes center stage in cybersecurity concerns

While massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to …

risk
Dormant accounts are a low-hanging fruit for attackers

Successful attacks on systems no longer require zero-day exploits, as attackers now focus on compromising identities through methods such as bypassing MFA, hijacking sessions, …

Twitter
Twitter will start charging users for SMS-based 2FA option

Twitter has announced that starting with March 20, users who don’t pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor …

reddit bad
Reddit breached: Internal docs, dashboards, systems accessed

Popular social news website and forum Reddit has been breached (again) and the attacker “gained access to some internal docs, code, as well as some internal dashboards …

email
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …

bomb
6 oversights that enable data breaches

Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information …

consumer
Consumers want convenience without sacrificing security

Consumers worldwide want frictionless online experiences without sacrificing the security of personal information, according to a recent survey from Ping Identity. With 63% …

Don't miss

Cybersecurity news