Thanks to Yahoo!, there are 500,000,000 new reasons CISOs should think more about external threats

Posted by Greg Mancusi-Ungaro

Fri, Sep 23, 2016

 

Sad to say, but yesterday's Yahoo! news could not have been that surprising. Yahoo joins LinkedIn, Gmail, Twitter and Facebook in the pantheon of leading social networks that have suffered (very public) large-scale data breaches. Healthcare providers like Anthem, Blue Cross and many others are also members of this exclusive club. 500 million records is a lot of records, but truly, it's getting to the point where the world is awash in stolen records....

It is also not surprising that many the stories appearing today highlight the steps a company should take AFTER it has been hacked, like this one on MSNBC.  But do stories like these really solve anything?

Pundits are fond of saying "it's not IF you'll get hacked, but WHEN you'll get hacked," but that doesn't mean that enterprise security teams should roll over and await their fate. There are lots of things that enterprises can do BEFORE they get hacked that should reduce their risks from a large number of external threats...

Read More

Topics: data breach, Phishing, Spear Phishing, CISO, External Threat, Executive Threat, Masquerades

The Phishing Attack is Only the Beginning...

Posted by Greg Mancusi-Ungaro

Mon, Aug 01, 2016

Read the August Executive Threat Brief

It's a fact that most of the headline-grabbing enterprise breaches -- from Target to the DNC -- began with a simple compromise, a compromise caused by a simple phishing email.   The AugustThreat Brief from BrandProtect is focused on phishing:  

  • How phishers are raising the stakes.
  • How phishers build their emails.
  • How you can avoid being caught.

 Download it today!

Read More

Topics: Phishing, Spear Phishing, BEC Attacks, Social Engineering, Executive Threat

Are 15% of Fortune 100 CEOs Victims of On-Line Masqueraders?

Posted by Greg Mancusi-Ungaro

Fri, Jun 10, 2016

BrandProtect recently trained our threatSMART platform on the social media presence of Fortune 100 CEOs to understand the breadth of one of social engineers' key exploits -- executive masquerades. Executive masquerades are an essential component of one the most damaging classes of modern attacks -- the BEC attack. We focused our investigation on LinkedIn and Twitter profiles and activity. 

We were surprised by what we found...

Fortune 100 CEOs are among the most respected names in business. They are also among the most careful participants in the online world. If this elite group is a target, the potential for masquerading at all levels of a company and in all industries would theoretically be much higher. 

Among the subset of Fortune 100 CEOs who maintain a LinkedIn profile, our review found that more than 15% are represented online by two or more LinkedIn profiles.

We looked on Twitter, too, and there, the numbers are worse. Among the subset of Fortune 100 CEOs who maintain a personal Twitter presence, almost 40% are plagued with duplicate Twitter accounts.

Read More

Topics: twitter, cyber threats, CISO, threatSMART, BEC Attacks, F100, Social Engineering, LinkedIN, Executive Threat

How Social Engineers Leverage LinkedIn

Posted by Greg Mancusi-Ungaro

Wed, Jun 01, 2016

Read the June Executive Threat Brief

The June Threat Brief from BrandProtect is focused on LinkedIn. How the criminals use it, and how you can reduce your personal and business risks when using it. Download it today!

Read More

Topics: Phishing, Spear Phishing, BEC Attacks, Social Engineering, Executive Threat

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all