Wednesday, February 20, 2019

How secure is your password?


How to save your IT system from its own users: Zero Trust Browsing

How to save your IT system from its own users: Zero Trust Browsing
2017: The Year of Cryptojacking. 2018: The Year of Ransomware. 2019? It’s shaping up to be the Year of Phishing.
Historically, we’ve labeled phishing as a nuisance that only a select few fall for. However, the increasing sophistication of social engineering, along with a gradual evolution of phishing techniques, have leveled the game. For example, hackers have realized the importance we place on SSL certification, and have found ways to exploit it in order to give us a false sense of reassurance. Browsers such as Edge, Chrome, and Firefox have created advanced filtering techniques, but they are still unable to identify 10-25% of phishing sites...

Dark Web ID Trends:

Dark Web ID Trends:Top Source Hits: ID Theft Forums (98%) 
Top Compromise Type: Domain (99%)
Top Industry: Service Provider
Top Employee Count: 1 - 10 Employees (96%)

Tuesday, February 19, 2019

United States - Graeter's Ice Cream

correct severe gauge
Exploit: Malware on website checkout page.
Graeter’s Ice Cream: Regional ice cream brand based in Cincinnati.
Risk to Small Business: 1.888 = SevereCustomers Impacted: Approximately 12,000.
>> Read full details on our blog. 

Friday, February 15, 2019

Does anyone actually know how consumers are affected by a data breach?

Does anyone actually know how consumers are affected by a data breach?If you take a peek into a recent newspaper, you’re likely to see the words ‘data breach’ flash across headlines. The conversation surrounding data privacy is becoming increasingly commonplace, yet surprisingly scarce in acknowledging the actual consequences or outcomes for affected consumers. Although we are able to speculate as to what might happen to consumers, we are usually left wondering what actually does.
This void in information results in our entire industry viewing only part of the problem, as we cannot understand the link between the efficacy of security measures and the level of harm caused to end-users. As a sector, we know very little regarding how hackers transform data breaches into financial gain for themselves. What can we do to solve this?
Tapping into the vast resources of law enforcement agencies, large banks, and major card providers. Through collaboration, they can offer financial forensics, fraud detection, and task forces that can help attribute breaches to thefts and fraud. Some would argue that investments and partnerships must be made to acquire such information, but enhancing awareness could be the match that lights the fire, illuminating the path towards global data accountability by consumers and businesses alike.
https://www.americanbanker.com/opinion/consumer-harm-from-data-breaches-is-a-black-box

Thursday, February 14, 2019

In Other News:

In Other News:
An Emerging Target for Data Breaches: HR and Finance EmployeesAs phishing attacks evolve in sophistication, human resource and finance teams are becoming caught in the crosshairs. Historically, such departments have been able to fend off poorly executed phishing campaigns. However, as hackers get smarter, so do their tactics. By adopting the writing styles of executives on social media, they can produce “look-alike” language that is capable of fooling even the most careful employees.
Many times, employee data can command a higher price tag on the Dark Web than customer data, since it is more likely to include social security numbers, dates of birth, names of dependents, and other lucrative data that can be used in perpetuity, instead of a one-time payment card fraud. When it comes to phishing attacks, it’s important to remember that human users are the weakest link the security chain.
https://searchhrsoftware.techtarget.com/feature/Phishing-attacks-are-top-employee-data-breach-threat-for-HR

How secure is your password?