Database of 1.4 Billion Credentials Found on Dark Web
Researchers have found a database of 1.4 billion clear text credentials in what appears to be the single largest aggregate database yet found on the dark web. These are not from a new breach, but a compilation of 252 previous breaches, including the previous largest combo list, Exploit.in. The database was found by 4iQ on 5…
How Safe Are Your Assets in the Cloud?
The cloud environment is elastic and moves fast. That elasticity applies to cyberattacks just as much, so it is critical for enterprises to have visibility into all the data that crosses its network. While moving workloads and applications to the cloud brings flexibility and agility, it also introduces multiple points of attack. Enterprises need to…
Cyber Security Strategies that Won’t Break the Bank
Throughout my career, I have seen first-hand the real world impacts that a breach in cyber security can have on customers, businesses and communities. With cyber attacks growing in number and sophistication, today security is a requirement of “doing business”, however, many companies and organizations lack the knowledge and resources to secure their platforms, products…
The buck stops here: 8 security breaches that got someone fired
A secure network is a sign that a CSO is doing their job right – but it’s also something that’s hard to notice. It’s not exciting when nothing happens! But when something does happen in security, that’s usually really bad. It’s a great way for a CSO or CIO to get fired, or to get…
Internet of Things (IoT) security: what is and what should never be
The Internet has penetrated seemingly all technological advances today, resulting in Internet for ALL THE THINGS. What was once confined to a desktop and a phone jack is now networked and connected in multiple devices, from home heating and cooling systems like the Nest to AI companions such as Alexa. The devices can pass information…
Why phishers love HTTPS
As more and more sites switch to HTTPS, the number of phishing sites hosted on HTTPS domains is also increasing. “In the third quarter of 2017, we observed nearly a quarter of all phishing sites hosted on HTTPS domains, nearly double the percentage we saw in the second quarter. A year ago, less than three…
How cybersecurity solutions can help with GDPR compliance
Technical (protection) measures, means, technologies, rules and resources are mentioned multiple times throughout the GDPR text. The Regulation does not, however, specify any security technology implementation as obligatory (a few methods are suggested as optional solutions for the specific usage). Choice and evaluation of adequacy is the sole responsibility of the data controller and processor.
Android’s December 2017 Patches Resolve Critical Flaws
The December 2017 Android security patches that Google released this week resolve 47 vulnerabilities, including 10 rated Critical severity. The patches affect a variety of platform components and were split in two packages, or security patch levels, as Google calls them. The first addresses 19 vulnerabilities while the second resolves 28 issues.
Ransomware’s lucrative next stop? The Point of Sale
With the influx of credit card breaches over the past few years at major brands, hackers may have reached a point of supply exceeding demand, as awareness of breaches, security on credit cards, and excess supply have all led to a reported drop in prices on the dark web for stolen data. Researchers have seen…
Redefining perimeter network security: The future is a hybrid
The idea of perimeter defense is as old as servers themselves — say the word and it conjures up images of ENIAC-sized machines buzzing in locked rooms, firewalls separating them from the outside world. Unless you work for the CIA, that’s likely not your reality. Instead, the data you secure lives in the cloud, flowing…