In its recent 2016 Data Breach Investigations Report, Verizon Enterprise confirmed many industry trends that we see at ID Agent every day. The most glaring blind spot for organizations is how stolen credentials are the primary means by which hackers exploit their vital systems.
Read More
OneLogin, a company that provides single sign-on capabilities to safely store passwords of over 23 million users including 2,000 businesses, has suffered a compromise that included the ability to decrypt customer data. In a recent blog, the company revealed that an attack occurred May 31st at 2 am and was identified by a staff member around 9 am. Through that attack, sensitive information such as user information: passwords and emails, various keys from companies and login credentials for a slew of cloud applications were potentially compromised. In the OneLogin blog post, it was stated that they “…cannot rule out the possibility that the threat actor also obtained the ability to decrypt data.” And according to the email sent out after the breach, customers were instructed on steps they should take to proactively prepare themselves. They were advised to force a OneLogin Directory Password Reset for end users, update credentials on 3rd party apps for provisioning and to do numerous other things. The email also included further updates and information.
Read More
Hospital networks can unfortunately become a goldmine for attackers that use ransomware worms as their weapon. If deployed, lives may be endangered, hospitals usually must pay the ransom, or pay to get files retrieved and its reputation could be damaged. Because these attacks are increasing due to lucrative benefits, teaching and reminding hospital staff to use valuable cyber hygiene is imperative.
Read More
If your customers are like most organizations, 75% of their employees recycle or use a variation of the same password across most of the systems and websites they access – both on and off their employer’s network. And this practice is becoming increasingly dangerous.
Read More
Today, Digital Citizens Alliance published a report that focuses on how exposed Universities and Colleges’ populations are on the dark web. Specifically, they looked at the levels of compromised credentials associated with .edu’s on the dark web. ID agent provided data to support the report.
Read More
Stolen email credentials are an often exploited vulnerability for government and corporate networks. In fact, Verizon announced in a recent study that 91% of phishing attacks specifically targeted email credentials.
Read More
Since 2003, the FBI has tracked more than $740 million dollars lost to business email compromise (BEC) fraud in the United States. Who’s the main target? None other than the C-Suite. Led by organized online criminal groups, BEC is one of the fastest growing types of financial fraud.
Read More
The internet has changed the way businesses operate around the world. Having access to a tool of this caliber is essential to the way corporations function today, but it also has its downfalls. In this case, we’re referring to the incredibly dangerous threat most business owners are either unaware of or hardly ever think about – cybercrimes like Business Email Compromises (BEC).
Read More
Cyber risk is no longer a potential threat to put on the back burner for later review. The reality is that cyber risk is a threat right now. Many organizations are taking precautions to protect themselves and their people. However, despite the plethora of major companies and brands experiencing the repercussions of not instilling pre-breach precautions, the question remains: is it necessary to encrypt employee information?
Read More
Protecting sensitive customer data on your networks isn’t just the right thing to do – it may now be a legally sanctioned practice. Recently the Federal Trade Commission (FTC) was granted broad authority to penalize companies that had inadequate cybersecurity practices in place to protect their customers’ information from data breaches.
Read More