Microsoft adds default protection against RDP brute-force attacks
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of Enterprise and OS Security at …
account protection
GM, Zola customer accounts compromised through credential stuffing
Customers of automaker General Motors (GM) and wedding planning company Zola have had customer accounts compromised through credential stuffing, and the criminals have used …
Account pre-hijacking attacks possible on many online services
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on …
Fraud detection is great, but you also need prevention
In this interview with Help Net Security, Itay Levy, CEO of Identiq, talks about the importance of fraud detection when it comes to protecting an organization but also its …
Unauthorized account openings increased by 21% in the last 12 months
Fifty-eight million consumers had a new account opened without their authorization in the last 12 months, a 21% increase compared to 2020, yet less than half of Americans know …
Credential exposure trends: You need a better password
SpyCloud researchers recovered more than 4.6 billion pieces of personally identifiable information and nearly 1.5 billion stolen account credentials from 854 breach sources in …
Microsoft to alert enterprise security teams when nation-state attackers target their employees
Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers. The …
Microsoft advises users to stop using SMS- and voice-based MFA
Multi-factor authentication (MFA) that depends on one of the authentication factors being delivered via SMS and voice calls should be avoided, Alex Weinert, Director of …
As ATO attacks surge, consumers expect merchants to protect them from fraud
Attempted account takeover (ATO) attacks swelled 282 percent between Q2 2019 to Q2 2020, Sift reveals. Likewise, ATO rates for physical ecommerce businesses — those that sell …
How to add 2FA to your Zoom account
Video conferencing platform Zoom is finally offering all users the option to enable two-factor authentication (2FA) to secure their accounts against credential stuffing …
Application threats and security trends you need to know about
Applications are a gateway to valuable data, so it’s no wonder they are one of attackers’ preferred targets. And since modern applications aren’t a …
Preventing account takeover and social engineering attacks
Since the COVID-19 outbreak, digital fraud has increased significantly, especially when it comes to account takeover. In this Help Net Security podcast, Angie White, Senior …