2022, Account Security and Accountability

Lessons Learned from a High-Stakes Data Breach

SecureWorld News

NOVEMBER 11, 2024

In 2016, Uber faced a cybersecurity crisis that ended up reshaping the conversation around data breaches and accountability. They managed to break in after finding credentials left exposed in a public GitHub repository—a preventable, basic lapse in security hygiene.

Data breaches

Data breaches Accountability Cybersecurity Account Security

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

IT Security Guru

FEBRUARY 25, 2025

For instance, in 2022, Uber experienced a significant security breach attributed to MFA fatigue. Cyber crooks often bank on organisations thinking of MFA as a silver bullet for account security, but it isnt. Finally, security teams need to actively monitor for unusual login attempts or excessive MFA prompts.

Social Engineering

Social Engineering Authentication Risk Accountability

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

NOVEMBER 11, 2023

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address.

Accountability

Accountability Authentication Passwords Identity Theft

5 predictions to help you focus your web app security resources in 2022

Tech Republic Security

NOVEMBER 17, 2021

This is the year business leaders will learn just how innovative online criminals have become, and it'll take rethinking how we perceive account security to fight it, says PerimeterX CTO Ido Safruti.

Account Security

Account Security Accountability

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords

Passwords Encryption Password Management Cryptocurrency

Key Fraud Attack Trends for 2022 and Beyond

Security Boulevard

JANUARY 31, 2022

As we brace for another year of fraud attacks and online abuse, insights into what motivates attackers to target businesses and how they bypass the latest fraud defense technologies can help them elevate their defenses In 2021, account security was one of the biggest challenges for […].

Account Security

Account Security Accountability Technology

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

Security Affairs

JUNE 5, 2022

“CertiK analysis reveals that this community manager, account –@BorisVagner (“BorisVagner | SBS” on Discord)– posted a message to BAYC’s Discord server with a phishing link that led to the fake site. — Bored Ape Yacht Club (@BoredApeYC) June 4, 2022. As a reminder, we do not offer surprise mints or giveaways.

Phishing

Phishing Hacking Accountability Scams

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

pic.twitter.com/BQSB2uV1JW — Life in DeFi (@lifeindefi) April 3, 2022. 1/ — Trezor (@Trezor) April 3, 2022. A statement shared by Mailchimp CISO Siobhan Smyth with TechCrunch revealed that the company discovered the security breach on March 26. You may want to warn everyone.

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

Darwinium upgrades its payment fraud protection platform

CSO Magazine

APRIL 19, 2023

Use cases for the Darwinium platform include account security, scam detection, account takeover, fraudulent new accounts, synthetic identities, and bot intelligence. In 2022, a study by Statista and Juniper Research estimated e-commerce losses to online payment fraud of $41 billion globally.

B2C

B2C eCommerce Scams Cybercrime

Discord Shame channel goes phishing

Malwarebytes

JULY 6, 2022

vtuber (@puppygooose) July 3, 2022. Visitors to the channel are asked to log in via a QR code, and users of Discord are reporting losing access to their account after taking this step. Worse still, their now compromised account begins sending the same spam message to their own contacts. Tips to keep your Discord account secure.

Phishing

Phishing Accountability Scams Backups

Google Cybersecurity Action Team Threat Horizons Report #8 Is Out!

Anton on Security

NOVEMBER 2, 2023

src: TH8 report “In the Q2 2022 Threat Horizons Report, we highlight that a disproportionate percentage of attackers opportunistically use coin mining across Cloud products and alter their tactics to evade discovery. as usual, shocking but not surprising.

Cybersecurity

Cybersecurity Healthcare Account Security Accountability

Arkose Labs Recognized as Winter 2022 G2 Leader in Fraud Detection

CyberSecurity Insiders

JANUARY 24, 2022

SAN FRANCISCO–( BUSINESS WIRE )– Arkose Labs , the global leader in fraud deterrence and account security, today announced it has been named a Leader in G2’s Winter 2022 Fraud Detection Grid ® and a High Performer in their Enterprise Fraud Detection Grid ®.

Marketing

Marketing Authentication Account Security Accountability

Final Fantasy 14 players targeted by QR code phishing

Malwarebytes

AUGUST 31, 2022

The attack is a devious way to try and compromise player accounts, making use of free item promises and bogus QR codes. Many of the accounts sending these messages appear to have been hijacked themselves. Zack/"Lily") (@LilyBlossoming) August 29, 2022. hollownozuchi) August 29, 2022. How the QR code phish attack works.

Phishing

Phishing Scams Accountability Passwords

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

The content of the message attempt to trick the recipient into scanning the code to verify their account. “Email lures came in the form of updating account security surrounding 2FA, MFA, and general account security. The emails urge the recipient to complete the procedure in 2-3 days.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Ransomware gang hits 49ers’ network before Super Bowl kick off

Malwarebytes

FEBRUARY 14, 2022

infosec #cybersecurity #threatintel #cyber #NFL pic.twitter.com/tl7OWM2Aqf — CyberKnow (@Cyberknow20) February 12, 2022. On the eve of the #SuperBowl the #49ers get posted as a #Blackbyte #ransomware victim. Smart marketing tbh.

