Go Inside the Ink to See What’s New
in Cybersecurity News & Defense
Cybersecurity News & Analysis
We publish new posts every weekday featuring cybersecurity news, threat analysis, expert analysis, and simple, cost-effective solutions to help you prepare for the threats of tomorrow. BOOKMARK IT>>
October is National Cybersecurity Awareness Month
This year’s theme for National Cybersecurity Awareness Month is “Do Your Part. #BeCyberSmart,” encouraging individuals and organizations to “own their role in protecting their part of cyberspace.”
As we wrap up week 3, take a deep dive into Dark Web danger that you may not be considering in your cybersecurity calculus.
- Are You Including IoT Danger in Your Cybersecurity Planning?
- Bad News for Businesses: Malvertising Threats Ramp Up
- Spear Phishing Threats Rise as Dark Web Data Grows
- 10 Facts About the Danger of Cybercrime as a Service
- What Sells in Dark Web Markets in 2020?
The Post-Pandemic Dark Web is a Whole New World of Danger. It’s Still Our Backyard. Let Us Show You Around.
CYBERSECURITY NEWS: THE THREAT OF THE WEEK & HOW TO STOP IT
Credential Stuffing Attacks Hammer Financial Sector & More Industries
Credential stuffing attacks are on the rise. As Dark Web data dumps grow ever larger and strong demand for lists of stolen passwords and filched user records continues to heat up Dark Web data markets, these cybercrimes are gaining new fuel every day – and that’s bad news for businesses, especially in the financial sector
Financial Institutions Get Looted
A recent Federal Bureau of Investigation (FBI) Private Industry Notification was released to warn businesses in the financial sector that they’ve come into the crosshairs of cybercriminals. The alert notes that credential stuffing and DDos have been the cause of the majority of cybersecurity incidents in the industry since 2017, with credential stuffing accounting for 41% of financial sector cyberattacks in the last 3 years.
The alert cites several examples of credential stuffing attacks that opened the door to password-related cybersecurity disasters, including a financial institution that experienced credential stuffing attacks that enabled bad actors to gain access to critical systems, enabling fraudulent check withdrawals and ACH transfers to the tune of more than $3.5 million in Q3 2020 alone.
Not Even the Stock Market is Safe
In a separate but similar warning to the financial services industry, the Securities and Exchange Commission (SEC) released a Risk Alert, stating that its Office of Compliance Inspections and Examinations (OCIE) has observed a precipitate rise in credential stuffing attacks against brokerages, financial advisers, and broker-dealers, primarily fueled by the millions of passwords in Dark Web data dumps.
The SEC message also urges companies that handle PII and sensitive information to add protections against this kind of cybercrime, to protect both their clients and their own businesses. In a landscape of rapidly increasing penalties, the notice warned that failing to secure your business against credential stuffing and password-related attacks could open up firms to substantial fines and penalties in case of a data breach.
It’s Spreading Everywhere
This tracks with data gathered from other industries indicating that credential stuffing is quickly gaining favor as a form of attack. While media and communications companies remain the favored target of credential stuffing attacks with a 63% year over year increase, on-demand or subscription-based broadcast and video sites saw a 630% spike in credential stuffing attacks at the height of the COVID-19 pandemic in Q2 2020.
Learn how to get your business ready to grow, make it more resilient, and set yourself up for success in 2021 from Channel superstars at Skout’s REBOUND 2020 – exclusively sponsored by ID Agent! REGISTER NOW>>>
Credential stuffing attacks powered by Dark Web data are assaulting businesses in every sector. How do I protect mine?
With the top solution recommended by both the FBI and the SEC to throw up a massive roadblock between credential stuffing attacks and your data: Multifactor authentication (MFA). Our award-winning secure identity and access management solution Passly is ideal for every business to add to its cybersecurity stack to defend against credential stuffing and other password-based attacks.
- CISOs around the world have cited secure identity and access management as their top concern for 2021.
- Many regulations require or suggest MFA as a best practice in regulatory compliance.
- Passly features MFA that secures your workforce anytime anywhere with identifier tokens and codes delivered in a variety of convenient ways
- Plus, Passly includes even more secure identity and access management tools for better defense including single sign-on LaunchPads for every user and secure shared password vaults.
- With Passly you only have to buy one solution to check off many recommendations on the cybersecurity best practices list.
- Passly also helps protect your business from dangers like phished, stolen, compromised, or cracked passwords.
- Passly is easily managed remotely and takes stress off IT staff with centralized management and tools that reduce headaches like password resets and permissions changes.
Why leave your business open to the dangers of credential stuffing or another kind of password-related cyberattack? Put Passly’s strong, sensible, affordable secure identity and access management power to work for your business today to ensure that your business is protected from this increasingly popular and dangerous brand of cyberattack.
You Have Much to Learn, Padawan. Gain Insight from Masters of Cybersecurity in Our Exclusive Webinar Series “A Cybersecurity Trilogy”
NEW WEBINAR! A Cybersecurity Trilogy PROTECT: The Dark Side Strikes Back
The second installment in our series A Cybersecurity Trilogy, PROTECT: The Dark Side Strikes Back takes you inside the mind of a hacker so that you can see exactly how Dark Web data and economic uncertainty drive cybercrime.
- Join World-renowned Ethical Hacker Brian Seely (the only person to ever wiretap the United States Secret Service and FBI) for a look inside the secret world of hacking
- Get a look at how solutions like Dark Web ID give you actionable threat intelligence with ID Agent’s own Dark Web Jedi Duncan Miller
- see some of a hacker’s best tricks and learn why they work
Did You Miss the First Installment? Here’s a Recap of Part 1, PREDICT: A New Idea.
Watch the first installment in the series, PREDICT: a New Idea to learn more about social engineering and how cybercriminals use psychology to trick unsuspecting users into falling for their bait.
- Gain insight from Dr. Jessica Barker, a Cybersecurity & Human Behavior expert (and one of the Top 20 Most Influential Women in Cyber Security in the UK)
- Learn about how social engineering drives phishing with Graphus CEO and phishing expert Minoj Srivastava
- Explore the ways that human behavior can be influenced to create cybersecurity disasters
Don’t Miss the Grand Finale!
Reserve your seat for the final installment in the trilogy, PLAN: The Rise of Technology on 11/10/20 at 1 PM ET as we take a look into the future of cybercrime and cybersecurity with renowned Innovation Futurist Shivvy Jervais and ID Agent CEO and Dark Web Sith Lord Kevin Lancaster!
IN CASE YOU MISSED IT LAST WEEK MSPs: Hear from our experts as they detail our product updates and innovations released in Q3 in this recording of our Q3 Product Update event LISTEN NOW>>
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,000 MSPs in 30+ countries choose to Partner with ID Agent!
See our innovative, cost-effective digital risk protection platform in action.
Contact us to schedule a one-on-one call to see how we can grow your business.
Our Partners and Channel colleagues have valuable insight into cybersecurity today – and great stories to tell! Contribute a guest post to our blog and let’s hear all about it!