account hijacking Archives - Help Net Security

account hijacking

CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie

January 16, 2023

The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …

How an effective fraud prevention strategy can force fraudsters to invest more in their attacks

November 29, 2022

Since the early stages of the pandemic, account takeover fraud (ATO) has significantly transformed, quickly becoming one of the fastest-growing cybersecurity threats with 22% …

API abuses and attacks create new challenges for retailers

November 11, 2022

Imperva releases The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research of cybersecurity threats targeting the retail industry. …

130 Dropbox code repos plundered after successful phishing attack

November 2, 2022

Dropbox has suffered a data breach, but users needn’t worry because the attackers did not gain access to anyone’s Dropbox account, password, or payment information. …

Emotional and physical effects of identity theft are on the rise

October 7, 2022

The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or …

Shadow APIs hit with 5 billion malicious requests

October 7, 2022

Cequence Security released its first half 2022 report titled, “API Protection Report: Shadow APIs and API Abuse Explode.” Chief among the findings was approximately 5 billion …

How does identity crime affect victims?

September 23, 2022

The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or …

Uber says Lapsus$ gang is behind the recent breach

September 20, 2022

Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …

LastPass breach: Source code, proprietary tech info stolen

August 26, 2022

“An unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code …

How attackers use and abuse Microsoft MFA

August 24, 2022

Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …

Identity crimes reach all-time high

August 18, 2022

The Identity Theft Resource Center (ITRC) has published a report that looks at the identity crimes committed against individuals as reported by the victims of those crimes. In …

DigitalOcean customers affected by Mailchimp “security incident”

August 16, 2022

A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …