A Look at HTTP Parameter Pollution and How To Prevent It

With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted […]

The post A Look at HTTP Parameter Pollution and How To Prevent It appeared first on Security Intelligence.

Continue reading A Look at HTTP Parameter Pollution and How To Prevent It

What You Need to Know About Scam Text Messages in 2021

The threat of scam text messages may now seem distant, even quaint. With all the new, exotic and sophisticated attacks that have arisen in the past decade, surely text message attacks are low on the list. But, they can still be a big problem.  Short message service (SMS) scams are social engineering attacks that work […]

The post What You Need to Know About Scam Text Messages in 2021 appeared first on Security Intelligence.

Continue reading What You Need to Know About Scam Text Messages in 2021

TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?

October 2020 saw the TrickBot Trojan, a prominent cybercrime gang’s tool of choice, suffer a takedown attempt by security vendors and law enforcement. Unfortunately, the takedown was not effective, and beyond coming back to life shortly after, TrickBot’s operators released a new and more persistent version of the malware. In this post, IBM Trusteer examines […]

The post TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version? appeared first on Security Intelligence.

Continue reading TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?

Credential Stuffing: AI’s Role in Slaying a Hydra

One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have […]

The post Credential Stuffing: AI’s Role in Slaying a Hydra appeared first on Security Intelligence.

Continue reading Credential Stuffing: AI’s Role in Slaying a Hydra

Social Engineering And Social Media: How to Stop Oversharing

You’ve done your due diligence, practice good security hygiene and have the best security tools available. Now, your security posture is strong. But, your plan is only as good as your employees, and they may be letting you down when it comes to being ready for social engineering.   While employees clicking on phishing links still […]

The post Social Engineering And Social Media: How to Stop Oversharing appeared first on Security Intelligence.

Continue reading Social Engineering And Social Media: How to Stop Oversharing

‘Tis the Season for Nonprofit Cybersecurity Risks to Reach New Heights

The period between Christmas and New Year’s Day has long been the time people give to charities the most, making the charities themselves attractive targets for cyber criminals. Because the events of 2020 will likely boost existing trends, nonprofit cybersecurity challenges may be greater than ever this year — even as groups find themselves with […]

The post ‘Tis the Season for Nonprofit Cybersecurity Risks to Reach New Heights appeared first on Security Intelligence.

Continue reading ‘Tis the Season for Nonprofit Cybersecurity Risks to Reach New Heights

How to Not Fall for a Charity Scam This Holiday Season

This holiday season, many people will turn to charities to give back. The last thing they want to do is give money to scammers instead of a cause they truly support. According to the FBI’s website, charity fraud rises during the holidays, when people choose to make end-of-year tax deductible gifts. “Seasonal charity scams can […]

The post How to Not Fall for a Charity Scam This Holiday Season appeared first on Security Intelligence.

Continue reading How to Not Fall for a Charity Scam This Holiday Season

E-Commerce Skimming is the New POS Malware

As the holiday shopping season shifts into high gear, the COVID-19 pandemic is accelerating an ongoing trend: shoppers are opting to buy online. Rather than flooding brick-and-mortar stores — and point-of-sale (POS) machines — with sales, studies suggest a high percentage of shoppers in 2020 will be using online options and e-commerce checkout pages. And, those checkout […]

The post E-Commerce Skimming is the New POS Malware appeared first on Security Intelligence.

Continue reading E-Commerce Skimming is the New POS Malware

Account Fraud is Killing Streaming Services: What Providers Can Do

The use of online streaming services was already burgeoning well before most of the world started spending so much time at home. The current explosion in the demand for video and music streaming services is cause for celebration in the industry, but it has a dark side. Account fraud, sharing and takeover, enabled by password […]

The post Account Fraud is Killing Streaming Services: What Providers Can Do appeared first on Security Intelligence.

Continue reading Account Fraud is Killing Streaming Services: What Providers Can Do

Tala wins “Transaction Security Solution of the Year” in 2020 Cybersecurity Breakthrough Awards

Tala recognized as a breakthrough leader in preventing fraud caused by website vulnerabilities.
The post Tala wins “Transaction Security Solution of the Year” in 2020 Cybersecurity Breakthrough Awards appeared first on Security Boulevard.
Continue reading Tala wins “Transaction Security Solution of the Year” in 2020 Cybersecurity Breakthrough Awards