account hijacking
Cybercriminals are using legitimate Office 365 services to launch attacks
Vectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in …
Number of corporate credentials exposed on the dark web increased by 429%
While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext …
As ATO attacks surge, consumers expect merchants to protect them from fraud
Attempted account takeover (ATO) attacks swelled 282 percent between Q2 2019 to Q2 2020, Sift reveals. Likewise, ATO rates for physical ecommerce businesses — those that sell …
Preventing ecommerce fraud: A look at current trends and patterns
Forter released its Fraud Attack Index, delivering in-depth insight into the impact of COVID-19 on online buyer behavior and ecommerce fraud trends. This edition revealed …
Twitter employees were spear-phished over the phone
Twitter has finally shared more details about how the perpetrators of the recent hijacking of high-profile accounts to push a Bitcoin scam managed to pull it off. The way in …
Attackers have created a specialized economy around email account takeover
Barracuda released key findings about the ways cybercriminals are attacking and exploiting email accounts. The report reveals a specialized economy emerging around email …
High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen?
The Twittersphere went into overdrive on Wednesday as a bunch of prominent, verified Twitter accounts were hijacked and started promoting a COVID-19 cryptocurrency giveaway …
Duration of application DDoS attacks increasing, some go on for days
There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account …
What can merchants do to avoid falling victim to large-scale ATO attacks?
Account Takeover (ATO) attacks happen when a bad actor gains access to a legitimate customer’s eCommerce store account and uses that account for fraud. The impact of ATO …
Phishers are trying to bypass Office 365 MFA via rogue apps
Phishers are trying to bypass the multi-factor authentication (MFA) protection on users’ Office 365 accounts by tricking them into granting permissions to a rogue …
Preventing account takeover and social engineering attacks
Since the COVID-19 outbreak, digital fraud has increased significantly, especially when it comes to account takeover. In this Help Net Security podcast, Angie White, Senior …
Government-backed cyber attackers increasingly targeting journalists
Since the start of the year, journalists and news outlets have become preferred targets of government-backed cyber attackers, Google’s Threat Analysis Group (TAG) has noticed. …
Featured news
Resources
Don't miss
- Spring clean your security data: The case for cybersecurity data hygiene
- How AI agents could undermine computing infrastructure security
- Protecting your personal information from data brokers
- Report: Fortune 500 employee-linked account exposure
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)