Fortscale Insider Blog

cyber crooks pay attention to IT security

04 Apr Are Cyber Crooks Collecting Your Tax Return?

Imagine finally getting around to getting your taxes done and filed, only to have the IRS tell you “sorry, but your tax return has already been filed”. “Say what? I really need that refund I’ve been planning on!” Sounds crazy, but that’s the sorry reality for a number of people this year who’ve fallen to one of this year’s tax crimes...

Read More
security clips FortFriday

01 Apr Fort Friday Security Clips—MongoDB, Crypto-ransomware & R0b1N H00d foolery

Verizon recently reported that an attacker had exploited a security vulnerability on its enterprise client portal and stole contact information of a number of its customers. Several other sources put the number of stolen records at over 1.5 Million in number. The security vulnerability discovered on the client enterprise portal was reported to Verizon on December 22 last year by security...

Read More
R0b1n H00d malware April 1

01 Apr Fortscale’s Latest Discovery “R0b1N H00d” Malware Does Pretty Much Exactly What You’d Think

San Mateo, CA - April 1, 2016 – Researchers at Fortscale, the security pioneer in machine-learning user behavior analytics (UBA), issued warnings to major online banking and payment customers of the emergence of a new class of malware making the rounds among disgruntled insiders. The trojan, which is commented inside the code as “R0b1N H00d”, triggers small cash transfers to...

Read More
data breach

31 Mar Prior to the data breach . . . insider threats for TCC?

Earlier this month, more than 3000 current and former employees of Tidewater Community College (TCC) were leaked in a sophisticated phishing scam. The unknown hacker gained access to TCC employee data via sending a phishing email to another TCC employee with a request for 2015 W-2 data. The data breach occurred on March 2 when a finance department employee responded to...

Read More
cybersecurity tools

30 Mar Good Tools Help Shortage of Cybersecurity Professionals

2015 has earned the dubious distinction of being the worst year ever for cybercrime, with nearly 1,000 major data breaches. Attacks included the theft of 21.5 million records from the federal government's OPM (Office of Personnel Management) and T-Mobile’s 15 million record data breach that exposed the names, addresses, and Social Security numbers of many of the company’s customers. To add...

Read More
Home Depot breach

29 Mar Home Depot to Pay at Least $19.5 Million to Consumers

A few years ago as I was finishing work on my new home, I walked into the local Home Depot and said to myself “I think I need at least one of everything in this store”. That was an exaggeration, but I did, and still do make a ton of purchases at Home Depot. When the massive Home Depot breach was...

Read More
breach

28 Mar Verizon Breach, It Can Happen To Anyone

Every year I anticipate the release of Verizon’s annual Data Breach Investigations Report. I’ve read it religiously for years. As a company that specializes in data breach security and helps countless organizations respond to and investigate security breaches, it’s ironic to say the least that Verizon just experienced a massive data breach of their own. Verizon recently reported that an attacker...

Read More
hacked

25 Mar Fort Friday Security Clips—Verizon hacked, OS X zero-day

Data for  1.5 million Verizon Enterprise customers is for sale in an underground cybercrime forum. Security journalist, Brian Krebs of KrebsonSecurity reports  that the hacker priced the entire package at $100,000 and was also offering the data in chunks of 100,000 records for $10,000 apiece. Interested buyers were offered an additional perk to purchase information about the security vulnerabilities found in Verizon’s enterprise client portal....

Read More
insider threats trend du jour

24 Mar Insider threats — Trend Du Jour

We've all heard that users can be a companies weakest link—whether deliberate or through negligence—employees (and ex-employees) are increasingly creating security risks within their organizations. With insider threats rapidly becoming the trend du jour—companies need to amp up vigilance. You also have to consider ex-insiders who may go rogue. In the recent Ofcom breach, an  ex-employee went rogue and handed over approximately six...

Read More
cybersecurity wakeup call

23 Mar Need for Cybersecurity Accelerates

Many years ago when personal computers were just starting to emerge, I got a phone call from my brother. He’d just started a cybersecurity company—one of the first. “Come work for me, I need your help” he implored. It seems ridiculous now, but although I agreed, I remember thinking “OK, I can do that for a while, but it doesn’t...

Read More