Ransomware

Ransomware Backups Encryption InfoSec

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

ARCHIPELAGO “browser-in-the-browser” phishing page The ARCHIPELAGO group has shifted its phishing tactics over time to avoid detection, the attackers use phishing messages posing as Google account security alerts.

Phishing

Phishing Media Passwords Malware

Class Action Targets Experian Over Account Security

Krebs on Security

AUGUST 5, 2022

A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. So had their passwords and account PIN and secret questions.

Accountability

Accountability Account Security Computers and Electronics Passwords

Reducing the Risk of Buy Now Pay Later Fraud

Security Boulevard

JUNE 3, 2022

Buzzing with over 4,000 attendees and 250 exhibitors, the environment at Fintech Nexus 2022, one of America’s biggest finance events, was electric. The post Reducing the Risk of Buy Now Pay Later Fraud appeared first on Security Boulevard.

Risk

Risk Financial Services Accountability Account Security

Four ways to stay ahead of the AI fraud curve

SC Magazine

APRIL 7, 2021

The new virtual world driven by the COVID-19 pandemic has given bad actors the perfect opportunity to access consumer accounts by leveraging AI and bots to commit fraud like never before. Secure and manage AI to prevent malfunctions. Robert Prigge, chief executive officer, Jumio.

Authentication

Authentication Digital transformation Accountability Technology

Google Cybersecurity Action Team Threat Horizons Report #8 Is Out! [Medium Backup]

Security Boulevard

NOVEMBER 3, 2023

src: TH8 report “In the Q2 2022 Threat Horizons Report, we highlight that a disproportionate percentage of attackers opportunistically use coin mining across Cloud products and alter their tactics to evade discovery. as usual, shocking but not surprising.

Backups

Backups Cybersecurity Healthcare Account Security

Keeper vs Bitwarden (2024): Benefits & Features Compared

eSecurity Planet

JUNE 20, 2024

Password recovery option: Teams can preset Account Recovery in case they forget their master password. Bitwarden Overview Better for Features, Security, Support & Administration Overall Rating: 4.1/5 5 Advanced features: 3/5 Security: 4.7/5 5 Pricing: 3.1/5 5 Core features: 4.6/5

Password Management

Password Management Passwords Authentication Accountability

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

” Swag was reportedly involved in executing the early stages of the crypto heist — gaining access to the victim’s Gmail and iCloud accounts. ” A November 2022 story at patch.com quoted Veer Chetal (class of 2024) crediting the Harvard program with his decision to pursue a career in law.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Updated: Data of 400 Million Twitter users up for sale

Security Affairs

DECEMBER 25, 2022

The seller claims the database is private, he provided a sample of 1,000 accounts as proof of claims which included the private information of prominent users such as Donald Trump JR, Brian Krebs, and many more. pic.twitter.com/wQU5LLQeE1 — Hudson Rock (@RockHudsonRock) December 24, 2022. Update December 26, 2022.

Data breaches

Data breaches Accountability Advertising Hacking

Loose-lipped neural networks and lazy scammers

SecureList

OCTOBER 31, 2024

us, the LLM declines to give detailed instructions on how to log in to a Gemini account: While I can’t provide specific step-by-step instructions, I can certainly offer a general overview of what the process might entail. For instance, a page hosted at weblof[.]io On another page, this time at gitbook[.]us,

Cryptocurrency

Cryptocurrency Scams Phishing Technology

Cyber Security Informer

Lessons Learned from a High-Stakes Data Breach

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

Trending Sources

It’s Still Easy for Anyone to Become You at Experian

5 predictions to help you focus your web app security resources in 2022

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Key Fraud Attack Trends for 2022 and Beyond

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

MailChimp breached, intruders conducted phishing attacks against crypto customers

Darwinium upgrades its payment fraud protection platform

Discord Shame channel goes phishing

Google Cybersecurity Action Team Threat Horizons Report #8 Is Out!

Arkose Labs Recognized as Winter 2022 G2 Leader in Fraud Detection

Final Fantasy 14 players targeted by QR code phishing

A massive phishing campaign using QR codes targets the energy sector

Ransomware gang hits 49ers’ network before Super Bowl kick off

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Class Action Targets Experian Over Account Security

Reducing the Risk of Buy Now Pay Later Fraud

Four ways to stay ahead of the AI fraud curve

Google Cybersecurity Action Team Threat Horizons Report #8 Is Out! [Medium Backup]

Keeper vs Bitwarden (2024): Benefits & Features Compared

Lamborghini Carjackers Lured by $243M Cyberheist

Updated: Data of 400 Million Twitter users up for sale

Loose-lipped neural networks and lazy scammers

Stay Connected