Expanding into new global markets? Get your complete, cross border checklist.
Welcome Guest | Sign In
ECommerceTimes.com
New Cyber Theft Group Uses Revitalized Tricks To Target Online Merchants
October 21, 2021
A new cyber threat group called Proxy Phantom is using sophisticated credential stuffing attack methods to take over customer accounts for U.S.-based e-commerce merchants. The latest research from digital trust and safety firm Sift demonstrates fraudsters' relentless innovation and reinforces retailers' need to double down on fraud protection as the holiday shopping season rapidly approaches.
Cloud Security Holes Are Invites for Ransomware: Report
October 14, 2021
While migration to the cloud is at an all-time high, so is the growth of ransomware peddlers. Veritas Technologies surveyed more than 2,000 global IT leaders whose organizations have undertaken pandemic-led digital transformation. The study found the majority are severely vulnerable to ransomware attacks because they have been unable to keep pace with the accelerated digitization.
Privacy Concerns Key Reason Buyers Flee Online Retailers
October 13, 2021
Shopper discontent with online retail sites is localizing to two major concerns. Spoiler alert: customer experience per se is not in this ranking. It is the need for caution that prominently leads shoppers to abandon their shopping carts. Results of a recent survey of more than 1,100 respondents conducted by marketing technology firm Wyng confirmed that reality.
Researchers Find Cyberattack Discrepancies Based on Race, Gender
September 29, 2021
The research by Malwarebytes, Digitunity and the Cybercrime Support Network based on a survey of 5,000 people in the United States, United Kingdom and Germany found that Black people, Indigenous people, and People of Color (BIPOC) are more likely to have their identities stolen than White people, 21 percent compared to 15 percent.
Ransomware Attacks Have Gone Stratospheric: Report
September 22, 2021
Positive Technologies has released a report that indicates ransomware attacks have reached "stratospheric levels." The report finds ransomware assaults now account for 69 percent of all attacks involving malware. That is among the most disturbing finding. The research also reveals that the volume of attacks on governmental institutions has soared this year.
'Shadow Code' Creates Risk for 99% of Websites
September 21, 2021
Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.
Outdated Linux Versions, Misconfigurations Triggering Cloud Attacks: Report
September 8, 2021
The "Linux Threat Report 2021 1H" from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.
Malicious Bot Attacks Continue To Cost Retailers Big Bucks
September 1, 2021
Automated bots operated by malicious actors are costing businesses an average of 3.6 percent of their annual revenue. For the 25 percent worst affected businesses, this equates to at least $250 million every year. Even more concerning is the time it takes to discover these attacks. On average, more than 14 weeks pass before a successful attack is detected.
Amazon, AWS Trumpet Free Cybersecurity Initiatives
September 1, 2021
Beginning in October, which is Cybersecurity Awareness Month, Amazon will make available to the public the training materials it's developed in-house to keep its employees and sensitive information safe from cyberattacks. It also offer "qualified" AWS customers a free multifactor authentication device designed to strengthen the security of their cloud environments.
Unsupported IoT Devices Are Cyber-Trouble Waiting To Happen
August 27, 2021
Imagine finding out that your neighbor's identity was stolen and their life savings cleaned out by criminals who entered through their 'smart' washing machine. Ridiculous, you say? Well, have you checked your home Wi-Fi network lately? You might have several connected household gadgets and other devices tethered wirelessly through a misconfigured router with no firewall settings.
Study Warns Easy Access to Cloud Apps Putting Business Data at Risk
August 25, 2021
Businesses are flocking to software-as-a-service applications as a means to improve the efficiency of their operations and the productivity of their employees, but weak control of access to cloud apps is putting the data of many organizations at risk. According to a study by DoControl, the average 1,000-person company using SaaS apps is exposing its data to between 1,000 and 15,000 external collaborators.
$600 Million Hacker Offered Job, Bug Bounty
August 18, 2021
The hacker who stole US$600 million in tokens from a cryptocurrency platform last week has been offered a security job by the platform. Most of the money has been returned to the Poly Network, but more than $200 million in assets remains locked in an account controlled by the hacker, whom the crypto platform refers to as "Mr. White Hat."
We're Late Closing the Barn Door on Pegasus
August 12, 2021
People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company was bound to develop surveillance software, some less-than-scrupulous government was bound to buy it, and they'd eventually get caught.
Half of IT Pros Say Remote Workers Dodging Security Precautions
August 11, 2021
Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizations' security policies.
US Cybersecurity Plan Welcomed, but Software Tracking Troubles IT Sector
August 3, 2021
The information technology sector, including companies that are directly and indirectly involved in providing IT products and services to the federal government, will be especially affected by the provisions of the "Executive Order on Improving the Nation's Cybersecurity."
Marketers Need New Strategies To Parry Cookieless Advertising
July 29, 2021
The impending loss of third-party digital cookies will soon force the e-commerce advertising industry to shift its strategies fast. These developments are issuing a real blow to advertisers seeking to leverage third-party data. At issue now is how brands will regroup from these substantial changes to online advertising.
Outlaw Installer for Windows 11 Infected With Malware
July 27, 2021
Early adopters seeking a premature peek of Windows 11 via unauthorized channels may be in for a nasty surprise -- a dose of malware. Kaspersky Lab reports that an unofficial installer is in the wild that promises to install the next version of Microsoft's ubiquitous operating system on a user's computer -- but actually contains a malicious payload.
Salt Labs Launched To Heighten API Security Threat Awareness
July 22, 2021
Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vulnerabilities.
DuckDuckGo Readies Feature To Strip Trackers From Email
July 21, 2021
Called Email Protection, the feature will be initially distributed through a waiting list that anyone can add their name to. Consumers chosen from the list will be able to create a personal @duck.com email address. Email sent to the @duck address will be denuded of trackers before being forwarded to a consumer's primary email address.
Consumers Can Now Monetize Personal Data To Earn Passive Income
July 16, 2021
Shouldn't you get paid when businesses use your personal information gleaned from the internet? How much is your personal data posted online worth to you? Would you register your personal data so that you get paid when companies track you and use your own data to target you for ads? That is precisely what Invisibly lets you do.
Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains
July 13, 2021
Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct, as the one-man show has given way to specialization.
Researchers Find Smart Devices Ripe for Hacker Attacks
July 7, 2021
Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers. During the initial week the "honeypot" network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles.
SolarWinds Hackers Still Targeting Microsoft, Focus on Support Staff
July 6, 2021
Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft can be breached, what hope is left for everyone else?
Reputation Management: Duking It Out With Doxing
June 30, 2021
Cancel culture and politics aside, one of the more brutal threats lurking in the shadows of the internet is the slander industry. All too often, unsuspecting people become victims of websites that promote slanderous, often unverified information about individuals. This false and vilifying information lives on the internet forever and can sully an otherwise spotless reputation.
SEC Reportedly Probing SolarWinds Breach
June 23, 2021
Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader stock market, so it makes sense that the SEC would pursue such a line of inquiry," said Oliver Tavakoli, CTO of Vectra AI.
Reports of TurboTax Breach Greatly Exaggerated
June 16, 2021
Reports of a data breach of TurboTax have been overblown, according to Intuit which owns the tax preparation platform. Several news outlets recently reported that an unspecified number of TurboTax accounts were compromised in a wave of credential stuffing attacks. Those kinds of attacks exploit credentials stolen from other websites and reused at the TurboTax site.
Stale Open Source Code Rampant in Commercial Software: Report
June 1, 2021
Organizations, regardless of industry, must do a better job maintaining open source components given their critical nature in software, according to this year's risk analysis report by cybersecurity firm Synopsys.
Illegal Drug Trade Fuels $1.37B in Crypto Transactions at Russian Dark Site
May 26, 2021
A Russian-language dark web marketplace called Hydra that is known to facilitate the illegal sale of narcotics has seen cryptocurrency transactions soar over the last five years. According to a report by Flashpoint and Chainalysis, Hydra's crypto business began accelerating in 2017 after its chief competitor was shut down by Russian law enforcement authorities.
New Report Profiles Ransomware Cybergangs
May 21, 2021
That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at least 290 new victims fo far this year. The combined spoils tallied potentially $45 million for the hackers.
Dissecting the Colonial Pipeline Incident
May 20, 2021
IT experts at the hacked Colonial Pipeline did a good job in mitigating the May 7 cyberattack and successfully stopped it when discovered by shutting down the network. But the attack was mostly invisible in the weeks-long initial stages, according to a briefing NTT Security executives conducted Tuesday.
See More Articles in Security Section >>
When it comes to CX, ALMOST IS NOT GOOD ENOUGH
When will supply chain disruptions begin to improve?
By the end of this year
In the first half of 2022
At least a year from now
When the global pandemic is eradicated
The situation will only worsen from here
When it comes to CX, ALMOST IS NOT GOOD ENOUGH