Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
This latest Quarterly Threat Report (QTR) distils the trends, notable new behaviours, and unusual attacks we saw over the last quarter. Also utilizing previous threat reports to compare findings and point out patterns–and even provide some solutions for avoiding the latest threats.
By dissecting how attackers got...
Genetics testing firm 23andMe is investigating a data leak of ancestry DNA information for certain customers whose usernames and passwords were previously hacked on other websites. The company suspects a massive credential stuffing attack on individual accounts using recycled passwords and no MFA.
With the rise of social engineering, large organizations continue to fall for credential-based phishing attacks, which often lead to costly breaches. Traditional multi-factor authentication (MFA) methods are increasingly under attack, and are especially prone to phishing. Join us to learn how to combat...
Netcraft purchased an online brand protection vendor to incorporate security analysts into the company's highly automated cybercrime takedown process. The deal will expedite the takedown of fraudulent websites by capitalizing on their joint knowledge of the global infrastructure provider landscape.
FICO released the results of a survey of 1,000 Canadian consumers who were asked to share their perspectives about how financial services organizations manage fraud and identity verification in a digital-first world. These survey results provide insights on:
How your fraud efforts could be your secret weapon in...
FICO research has found that macroeconomic factors can significantly impact fraud trends, and with inflation and fears of a recession looming, banks are facing new threats from fraudsters whose methods are becoming significantly more sophisticated. One of the areas most impacted is first-party fraud, where fraudsters...
Cybercriminals continue to rely on proven attack methods while developing new ways to infiltrate digital environments and break through your human defense layer.
But how can you reduce your organization’s attack surface? We looked at 12.5 million users across 35,681 organizations to find out.
In this webinar...
Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
Business Email Compromise (BEC) is “one of the most financially damaging online crimes” according to the FBI. It is a cunning form of email impersonation that, when combined with human error, can be incredibly disruptive and damaging. Phishing and Account Takeover (ATO) attacks target employees and trick them into...
While security tools have become more adept at detecting payloads in emails, attacks that lack known indicators and rely instead on impersonation/social engineering tactics are successfully bypassing these traditional controls and reaching inboxes. If an organization’s email security controls are not effective...
Fraudsters and cybercriminals are continuously finding new opportunities to exploit online activity, transactions, and the generosity of individuals.
Stay one step ahead of fraud with our new Insights Article. Gain valuable knowledge about the latest fraud trends, effective preparations, and preventive measures to...
While historically the origin of most business email compromise (BEC) attacks has been West Africa, residing in Nigeria certainly isn’t a requirement for BEC attackers. Indeed, the subject of this report is a sophisticated threat group based in Israel.
The group is unique in that they impersonate executives and...
Email is your most essential business tool—and today’s top malware delivery vector. This vital communications channel has become fertile ground for today's most damaging cyber threats and all kinds of fraud. Because email threats inherently target people, an effective cybersecurity program focuses on people first....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.