Inside the Ink

July 20, 2017

The Important Lesson Learned from the U.K. Parliament Cyberattack

The Parliament’s computer network was recently targeted by a brute force attack. Weak password requirements allowed hackers to gain access to 90 of parliaments 650 member’s email accounts. Although IT staff or 3rd party cyber firms can implement strong cyber-security regulations, the members of the House of Commons, or employees at any company are typically the source of a breach. Without knowing it, Members of the Parliament created threats for themselves, that went undetected until it was too late. In order to minimize the damage or the attempt of blackmail, officials temporarily locked members out of their email accounts.

Read More
July 06, 2017

What an MSP can do to Protect Their Clients from the Dark Web

Not familiar with the term “Dark Web”? That’s okay, even some of the most sophisticated individuals in the tech space have no idea what the dark web is and how it’s accessed. As an MSP or MSSP, you are doing your part to secure and monitor your client’s network and provide a seamless user experience. However, through no fault of your own, your client’s and their employees are not making your job easier by creating credential-based blind spots that until now were hard to detect and mitigate.

Read More
June 26, 2017

MSPs Beware – Dropbox, Google Drive and other Cloud Storage Threats

A Managed Service Provider (MSP) has a lot to worry about within the information technology services they offer. Your clients probably store data that is critical to their continued success on your servers. If their network becomes breached, your network may become susceptible to risk and vice versa. Using cloud storage providers such as Dropbox, Google Drive and other Cloud Storage Threats may increase these chances because of the limited encryption options and the fact that IT will have limited control and usually no visibility.

Read More
June 19, 2017

The Biggest Threat to your Network Security: Email Communications

When it comes to protecting your businesses infrastructure, it is safe to assume that you have some form of cyber protection activated. But email communications represent the biggest threat of all, because it takes advantage of the end user, in one form or the other. It generally only requires one misstep from a member of a network to unleash a catastrophic chain of events within that network.

Read More
June 16, 2017

63% of Data Breaches Result From Weak or Stolen Passwords

In its recent 2016 Data Breach Investigations Report, Verizon Enterprise confirmed many industry trends that we see at ID Agent every day. The most glaring blind spot for organizations is how stolen credentials are the primary means by which hackers exploit their vital systems.

Read More
June 15, 2017

OneLogin – When Password Storing Goes Wrong

OneLogin, a company that provides single sign-on capabilities to safely store passwords of over 23 million users including 2,000 businesses, has suffered a compromise that included the ability to decrypt customer data. In a recent blog, the company revealed that an attack occurred May 31st at 2 am and was identified by a staff member around 9 am. Through that attack, sensitive information such as user information: passwords and emails, various keys from companies and login credentials for a slew of cloud applications were potentially compromised. In the OneLogin blog post, it was stated that they “…cannot rule out the possibility that the threat actor also obtained the ability to decrypt data.” And according to the email sent out after the breach, customers were instructed on steps they should take to proactively prepare themselves. They were advised to force a OneLogin Directory Password Reset for end users, update credentials on 3rd party apps for provisioning and to do numerous other things. The email also included further updates and information.

Read More
June 12, 2017

The Ransomware Assault on Healthcare

Hospital networks can unfortunately become a goldmine for attackers that use ransomware worms as their weapon. If deployed, lives may be endangered, hospitals usually must pay the ransom, or pay to get files retrieved and its reputation could be damaged. Because these attacks are increasing due to lucrative benefits, teaching and reminding hospital staff to use valuable cyber hygiene is imperative.

Read More
June 08, 2017

Why Managed Service Providers Must Monitor for Compromised Credentials

If your customers are like most organizations, 75% of their employees recycle or use a variation of the same password across most of the systems and websites they access – both on and off their employer’s network. And this practice is becoming increasingly dangerous.

Read More
June 05, 2017

Cyber Criminals, College Credentials, and the Dark Web

Today, Digital Citizens Alliance published a report that focuses on how exposed Universities and Colleges’ populations are on the dark web. Specifically, they looked at the levels of compromised credentials associated with .edu’s on the dark web. ID agent provided data to support the report.

Read More
June 01, 2017

How to Detect if Your Organization’s Email Credentials Have Been Stolen & How to Prevent Phishing.

Stolen email credentials are an often exploited vulnerability for government and corporate networks. In fact, Verizon announced in a recent study that 91% of phishing attacks specifically targeted email credentials.

Read More

Please fill in the form below to subscribe to our blog