How does identity crime affect victims?
The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or …
account hijacking
Uber says Lapsus$ gang is behind the recent breach
Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …
LastPass breach: Source code, proprietary tech info stolen
“An unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code …
How attackers use and abuse Microsoft MFA
Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …
Identity crimes reach all-time high
The Identity Theft Resource Center (ITRC) has published a report that looks at the identity crimes committed against individuals as reported by the victims of those crimes. In …
DigitalOcean customers affected by Mailchimp “security incident”
A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …
GM, Zola customer accounts compromised through credential stuffing
Customers of automaker General Motors (GM) and wedding planning company Zola have had customer accounts compromised through credential stuffing, and the criminals have used …
Hijacking of popular ctx and phpass packages reveals open source security gaps
The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …
Account pre-hijacking attacks possible on many online services
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on …
Record level of bad bot traffic contributing to rise of online fraud
Bad bots, software applications that run automated tasks with malicious intent, accounted for a record-setting 27.7% of all global website traffic in 2021, up from 25.6% in …
Popularity of online payment goes hand-in-hand with fraud
NICE Actimize has released a report that identifies and analyzes the leading fraud threats and patterns that impacted leading global financial institutions in 2021. Noting …
New npm flaws let attackers better target packages for account takeover
In this video for Help Net Security, Yakir Kadkoda, Lead Security Researcher, and Assaf Morag, Lead Data Analyst at Aqua Security, talk about new npm flaws that allow …