Research, news and updates on cybersecurity and fraud
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
SMS-based Phishing Scams are Gaining Traction Over the past few years, SMS (or text messaging) phishing scams, known as ‘smishing’ have also proved to be an effective strategy for hackers. Using texts as an attack vector may seem rudimentary but, according to the FCC, it’s proving to be disconcertingly effective among the general population. What’s happened? Since early 2020, fueled …
One of the most common tasks IT service and help desks carry out are resetting user passwords. Unfortunately, despite it being an easy task, it’s both tedious for IT staff and incredibly costly to a company. Passwords remain the core authentication method for many businesses, so this issue is a top priority. Why are account lockouts and password resets so …
It’s Cybersecurity Awareness Month – Here’s What Each Industry Should Know. Who is responsible for protecting clients, employees, and customers on the internet? Well, it depends. Educational institutions, healthcare organizations, governmental divisions, and businesses across all industries are all targets for cyberattacks. More and more organizations, of different sizes and different industries, are being caught in a crossfire of cyber …
October is Cybersecurity Awareness Month. It’s an annual event run by CISA focused on education and information, and this years’ theme is “See Yourself In Cyber.” One way that we can all see ourselves in the cyber landscape is through our use of passwords. We use them every day—to log into our accounts at work, to access our banking applications, …
2022 is shaping up to be an extremely successful year for cybercriminals. Data breaches are accumulating in unprecedented numbers, putting more and more information in the hands of bad actors. Cyberattacks this year have hit big players like Cash App and the Red Cross, as well as smaller companies around the world. Even small data breaches have a part to …
An Overhaul in Password Security Passwords aren’t going anywhere. Despite the buzz that biometrics and MFA are holistic solutions, passwords are a ubiquitous, crucial layer for authentication—and they’re low-cost and simple, too. That’s not to say that passwords are without issues. In fact, due to ineffective password policies, and poor user habits, they are hotly desired targets. Also, when a password …
Analyst Paper Summary “In our evaluation of Enzoic, we found that it supports all of the must-haves that typical security teams would want.” – Jake Williams, SANS A recent first look paper written by Jake Williams for the SANS cyber security institute outlines the main issues surrounding compromised credentials and preventative measures companies can take. In the paper and an accompanying webcast, Williams …
Password hygiene is a huge priority for Managed Service Providers Every organization is at risk for cyber attack, but MSPs have emerged as a top target. This is because threat actors can use a vulnerable MSP as an initial access vector to multiple victim networks, with globally cascading effects. In May of 2022, CISA, the FBI, and a group of …
The flow of news about data breaches and ransomware attacks is relentless. Businesses of all sizes—large companies included—continue to suffer. Not only do cyber attacks lead to financial damage, but they have knock-on effects like reputational impact and loss of client trust. What’s less publicized is just how often these breaches are caused by vulnerabilities in privileged accounts. Privileged accounts …
Everyone has data – Here’s how to use it defensively In contemporary decision-making, data rules supreme. Big data and data culture are just two indicators in the digital landscape that industries have seen over the past decade. The deep value placed on data, combined with our growing ability to collect and mine massive amounts of it, has catapulted it to …
