Authentication and Retail - Information Management Today

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

Passwordless Authentication without Secrets! This highlights an increasing demand for advanced authentication methods like passkeys and multi-factor authentication (MFA), which provide robust security for most use cases. Similarly, in retail and manufacturing, delays caused by authentication procedures reduce overall efficiency.

Authentication

Authentication Retail Manufacturing Passwords

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

Retail giant Home Depot has agreed to a $17.5 The US largest home improvement retailer giant Home Depot agrees to $17.5 According to the US retailer the payment card information of approximately 40 million Home Depot consumers nationwide. The post Retail giant Home Depot agrees to a $17.5 ” . . Pierluigi Paganini.

Retail

Retail Data breaches Information Security Security awareness

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail

Retail Risk Data breaches Sales

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2022

Are Retailers Shopping for a Cybersecurity Breach? Retailers started the century as the prime targets for cyber attackers looking for credit card data. Today, unfortunately, retailers are again coming back to the spotlight. Similar to many organizations, 36% of retail respondents cited human error as the leading threat.

Retail

Retail Cybersecurity Ransomware Authentication

How to activate multifactor authentication everywhere

Thales Cloud Protection & Licensing

JANUARY 20, 2022

How to activate multifactor authentication everywhere. The impact of not having multifactor authentication (MFA) activated for all users is now well known by enterprises. The challenge of multifactor authentication everywhere. Variety of a user’s authentication journey…. Variety of a user’s authentication journey….

Authentication

Authentication Data breaches Access Retail

Payments Rules Bring Customer Authentication to Forefront

Data Breach Today

JANUARY 27, 2023

FIDO Alliance's Hulka on Why Customers and Providers Like Payment Confirmation Payment regulations in Europe have forced retailers to implement strong authentication that's phishing-resistant and facilitates more customer understanding, says FIDO Alliance's Christina Hulka.

Authentication

Authentication Retail Phishing

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers.

Authentication

Authentication Retail Passwords Security

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

NOVEMBER 18, 2019

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. The number is doubled compared to last year, the study revealed that less than 19,890 certificates have been issued for legitimate retail domains. retailers with over 49,500 typosquatted domains.

Retail

Retail Encryption Phishing Authentication

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Ransomware operators also stole data from the victims and leaked it online when they refused to pay the ransom. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Most of the victims are in the manufacturing, engineering and construction, and retail sectors. Recommendations provided in the report include installing updates promptly, using phishing-resistant multi-factor authentication (MFA), securing remote access software, making backups, and applying mitigations from the #StopRansomware Guide.

Ransomware

Ransomware Blockchain Retail Insurance

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Authenticate calls from third party authorized retailers requesting. Authenticate calls from third party authorized retailers requesting.

Passwords

Passwords Authentication Retail Education

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ [link]. It’s no use carrying an umbrella if your shoes are leaking, an old Irish proverb says.

Retail

Retail Manufacturing Sales Phishing

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

“Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems.” An authenticated attacker could exploit the flaw by sending specially crafted HTTP requests to the targeted device.

Passwords

Passwords IoT Sales Authentication

SHARED INTEL: IT pros gravitate to ‘passwordless’ authentication to improve security, boost agility

The Last Watchdog

APRIL 7, 2021

Passwordless authentication as a default parameter can’t arrive too soon. That’s the upshot of a new report, The State of Passwordless Security 2021 , put out by HYPR , a New York City-based supplier of advanced authentication systems. Related: Top execs call for facial recognition to be regulated. 1 use case is remote access.”.

Authentication

Authentication Digital transformation Passwords IT

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Security Affairs

JANUARY 17, 2022

The IT giant pointed out that many of these vulnerabilities can be exploited by remote attackers without authentication. Oracle also urges its customers to apply Critical Patch Update patches as soon as possible due to the risk of exploitation of the addressed vulnerabilities. The highest CVSS v3.1 Base Score (10.0) Base Score of 9.9.

Communications

Communications Financial Services Big data Retail

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

Ensure you are ordering goods from an authentic source. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page. Beware of lookalike domains, spelling errors in emails and websites, and unfamiliar email senders.

Communications

Communications Retail Authentication Government

FCC Proposal Targets SIM Swapping, Port-Out Fraud

Krebs on Security

OCTOBER 1, 2021

30 , the FCC said it plans to move quickly on requiring the mobile companies to adopt more secure methods of authenticating customers before redirecting their phone number to a new device or carrier. In a long-overdue notice issued Sept. ” The FCC said the proposal was in response to a flood of complaints to the agency and the U.S.

