The October BrandProtect Executive Threat Brief anticipates those attacks, and gives you and your family a quick primer on what you can do to stay safe during this new "phishing season".
Mon, Oct 03, 2016
Fri, Sep 23, 2016
Sad to say, but yesterday's Yahoo! news could not have been that surprising. Yahoo joins LinkedIn, Gmail, Twitter and Facebook in the pantheon of leading social networks that have suffered (very public) large-scale data breaches. Healthcare providers like Anthem, Blue Cross and many others are also members of this exclusive club. 500 million records is a lot of records, but truly, it's getting to the point where the world is awash in stolen records....
It is also not surprising that many the stories appearing today highlight the steps a company should take AFTER it has been hacked, like this one on MSNBC. But do stories like these really solve anything?
Pundits are fond of saying "it's not IF you'll get hacked, but WHEN you'll get hacked," but that doesn't mean that enterprise security teams should roll over and await their fate. There are lots of things that enterprises can do BEFORE they get hacked that should reduce their risks from a large number of external threats...
Wed, Sep 14, 2016
Thu, Sep 01, 2016
Summer is over, school is back in session, and social activity is amping up everywhere. The increase of online activity, driven by school and family activity, raises the odds that you and your family will be exposed to cyber criminals.
Tue, Aug 30, 2016
Ian Hawes wants you to have dinner with Donald Trump. He is a 25-year old, self-proclaimed entrepreneur, and “registered genius." Ian’s story broke Monday morning on Politico and it is a cautionary tale for anyone who values their online reputation.
Mon, Aug 22, 2016
Cyber threat intelligence (CTI) is all the rage.
Every day, it seems, there is another vendor offering a new fire hose of intelligence data, trying to meet the almost insatiable demand for data of CISOs and Security Operations Centers These feeds promise ever-increasing quantities of all kinds of cyber stuff, from inside and outside the organization, the individual streams delivered to the analytical desks, SIEMs and SOCs for filtering, analysis and attempts at big data manipulation. For the largest enterprises, acquiring and analyzing this data can cost multiple millions of dollars a year. And as the focus of these security investments centers on the data, very few teams have built expertise to actually mitigate the threats that are impacting their organizations every day. Mitigation? Unfortunately, for many enterprises, that's tomorrow's problem...
Mon, Aug 01, 2016
Read the August Executive Threat Brief
It's a fact that most of the headline-grabbing enterprise breaches -- from Target to the DNC -- began with a simple compromise, a compromise caused by a simple phishing email. The AugustThreat Brief from BrandProtect is focused on phishing:
- How phishers are raising the stakes.
- How phishers build their emails.
- How you can avoid being caught.
Wed, Jul 27, 2016
Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out. Why? Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain.
"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee." NY TImes, July 27, 2016
It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit: