“Actionable” Information vs. Practical Cyber Threat Intelligence

I am a practical guy. I don’t like to waste a lot of time and tend to gravitate to things that work, whether I originally thought up the idea or if someone else did. I’m of the “if it works then it works” mantra. Much of that attitude stems from joining the military and being… Read More

Dark Web Insights: Misconceptions About the Dark Web

The Dark Web is often misunderstood. For the unfamiliar, it is often viewed as either a mysterious place full of technological gurus communicating via primitive interfaces or else something akin to the Wild West — a no-holds-barred free-for-all of dangerous and illicit activity.  However, neither is the case. The most popular marketplaces, where everything from stolen identities and… Read More

W-2 Data Breaches Were Abundant During 2015 Tax Season

The 2015 tax season has ended, signaling a potential break in the number of tax-related data breaches we read about in the news. The list of companies suffering from these cyber-attacks seemed to grow weekly and nearly 100 companies have been publicly tied to W-2-related breaches in 2016. SurfWatch Labs collected a multitude of CyberFacts… Read More

Podcast: DDoS Attacks Return, QuickTime Support Ends and a Massive Trade Secret Verdict

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 67: DDoS Attacks Return, QuickTime Support Ends and a Massive Trade Secret Verdict: The Lizard Squad is back with DDoS attacks against gaming company Blizzard. The Janet education network was also hit with more DDoS attacks. More stolen W-2 and personal information was… Read More

Talking PowerShell and Stealth Attacks with Carbon Black’s Rico Valdez

Malicious actors are increasingly using legitimate tools such as PowerShell in order to lessen their digital footprint and evade detection, and the use of such ubiquitous and legitimate technology can be a problem for organizations when it comes to defending against those threats. That’s according to Carbon Black senior security researcher Rico Valdez, who joined us for this… Read More

Consumer Goods Sector Most Impacted By DDoS In 2016

The consumer goods sector has seen more chatter around DDoS than any other sector so far in 2016, according to data from SurfWatch Labs. The consumer goods sector has become a popular target for DDoS attacks, with new groups like DD4BC emerging on the scene and attempting to extort money from victims in exchange for… Read More

When it Comes to Cybersecurity, Take a Good Look in the Mirror

Recently, we participated on a webinar panel – What You Need to Know about the FFIEC Cybersecurity Assessment Tool – where audience members were asked the following question: How would you rate your organizations’ cybersecurity maturity level today? Possible options (taken directly from the FFIEC CAT) for the attendees were: Baseline – meets the legal minimum; compliance-driven objectives… Read More

Podcast: Big Breaches, Badlock Revealed and More Class-Action Updates

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 66: Big Breaches, Badlock Revealed and More Class-Action Updates: A hacking group leaked data from the Philippines’ Commission on Elections, which impacts 55 million registered voters. National Childbirth Trust announced a breach affecting 15,000 new and expecting parents. Several more W-2 related… Read More

WEB HOSTING PROVIDER TO MAJOR SPORTS LEAGUES, MEDIA AND ENTERTAINMENT COMPANIES BREACHED BY ALPHALEON

This real-life case study will contain some info, but not all – to protect individuals’ personally identifiable information – as well as our intelligence collection sources – with our goal of highlighting the importance of having visibility into your supply chain cyber risks. In the beginning of April 2016 SurfWatch Labs threat intelligence analysts uncovered a… Read More