Passwords

Passwords Authentication Communications Retail

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

According to research firm Statista, the global retail drone market is expected to reach $90 billion by 2030, with Defense, Enterprise, and Logistics being the primary industries driving growth. In China, the retail drone market reached $15 billion in 2021, with projections to exceed $22 billion by 2024. Market overview.

Cybersecurity

Cybersecurity Computer and Electronics Authentication Marketing

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

Estée L auder is an American multinational manufacturer and marketer of p restige skincare, makeup, fragrance and hair care p roducts, it owns multiple brands, distributed internationally through both digital commerce and retail channels. ” continues the post.

Archiving

Archiving Retail Manufacturing Passwords

Account Takeover Fraud Declines in Financial Services

Data Breach Today

JULY 30, 2024

Tighter Security Controls Help Stop Fraud, But Fake IDs and Web Scraping Are Rising Account takeover fraud in the financial services industry is declining in contrast with other industries such as retail and hospitality.

Financial Services

Financial Services Retail Authentication Cybersecurity

Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web

Security Affairs

JUNE 15, 2021

The Resecurity® HUNTER unit has identified a new tool available for sale in the Dark Web called MASQ , enabling bad actors to emulate device fingerprints thus allowing them to bypass fraud protection controls, including authentication mechanisms.

Authentication

Authentication Risk Retail Analytics

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

JULY 23, 2018

The basic model featured here retails for $20. Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in to a Web site using something they know (the password) and something they have (e.g., A YubiKey Security Key made by Yubico.

Phishing

Phishing Security Authentication Passwords

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts. Authenticate calls from third party authorized retailers requesting. Use a variation of unique passwords to access online accounts. Pierluigi Paganini.

Passwords

Passwords Authentication Access Retail

U.S. Mobile Giants Want to be Your Online Identity

Krebs on Security

SEPTEMBER 12, 2018

wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. The four major U.S.

Authentication

Authentication Retail Passwords Access

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication

Authentication Retail Education Marketing

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The flawed app is called Verizon Retail Demo Mode (“com.customermobile.preload.vzw”) and requires dozens of permissions for its execution. “The application fails to authenticate or verify a statically defined domain during retrieval of the application’s configuration file.

Retail

Retail Data breaches Sales Passwords

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

Government assesses that HIDDEN COBRA actors will continue to use FASTCash tactics to target retail payment systems vulnerable to remote exploitation.” . “ FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. ” states the report.

Retail

Retail Libraries Government Phishing

The top 5 trends transforming retail and CPG in 2025

OpenText Information Management

DECEMBER 13, 2024

The retail and Consumer Packaged Goods (CPG) industries are experiencing a profound technological metamorphosis, driven by rapid digital innovation, changing consumer expectations, and the need for operational efficiency. In 2025, these technologies are no longer novelties but integral components of retail and CPG marketing strategies.

Retail

Retail Artificial Intelligence Energy and Utilities Manufacturing

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

The DSIRF website states the provide services “to multinational corporations in the technology, retail, energy and financial sectors ” and that they have “ a set of highly sophisticated techniques in gathering and analyzing information. The group targets entities in Europe and Central America with a surveillance tool dubbed Subzero.

Authentication

Authentication Retail Security Passwords

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Customer authentication For the past 15 years, e-commerce has increased as a percentage of all retail sales.

Authentication

Authentication Communications Financial Services Retail

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity sparsh Tue, 11/21/2023 - 05:01 As global consumers gear up for the much-anticipated shopping bonanza that is Black Friday and Cyber Weekend, retailers brace themselves for the frenzied onslaught of shoppers and the deluge of cyber threats lurking in the shadows.

Retail

Retail Cybersecurity Financial Services Encryption

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

Impacted customers include Sweden’s largest cinema chain Filmstaden (the attack disrupted its online ticket system) and the discount retail chain Rusta. Tietoevry notified law enforcement and impacted customers.

Ransomware

Ransomware Government Retail Cloud

Security Affairs newsletter Round 291

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Security

Security Data breaches Ransomware Retail

News alert: Badge expands availability of ‘Enroll Once and Authenticate on Any Device’ software

The Last Watchdog

MARCH 7, 2024

The new Badge Partner Program further accelerates the adoption and integration of Badge’s privacy-preserving authentication, enabling even more users to benefit from seamless MFA experiences across any device or application without storing user secrets or private keys. “We Learn more at www.badgeinc.com.

Authentication

Authentication Privacy Analytics Digital transformation

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

Holiday Shopping Readiness: How is Retail Data Security Holding Up? Retailers have been prepping for this season all year and are ready to provide a safe, secure, and seamless customer shopping experience. According to the National Retail Federation (NFR), retail sales during 2024 will grow between 2.5% trillion and $5.28

Retail

Retail Security Data breaches Compliance

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

MAY 3, 2021

ABE opens the door to an advanced form of the Public Key Infrastructure, or PKI , the system we use to encrypt data, as well as to authenticate individual users and the web servers they log onto. PKI revolves around the distribution of digital certificates to validate the authenticity of websites.

