Email domains without DMARC enforcement spoofed nearly 4X as often
As of January 2020, nearly 1 million (933,973) domains have published DMARC records — an increase of 70% compared to last year, and more than 180% growth in the last two …
Guide: 10 critical issues to cover in your vendor security questionnaires
In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive …
Let’s Encrypt will revoke 3m+ TLS/SSL certificates
Starting with 20:00 UTC (3:00pm US EST), today (March 4), the non-profit certificate authority Let’s Encrypt will begin it’s effort to revoke a little over 3 …
Ransomware getting more fearsome, but there’s reason for optimism
Cybercriminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A report from …
How adaptive trust makes security efficient
Zero trust is a comprehensive security framework that requires everyone—and every service account—to authenticate identity before entering the corporate network. Every app and …
A massive increase in eCrime behavior can easily disrupt business operations
During 2019, financially motivated cybercrime activity occurred on a nearly continuous basis, according to a CrowdStrike report. There was an increase in incidents of …
Online payment fraud attempts see 73% increase
Online payment fraud attempts increased by 73 percent in 2019, according to a report from Sift. Additional findings in the report reveal that cybercriminals are using mobile …
Social engineering: Mind the identity verification gap
Billions of personal data records are up for sale on the Dark Web as data breaches continue to occur at an alarming rate. According to Risk Based Security’s 2019 Midyear Data …
How to gather cyber threat intelligence from dark markets without breaking US law
The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, …
Soon, your password will expire permanently
Passwords have been around since ancient times and they now serve as the primary method for authenticating a user during the login process. Individuals are expected to use …
Security operations and the evolving landscape of threat intelligence
In this podcast recorded at RSA Conference 2020, we’re joined by the ThreatQuotient team talking about a threat-centric approach to security operations, the evolution of …
Do you have a data breach response plan?
While corporations today are more knowledgeable about security threats and prepared to respond to data breaches, there are key areas in which progress declined in 2019, …