It’s tough to come up with an effective counter-measure to external attacks when you can’t see your enemy. While there are plenty of stories in the news of how a certain company fell prey to a very specific attack, it’s hard to translate that into an actionable response. So, you walk through the “usual suspects” … Continued
Credential Theft in Education. Protect your Institution against a Data Breach.
Cyber security news site, Dark Reading, recently reported on the news that millions of stolen and fake email credentials from across 300 of the largest universities in the US were available to buy on the Dark Web. The stolen and fake student, faculty and alumni access credentials are being offered to buyers for anywhere from … Continued
Context-Aware Security Leaves Leaked Employee Passwords Useless
At 221 of the leading Fortune 500 companies, employees’ credentials are posted publicy online for hackers to steal and reuse in cyberattacks. This research is just one of many stories we see every year about how leaked employee passwords leave companies vulnerable to hackers who can use the data to break into networks or mount … Continued
Mitigating Credentials-based-attacks from Social Engineering
Following the recent CERT research on unintentional insider threats from social engineering, IS Decisions share their experience on how organisations are helping prevent security breaches that stem from credentials-based-attacks. Unintentional Insider Threats from Social Engineering The CERT Insider Threat Center recently published its research on unintentional insider threats focusing on the use of phishing and/or … Continued