Research, news and updates on cybersecurity and fraud
Ransomware is a specific type of malicious software (aka malware) that locks up your devices or an organization’s data in order to ransom that access back to you – sometimes to the tune of millions of dollars. Computers lock up, data disappears, or files become encrypted with no way to recover them. The hacker will then contact their victim to …
No firm in the financial industry has been unaffected by digital transformation. Even over the last three years of tech advancements and a global pandemic, there have been seismic shifts in the landscape. There have been huge advancements in improving efficiency and the quality of customer service, as well as beneficial internal changes like the adoption of cloud technologies. But, …
An Unsafe Connection While forced remote work was caused in great part by pandemic-driven lockdowns in 2020 and 2021, working from home has become a much-preferred style for many. Reduced commutes and more comfortable work environments are just two of the reasons working from home (WFH) is a desirable situation. In fact, according to recent Pew Research, 76% of employees …
IDSA report reveals that 96% of respondents think they could have prevented a breach by focusing on identity security The Identity Defined Security Alliance (IDSA), a nonprofit that helps organizations reduce risk by providing education and best practices, just released a report on current trends in the state of identity management. The research provides insight on how over 500 contemporary …
Many organizations that use Active Directory (AD) are failing to bolster their security postures Microsoft AD has been around for almost a quarter century, and while many organizations across industries use it, few have adapted to the demand for greater security postures. Despite the fact that approximately 90% of the Global Fortune 1000 companies use AD, only about a quarter consider security …
The annual Verizon Data Breach Investigations Report (DBIR) contains several useful security insights. Reflecting on another year where cybersecurity attacks have frequently starred in news headlines, the 2022 DBIR confirms a lot of what professionals already know: cyber attacks continue to increase in frequency, and organizations of all sizes need to bolster their defensive postures in order to stay safe. …
Password blacklists are receiving considerable attention. It’s clear why: weak and compromised passwords are a factor in nearly all hacking-related cybersecurity breaches. Best practices from NIST require organizations to disallow the use of any common and compromised passwords. And several cyber security companies offer password blacklists for this purpose. But authentication requires a username and password combination, so shouldn’t we …
Stealing corporate credentials has been a popular tactic among cybercriminals for many years now. Due to reused passwords, blurred boundaries between personal and professional accounts, and an expanded remote workforce, cyber vulnerabilities are everywhere. What is Corporate Account Takeover? A Corporate Account Takeover (CATO) is a kind of organization-specific identity theft where cybercriminals steal employee passwords to gain access to …
Even if your company hasn’t been hacked or experienced a data breach in the last few years, now is not the time to relax about cybersecurity. Data breaches at organizations of any size and in any industry can negatively impact the security of your company. They are interconnected events with cumulative effects. With each additional breach, regardless of whether your …
All the cool kids are doing it. Using leetspeak to chat online. Using leetspeak in multiplayer games. Even using leetspeak in passwords. And you know when the cool kids do something, there’s got to be a reason, right? Or maybe not. What we do know is leetspeak is a fairly common way to create “complex” passwords. When businesses require password …
