Research, news and updates on cybersecurity and fraud
The recent CISA Alert AA22-074A describes how Russian state-sponsored cyber actors gained access to a US NGO using compromised credentials and a flaw in default MFA protocols. This alert may help cybersecurity professionals understand that MFA alone is insufficient and the importance of securing each authentication layer. What happened, exactly?As early as May 2021, the FBI observed Russian state-sponsored cyber …
Let’s Ask An Expert. What Should We All Know About Passwords in 2022? It’s 2022 and even in the past year, the digital landscape has changed substantially. With new cryptocurrencies, telehealth, and e-commerce changes popping up every minute around us, it can be a challenge for businesses to know how to keep up. So, we’ve taken the opportunity to ask …
Not Kidding Around While chalkboards have long seemed artifacts from classrooms of the past, you might be surprised just how dramatically classrooms have changed just within the last ten years. Tablets and Chromebooks have replaced many textbooks and paper hand-in systems, plagiarism and cheating are detected in new ways, and sometimes, the classroom is no longer a physical space–e-learning and …
Identity Defined Security Alliance’s “Identity Management Project of the Year – SMB” recognized Enzoic’s customer West-Mark for the results of an initiative that eliminated compromised credentials from their environment. West-Mark, an ISO 9001 certified manufacturer of trucks and trailers, is an essential supplier for the US Department of Defense and the United States military. However, their high-stakes position in the …
Updated Best Practices for 2022 Identity Management Day is a chance to bring attention and information about identity management to organizations of all kinds, especially as the digital landscape expands. Presented by the Identity Defined Security Alliance and the National Cybersecurity Alliance (NCSA), it’s a much-needed opportunity to educate businesses and IT leaders on the importance of cybersecurity awareness and …
Freight Frights Over the past two years, as the pandemic’s effects on health, travel and the economy expanded, supply chain issues have established themselves regularly in the headlines. Practically every industry has been impacted, from a lack of used car parts to labor shortages. In an attempt to streamline systems, and connect globally, a massive push to digitize is underway: …
As tensions between the US and Russia escalate, organizations need to act fast to shore up digital defenses In a just-released briefing from the White House, titled “Act Now to Protect Against Potential Cyberattacks,” authorities urged government facilities, healthcare organizations, and companies of all types, to lock down their digital systems–urgently. Intelligence indicates that Russia may be exploring …
How to Address the Vulnerabilities in Open Banking Major cyberattacks have made international news repeatedly over the last years, and there is no indication that cyberattacks will be slowing down. It isn’t just ransomware that is a growing issue for the financial sector, but credential stuffing attacks that are posing major risks to banks and credit unions. In 2020, the …
Solution Now Continuously Screens for Both Unsafe Passwords and Compromised Full Credentials Reducing the Risk of a Cyberattack Boulder, CO – March 2, 2022 – Enzoic, a leading provider of compromised credential screening solutions, today released the latest version of Enzoic for Active Directory. The solution prevents users from choosing weak or previously exposed passwords by screening them at their …
Taking Action on Active Directory Active Directory (AD) is ubiquitous cross-industry and due to its popularity, cybercriminals have continually targeted it. Therefore, prioritizing safe passwords in AD is crucial. Here are five ways to address the problem. 1. Use the Principle of Least Privilege (POLP) When a network administrator is establishing the levels of access for every user of AD …
