Social Engineering – Security’s Big Problem and How to Fight Back

Pick any recent data breach. It could be a high-profile one or one of the many that never make national headlines. If we were to follow the string of events back to the beginning of that compromise, what would we find? Chances are, it’s an employee getting duped by a cybercriminal. In fact, one could… Read More

Does Your Cyber Risk Strategy Pass the Penny Test?

As cyber incidents proliferate, security experts continue to stress the importance of cyber risk strategy starting at the top of organizations. However, a recent report surveying more than 1,500 non-executive directors, C-level executives, Chief Information Officers, and Chief Information Security Officers found that some organizations still have a big knowledge gap when it comes to cyber threats. According to The Accountability Gap: Cybersecurity &… Read More

Podcast: New Attacks, Massive Leaks and Setting Data Breach Records

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 68: New Attacks, Massive Leaks and Setting Data Breach Records: Details on more than 7 million user accounts for Minecraft community Lifeboat were compromised. A German nuclear plant discovered malware on its systems. A ransomware attack hit the Lansing Board of Water… Read More

Trade Secret Legislation Awaits Obama’s Signature

Organizations will soon have another avenue to seek relief from trade secret theft, as President Obama is expected to sign into law the Defend Trade Secrets Act. The bill, which gives companies the ability to pursue trade secret cases in federal courts rather than at the state level, is the latest in a string of headlines related to stolen intellectual property.… Read More

Cyber-Attacks Against Banks Making Huge Impact in 2016

Although the financials sector hasn’t been as widely discussed as others this past quarter, cyber-attacks in the sector are having a greater impact, according to SurfWatch Labs’ data. Since March 2016, the financials industry has made big headlines for high-profile cyber events involving the Central Bank of Bangladesh and most recently, Qatar National Bank. These two… Read More

Sharing is Caring – Threat Intel for You and Your Business Partners

As kids we’re taught to share our toys. It’s a hard lesson to “get.” When it comes to cybersecurity and information sharing, many still don’t “get” it. Liability concerns, competitive disadvantages, and so on. But even if some of these concerns are legitimate, this lesson really shouldn’t be so hard. According to the latest Verizon… Read More

“Actionable” Information vs. Practical Cyber Threat Intelligence

I am a practical guy. I don’t like to waste a lot of time and tend to gravitate to things that work, whether I originally thought up the idea or if someone else did. I’m of the “if it works then it works” mantra. Much of that attitude stems from joining the military and being… Read More

Dark Web Insights: Misconceptions About the Dark Web

The Dark Web is often misunderstood. For the unfamiliar, it is often viewed as either a mysterious place full of technological gurus communicating via primitive interfaces or else something akin to the Wild West — a no-holds-barred free-for-all of dangerous and illicit activity.  However, neither is the case. The most popular marketplaces, where everything from stolen identities and… Read More

W-2 Data Breaches Were Abundant During 2015 Tax Season

The 2015 tax season has ended, signaling a potential break in the number of tax-related data breaches we read about in the news. The list of companies suffering from these cyber-attacks seemed to grow weekly and nearly 100 companies have been publicly tied to W-2-related breaches in 2016. SurfWatch Labs collected a multitude of CyberFacts… Read More

Podcast: DDoS Attacks Return, QuickTime Support Ends and a Massive Trade Secret Verdict

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 67: DDoS Attacks Return, QuickTime Support Ends and a Massive Trade Secret Verdict: The Lizard Squad is back with DDoS attacks against gaming company Blizzard. The Janet education network was also hit with more DDoS attacks. More stolen W-2 and personal information was… Read More