Research, news and updates on cybersecurity and fraud
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
People have been relying on password-based security for millennia. The Roman military reportedly used what they called “watchwords” to identify soldiers on patrol. Exclusive groups and guilds used secret passwords to prove membership. The phrase “open sesame” protected hidden treasure in the story of Ali Baba and the Forty Thieves. In more recent times, the world’s first computer passwords were installed …
The Motion Picture Association (MPA) is the leading advocate of the worldwide film, television and streaming industry. Founded in 1922, the company today is championing the growing diversity of filmmakers, safeguarding intellectual property, advancing technological innovation, and supporting trade policies that can further expand the global film and TV marketplace. With operations in North America, Asia Pacific, Latin America and …
Cracked Wide Open Over the past decade, the number of data breaches in almost all industries has skyrocketed. From healthcare to finance, user credentials have become both the tool of cyberattack and one of its primary targets. The 2021 Verizon DBIR report indicated that upwards of 61% of breaches involved leveraged credentials. Communicating clearly about the problem The Open Web Application …
Repercussions from the ongoing pandemic are still reverberating through workplaces all over the world. Businesses are racing to catch up with the changes they’ve had to make to accommodate remote workers, digitalization, and new cloud technologies. Many have let their cybersecurity practices fall to the wayside in a rush to evolve with the times. In a report by PwC, 64% …
The healthcare industry sector is increasingly the target of cybercriminals. According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. Why is this happening, and what can we do to address it? The Culprits Weak and Compromised …
Businesses often say that their people are their greatest asset. When it comes to cybersecurity, this statement is truer than you might think. A constantly shifting threat landscape means cybersecurity best practices should be on everyone’s mind, not just your CTO or CISO. When employees of all areas, from new hires to the executive suite, are equipped to understand and …
How long do you think it would take for someone to guess your password? Let’s say they knew you well. You’d start with combinations of your pet names and birth date, or where you work and your town. They might spend hours trying combinations, but the likelihood is, they wouldn’t independently be able to guess it. But as research has …
As the impacts of the pandemic continue to ripple outwards, hackers are tapping into credential stuffing as an easy way to victimize both companies and individuals. The branching of events is easy to track with the rapid transition to remote work, e-commerce boom, and the millions of new online accounts for everything from grocery delivery to streaming services. The rapidity …
In our four-part series investigating the vulnerabilities of multi-factor authentication (MFA), we’ve learned a lot about the methods hackers use to crack these systems. Social engineering, technical hacks, and a mixture of both can all play a role in weakening the authentication factors we depend on to protect our business’s critical data. The truth is that cybersecurity measures can’t be …
In a recent release, the Financial Industry Regulatory Authority (FINRA) provided insight into the increasing frequency of occurrences of Account Takeover (ATO) within the financial industry. The report also produced guidance for organizations looking to tighten their cybersecurity, but no direction was provided regarding the growing issue of password hygiene. ATO: What’s really happening? When hackers gain unauthorized access to …
