Q&A: How can Threat Intel Help Your Organization? (Part 2)

Cyber threat intelligence offers an in-depth look at the potential threats and attack vectors facing an organization. Each organization is different, and in these differences there are a variety of ways cybercriminals can exploit a company. Security tools such as firewalls and antivirus software protect against several of these threats, but they cannot protect an… Read More

Q&A: What Does a Cyber Threat Intelligence Analyst Do? (Part 1)

As cybercrime continues to grow and evolve at a rapid pace, organizations are faced with difficult decisions in finding solutions to this problem. Deploying security tools to combat cybercrime is a crucial part of this dilemma, but this brings with it the herculean task of attempting to process massive amounts of data in order to… Read More

Despite Drop In Frequency, PoS Data Breaches are Still a Threat

In 2014, point-of-sale (PoS) data breaches against mainstream retail stores like Target and the Home Depot were primary talking points in cybersecurity. In 2016, PoS data breaches haven’t garnered as much attention, with threats like ransomware and more sophisticated phishing attacks taking up the mantle of the leading concerns in cybersecurity. Over the last two… Read More

Top 5 Items for Sale on the Dark Web, and What Businesses Can Learn From Them

In April 2016, the dark web market Nucleus went offline. Before its disappearance, Nucleus had become the number two most popular market on the dark web, hosting tens of thousands of listings for a variety of illicit goods and services. The debate continues around why Nucleus vanished; however, it was just one of the many different markets where… Read More

Top Dark Web Markets: With Dream Market You Can Be a Criminal Too!

Two weeks ago we talked about the disappearance of Nucleus Market and how many of its former users have moved to AlphaBay, the unquestioned leader in terms of current dark web activity. This week we turn our attention to Dream Market, the second most popular dark web market of 2016, according to SurfWatch Labs’ threat intelligence data. A Quick… Read More

Podcast: Massive Myspace Hack, Cryptoworm Warnings and Breach Lawsuits Continue

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 72: Massive Myspace Hack, Cryptoworm Warnings and Breach Lawsuits Continue: This week saw more news about password breaches as 427 million Myspace passwords and 65 million Tumblr passwords were put up for sale on the dark web. Scrum.org announced a potential data… Read More

Intentional or Not, Insider Threats Remain a Huge Risk to Businesses

Insiders are one of the most dangerous threats all organizations face, as the players involved in these attacks usually have easy access to an organization’s resources. Taking a look at the recent $81 million bank heist from the Central Bank of Bangladesh, the FBI suspects that this attack was an inside job, with several people… Read More

Vulnerability Management: False Confidence, the Remediation Gap and Other Challenges

Organizations believe their vulnerability management programs are more mature than they really are, and the time it takes to remediate vulnerabilities remains an issue for many businesses, according to several reports. A SANS whitepaper, What Are Their Vulnerabilities?: A SANS Survey on Continuous Monitoring, concluded that security practitioners are overconfident in their current state of… Read More

Podcast: Big Names Get Breached, Malware Evolves and Court Questions Data Sharing

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 71: Big Names Get Breached, Malware Evolves and Court Questions Data Sharing: This week’s trending cybercrime events include breaches at the NBA’s Milwaukee Bucks and the furry site “Fur Affinity,” a two-year cyber-espionage campaign against Swiss military contractor Ruag, payment card skimmers… Read More

Anonymous Ops Trending, Where are the Other Hacktivists?

Not long ago, several hacktivist groups like the Syrian Electronic Army and Lizard Squad were making headlines on a weekly basis with new hacktivism campaigns and random attacks. While Anonymous has always been the primary source of hacktivism throughout the world, it is interesting to see how these other prominent hacktivist groups’ activity has essentially… Read More