www.helpnetsecurity.com
Open in
urlscan Pro
52.34.103.11
Public Scan
URL:
https://www.helpnetsecurity.com/2024/01/02/2023-holiday-attacks/
Submission: On January 03 via api from TR — Scanned from DE
Submission: On January 03 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1704247855"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
* News * Features * Expert analysis * Videos * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Please turn on your JavaScript for this page to function normally. Help Net Security January 2, 2024 Share HACKERS EMPLOY NUANCED TACTICS TO EVADE DETECTION Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security. 2023 HOLIDAY SEASON UNVEILED ALARMING REALITIES The months before the 2023 holidays demonstrated a change in tactics, techniques, and procedures by adversaries against prominent retailers. Attackers have shown that they are highly sophisticated and have great persistence and depth of planning. “The 2023 holiday season exposed a chilling reality: cybercriminals are employing increasingly sophisticated attack methods and meticulously planning months to exploit vulnerabilities,” said William Glazier, Director of Threat Research at Cequence. “This long-term approach allows them to target unprepared retailers and unsuspecting customers, particularly during peak shopping periods. This shift underscores the urgent need for heightened vigilance and proactive security measures throughout the year,” Glazier added. Many companies, and retailers in particular, take the holiday season as their cue to focus more on security and begin to lock down their networks and applications. The data suggests that sophisticated attackers began their “attack runs” earlier in the year to lay the groundwork for holiday sales to try and avoid the retailers’ security lockdowns as much as possible. In the second half of 2023 alone, gift card fraud increased by 110%, while scraping, loyalty card fraud and payment card fraud increased by a collective average of over 700% as attackers lay the groundwork for holiday sale attacks ahead of retailer security crackdowns. These types of attacks are correlated and spiked together because those parts of the website, applications, and associated APIs are related, especially as they pertain to attacks. This insight shows that these retailers were not experiencing simple brute force-style attacks in isolation, but sophisticated attacks from adversaries displaying highly varied TTPs. RISING THREAT OF TRUST-BUILDING ACCOUNT TAKEOVERS This threat example is another that employs the “long game” of low and slow attacks over time. “Social commerce” retailers combine ecommerce with social media, leveraging user contributions to build community. Most online retailers encounter attacks that employ standard well-known account takeover (ATO) tactics that peak during the holidays. Account takeovers (ATOs) increased a staggering 410 times for retailers in the second half of the period analyzed (September – November 2023). SURGE OF AUTOMATED LINE-JUMPERS The report shows that many products were added to carts via automated tooling to volumetrically flood systems, purchasing as many in-demand items as possible, effectively cornering the market and preventing sales to legitimate customers. Whether it’s Taylor Swift concert tickets or the latest hot sneaker drops, bots are a massive problem for fans and retailers alike. The practice of using bots to “jump the line” is so pervasive and widespread that there are detailed explanatory Reddit threads, answers to Quora questions, and even readily available how-tos and “top bots” articles online. With attackers constantly refining their tactics and expanding their arsenal, the need for a vast, historical threat intelligence database and an expert team to decipher the rapidly evolving API threat landscape has become increasingly paramount. Across their entire customer base, Cequence detected malicious traffic from 719 million unique IP addresses and 325 million malicious login attempts from June to November 2023, highlighting the scale of today’s threats. “To combat sophisticated threats targeting APIs, today’s organizations must fortify their defenses with a holistic security approach that safeguards their APIs throughout their entire lifecycle,” Glazier continued. “This includes discovering and cataloging all APIs, ensuring rigorous adherence to industry standards, and deploying advanced threat detection and mitigation tools to defend against attacks.” More about * API security * attacks * bot * Cequence Security * cybercriminals * cybersecurity * report Share FEATURED NEWS * Wi-Fi 7’s mission-critical role in enterprise, industrial networking * Why you need to extend enterprise IT security to the mainframe * API security in 2024: Predictions and trends Guide: Application security posture management deep dive SPONSORED * eBook: Cybersecurity career hacks for newcomers * Download: The Ultimate Guide to the CISSP * eBook: Keeping Active Directory out of hackers’ cross-hairs * Guide: SaaS Offboarding Checklist DON'T MISS * Key cybersecurity skills gap statistics you should be aware of * Wi-Fi 7’s mission-critical role in enterprise, industrial networking * Why you need to extend enterprise IT security to the mainframe * API security in 2024: Predictions and trends * Unveiling the true cost of healthcare cybersecurity incidents Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2024 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×