Encryption

Encryption Retail Digital transformation Cloud

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

AUGUST 7, 2018

Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a target’s password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication. All four major U.S.

Authentication

Authentication Computer and Electronics Passwords Retail

How Retailers Can Stay Protected During the Most Wonderful Time of the Year

Dark Reading

NOVEMBER 1, 2022

Retailers' new holiday jingle must hit cybersecurity high points to help survive the season. Forget Dasher and Dancer — add SAST and DAST to app testing; manage third-party risks; and use MFA along with training and proper authentication to secure credentials.

Retail

Retail Authentication Cybersecurity Risk

The Future of Payments Security

Thales Cloud Protection & Licensing

JANUARY 26, 2021

The Verizon DBIR 2020 report indicates that financially motivated attacks against retailers have moved away from Point of Sale (POS) devices and controllers, towards web applications. Figure 1: Web application breaches in the Retail industry. Strong Customer Authentication (SCA). Table 1: Strong Customer Authentication Factors.

Security

Security Retail Authentication Big data

The Retail Data Threat Environment and Why CIAM is a Key Cornerstone to Better Cybersecurity.

Thales Cloud Protection & Licensing

MAY 10, 2023

The Retail Data Threat Environment and Why CIAM is a Key Cornerstone to Better Cybersecurity. madhav Thu, 05/11/2023 - 06:06 The retail landscape has changed significantly. Customers should be aware of the existing threats, while retailers must understand the risks associated with poor management of customer identities.

Retail

Retail Cybersecurity Ransomware Authentication

The Countdown to Black Friday Has Begun. Are Retailers and Consumers Ready?

Thales Cloud Protection & Licensing

OCTOBER 23, 2018

So before the shopping frenzy begins, we thought this would be an opportune time to outline some best practices that both retailers and consumers should follow in order to protect consumer data. As convenience technologies evolve, look for more risks to consumers and retailers. Protecting Consumer Data is Priority #1. Back to basics.

Retail

Retail Data breaches Phishing Authentication

IRS To Ditch Biometric Requirement for Online Access

Krebs on Security

FEBRUARY 7, 2022

Many readers were aghast that the IRS would ask people to hand over their biometric and personal data to a private company that begin in 2010 as a way to help veterans, teachers and other public servants qualify for retail discounts. These readers had reasonable questions: Who has (or will have) access to this data? What happens if ID.me

Access

Access Authentication Insurance Personal data

Experts spotted five malicious Google Chrome extensions used by 1.4M users

Security Affairs

AUGUST 31, 2022

Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. Customers should take extra steps to verify the authenticity if the extension is requesting permissions that enable it to run on every website you visit such as the one detailed in this blog?.”

Retail

Retail Sales Authentication Privacy

Passwordless Authentication without Secrets!

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Webinars

Trending Sources

Volvo retailer leaks sensitive files

Webinars

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Are Retailers Shopping for a Cybersecurity Breach?

How to activate multifactor authentication everywhere

Payments Rules Bring Customer Authentication to Forefront

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Experts report a rampant growth in the number of malicious, lookalike domains

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

SHARED INTEL: IT pros gravitate to ‘passwordless’ authentication to improve security, boost agility

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

FCC Proposal Targets SIM Swapping, Port-Out Fraud

Attack of drones: airborne cybersecurity nightmare

440M records found online in unprotected database belonging to Estée Lauder

Account Takeover Fraud Declines in Financial Services

Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web

Google: Security Keys Neutralized Employee Phishing

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

U.S. Mobile Giants Want to be Your Online Identity

Fortinet warns of a spike in attacks against TBK DVR devices

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

The top 5 trends transforming retail and CPG in 2025

European firm DSIRF behind the attacks with Subzero surveillance malware

News Alert: W3C advances technology to streamline payment authentication

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs newsletter Round 291

News alert: Badge expands availability of ‘Enroll Once and Authenticate on Any Device’ software

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

Florida Man Arrested in SIM Swap Conspiracy

How Retailers Can Stay Protected During the Most Wonderful Time of the Year

The Future of Payments Security

The Retail Data Threat Environment and Why CIAM is a Key Cornerstone to Better Cybersecurity.

The Countdown to Black Friday Has Begun. Are Retailers and Consumers Ready?

IRS To Ditch Biometric Requirement for Online Access

Experts spotted five malicious Google Chrome extensions used by 1.4M users

Stay Connected