Data Breaches

27 Dec

How does CISO strategy prevent threats?

Attacks, Data Breaches

Executive summary of CISO CISOs are under immense pressure to protect their organization and keep them out of the breach headlines. The largest obstacle to this goal is an evolving threat landscape that is increasing in sophistication. Payments from successful ransomware attacks fuel this evolution in the form of ransomware-as-a-service models. To break the trend, this report will explore why CISOs, and their teams can no longer simply react to these threats and must prevent…

Read More
26 Dec

The most dangerous cyber security threats of 2023

Attacks, Data Breaches

In this round up, we reveal which threat vectors cyber security experts believe will rise to prominence in 2023, and they offer their advice on how best to combat them. When asked in mid-2022 by Cyber Security Hub which threat vectors posed the most dangerous threat to their organizations, 75 percent of cyber security professionals said social engineering and phishing. Since the survey closed, multiple organizations such as Dropbox, Revolut, Twilio, Uber, LastPass and Marriott…

Read More
26 Dec

The top 12 tech stories of 2022

Data Breaches, Malware, Social Engineering

The technology sector’s vulnerability to the vagaries of geopolitics and the macroeconomy became clearer than ever in 2022, as IT giants laid off workers en masse, regulators cracked down on tech rule-breakers, nations negotiated data privacy, the EU-China chip war widened, and the Ukraine war disrupted business as usual. Through it all the classic tech themes—including innovation, constant change, and the fight to bolster cybersecurity—continued as ChatGPT was released, Broadcom sought to purchase VMWare, a…

Read More
23 Dec

Customer details compromised in LastPass data breaches

Attacks, Data Breaches

The data breaches LastPass suffered in August and November 2022 resulted in confidential customer information being compromised. In a statement, LastPass explained that the August breach saw a malicious actor steal source code and technical information from LastPass’ development environment that was then used to target an employee. This allowed the hacker to gain access to credentials and keys, which they then used to access LastPass’ third-party cloud storage service in November 2022. Using the…

Read More
22 Dec

How carding can affect your business

Attacks, Data Breaches

This article explains what carding is, how hackers can gain access to payment details and the effects carding cyber attacks can have on businesses. In the first six months of 2022, there were 230,937 credit card fraud reports filed in the US alone, highlighting the growth of carding as a threat vector This article will explore carding, how it operates and the devastating effects it can have on ecommerce businesses. Contents:  What is carding and…

Read More
22 Dec

How Marvel’s Avengers inspire Pinsent Masons CISO to adapt cybersecurity hiring

Data Breaches, Malware, Social Engineering

Cybersecurity’s ongoing battle with a “skills shortage” has seen the sector lose its way regarding talent hiring and retention, says Christian Toon, CISO at London-based law firm Pinsent Masons. In an industry crying out for diversity and innovation, this year’s number one UK CSO 30 Awards winner says he takes inspiration from the Marvel Comics universe to challenge traditional HR approaches and more effectively recruit and keep security talent. “We have what some describe as…

Read More
21 Dec

Social media use can put companies at risk: Here are some ways to mitigate the danger

Data Breaches, Malware, Social Engineering

We live in a social world, but should our businesses? For many, the answer to that is increasingly no—that’s why laws and regulations have recently been put in place restricting access to some social media in certain situations because of the hidden risks of these seemingly innocuous platforms. The United States federal government and some US states, for example, have barred government-issued devices from the use of Chinese-owned TikTok, which allows users to create and…

Read More
20 Dec

The Equifax Breach Settlement Offer is Real, For Now

Data Breaches, Information, Insights

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money. One reader’s copy of their Equifax Breach…

Read More
20 Dec

How to enable event collection in Windows Server

Data Breaches, Malware, Social Engineering

Event logs register information about software and hardware events that occur in a system, and they are a key weapon in the arsenal of computer security teams. Windows Server has offered Windows Event Forwarding (WEF) for aggregating system event logs from disparate systems to a central event log server for several versions now. High end security information and event management (SIEM) or security, orchestration, automation, and response (SOAR) systems are the ideal in an enterprise…

Read More
19 Dec

US consumers seriously concerned over their personal data

Data Breaches, Malware, Social Engineering

A report released today by Big Four accounting firm KPMG found that large majorities of the American public are highly concerned about the security of their personal data, and that US companies aren’t helping matters by ramping up their collection of that data. Fully 92% of respondents to KPMG’s survey said that they were concerned to some extent about how personal data that they provide to companies is handled, and nearly nine in 10 said…

Read More