Podcast: Hackers Get Hacked, SWIFT Attacks and a Ruling from the Supreme Court

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 70: Hackers Get Hacked, SWIFT Attacks and a Ruling from the Supreme Court: The hacker forum Nulled.io was breached and the sensitive information of its members was made publicly available. SWIFT warned of more attacks against banks at the same time the… Read More

Ransomware Is Not the Top Cybersecurity Threat Facing the Healthcare Sector

Ransomware is making all the headlines so far in 2016. This threat has become so mainstream it has caused both the FBI and US-CERT to issue ransomware alerts, with the healthcare sector being mentioned in both. On March 31, 2016, the United States Computer Emergency Readiness Team (US-CERT) issued a ransomware warning concerning the Locky… Read More

What Can We Learn About Social Engineering From Impersonation?

With organizations losing billions of dollars due to business email compromise scams and thousands of employees having their W-2 information sent to criminals each week, it can be easy to think, “How can people be so dumb and keep falling for these same tricks?” When it comes to socially engineering an employee, most people think of email phishing — and… Read More

Will Your Internal Sharing of Data Cause a Breach?

On May 4 the United Kingdom’s Information Commissioner’s Office (ICO) announced a £185,000 fine against a health trust for inadvertently publishing the personal details of 6,574 staff members on its website. Blackpool Teaching Hospitals NHS Foundation Trust is required to post annual equality and diversity metrics. Unfortunately, the published spreadsheets contained “hidden data.” Simply double clicking on… Read More

Nucleus Market Vanishes – Now What?

Over the past year, the number two Dark Web market in terms of activity was Nucleus. As of late 2015, this market had more than 25,000 vendor listings, but on April 13 of this year, Nucleus disappeared. While it’s not the first time Nucleus has been down and it’s not uncommon for Dark Web markets… Read More

Podcast: More Bank Attacks, New Malware and Walmart Sues Visa

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 69: More Bank Attacks, New Malware and Walmart Sues Visa: This week’s trending cybercrime events included data breaches at Google, Kiddicare, and InvestBank as well as a ransomware infection that led to YahooMail being temporarily banned from the House of Representatives and a… Read More

PII Data Breaches Trending In Critical Infrastructure

Over the last couple weeks, several critical infrastructure cyber-events made headlines in the Industrials, Energy, and Utilities industries. Some of these targets include the German Gundremmingen nuclear reactor, the Lansing Board of Water and Light (BWL), and the Canadian gold mining firm Goldcorp. While none of these cyber-attacks resulted in chaos, they did demonstrate weaknesses within… Read More

Social Engineering – Security’s Big Problem and How to Fight Back

Pick any recent data breach. It could be a high-profile one or one of the many that never make national headlines. If we were to follow the string of events back to the beginning of that compromise, what would we find? Chances are, it’s an employee getting duped by a cybercriminal. In fact, one could… Read More

Does Your Cyber Risk Strategy Pass the Penny Test?

As cyber incidents proliferate, security experts continue to stress the importance of cyber risk strategy starting at the top of organizations. However, a recent report surveying more than 1,500 non-executive directors, C-level executives, Chief Information Officers, and Chief Information Security Officers found that some organizations still have a big knowledge gap when it comes to cyber threats. According to The Accountability Gap: Cybersecurity &… Read More

Podcast: New Attacks, Massive Leaks and Setting Data Breach Records

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 68: New Attacks, Massive Leaks and Setting Data Breach Records: Details on more than 7 million user accounts for Minecraft community Lifeboat were compromised. A German nuclear plant discovered malware on its systems. A ransomware attack hit the Lansing Board of Water… Read More