Cybersecurity

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

At the most basic level, the Internet consists of interconnected networks that communicate using standard protocols such as the Border Gateway Protocol (BGP) and the Domain Name System (DNS). As such, it is built on trust or an honor system – trust that routing requests received from another network are valid, and the traffic sent in response to requests is legitimate.

Mobile Apps Take the Lead, Scammers Follow

Mobile commerce has just reached another landmark milestone. For the first time ever, mobile transactions made up almost $1 of every $3 spent online during the post-Thanksgiving 2019 shopping weekend.

The High Cost Of Privacy In A Post-GDPR World

It has officially been over a year since the European Union's General Data Protection Regulation (GDPR) took effect and in that time, we've come to see both the benefits, and the very serious drawbacks of this program.

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

Early this month, the Gekko Group, an AccorHotels subsidiary erroneously uploaded more than 1TB of confidential information on a publicly accessible cloud-based server. This error led to the exposure of tons of data owned by its partner hotels' clients, travel agencies, and customers.

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

An attempted ransomware attack on some Louisiana state servers caused the state's cybersecurity team to shut down their IT systems and websites. Governor John Bel Edwards, however, emphasized that not all of the state's servers were affected.

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

For 16 months, PayMyTab, a third-party payment provider, leaked the private data of customers who dined in a U.S. restaurant when it failed to follow a simple yet essential security protocol.

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

John Paul Revesz (also known as "Armada"), the Canadian behind the Orcus RAT (a software that been used in various malware attacks), has been charged under Section 342.1 of the Criminal Code on November 8. The specific section is for the unauthorized use of a computer, and at its core, this is what Revesz's Orcus software does.

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Highly publicized ransomware attacks are never short of golden nuggets of wisdom for the cybersecurity industry. They first teach us that attackers control the rules of the game once infiltration is complete. Second, large enterprises that use cloud-based technologies to store sensitive financial information continue to be at risk.

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

NordVPN admitted last month that its data center located in Finland was hacked on March 5, 2018. While the virtual private network (VPN) service provider claimed it learned of the incident as early as April 13, 2019, it only confirmed the compromise last month after reports that its expired Transport Layer Security (TLS) certificate and its private key were leaked.

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

Major healthcare providers suffer a lot from breaches, both from a legal and financial standpoint. Aside from patient lawsuits, they also face severe penalties imposed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA).