Fortscale Insider Blog

fake data breach FE

12 Apr Scammed by a fake data breach

The number and types of new cyber crimes never cease to amaze me. This week I learned of yet another type of social engineering or Phishing attack where hackers fabricate a fake data breach to dupe supposed victims into giving up sensitive data. With the large number of data breaches these days, and the wide coverage the media is giving them,...

Read More
Computer mouse insecure with wireless

11 Apr Your Computer Mouse Can Betray You

We’ve known for a long time that except for the few devices using Bluetooth, the signals between your wireless computer mouse and your computer are not secure. But nobody seemed to really care about this vulnerability. This callous attitude probably stems because most assume, as I did, that the wireless range of a mouse and computer was so small that...

Read More
Fort Friday Security Clips

08 Apr Fort Friday Security Clips—the Panama Papers, ransomware with a twist

The Panama Papers is the biggest data leak in history—featuring 11.5 million documents (2.6 Terabytes of data) from Panamanian law firm Mossack Fonseca—released last Sunday by the International Consortium of Investigative Journalists (ICIJ). The law firm has denied any wrongdoing and recently set up a separate website to address allegations in real-time. Global stir Time Magazine states: "Among those caught up in the...

Read More
hacked underground

07 Apr Hacked corporate email accounts dirt cheap in the underground

Want to dig up some dirt on a competitor? There's an underground service available where hackers-for-hire can get that corporate email account hacked (dirt cheap) for $500 USD. In a recently released report, Dell SecureWorks research uncovered a highly popular underground cybercrime forum offering corporate email account hacking services for hire. The report noted that Russian cybercriminals jacked up their work hours to 24/7; offered customers...

Read More
ex-employee credentials

06 Apr Fear The Walking Dead: Reanimated Ex-Employee Credentials

Think your ex-employees are really gone? Think again. In 2014 a survey by Lieberman Software confirmed what many of us in the security industry already suspected—that there are a lot of ex-employee accounts out there that are still active, and can be accessed simply by using the old login credentials. Here we are two years later and another study just released...

Read More
data breach building FE

05 Apr Costs of a Data Breach Continue to Increase

The annual Ponemon Institute’s 2015 Cost of Data Breach Study was just released. Sadly, the report showed that the costs of a data breach continue to increase, rising 23% since 2013 to $3.8 million dollars per incident in 2015. The average cost incurred for each lost or stolen record containing sensitive and confidential information increased six percent from a consolidated...

Read More
cyber crooks pay attention to IT security

04 Apr Are Cyber Crooks Collecting Your Tax Return?

Imagine finally getting around to getting your taxes done and filed, only to have the IRS tell you “sorry, but your tax return has already been filed”. “Say what? I really need that refund I’ve been planning on!” Sounds crazy, but that’s the sorry reality for a number of people this year who’ve fallen to one of this year’s tax crimes...

Read More
security clips FortFriday

01 Apr Fort Friday Security Clips—MongoDB, Crypto-ransomware & R0b1N H00d foolery

Verizon recently reported that an attacker had exploited a security vulnerability on its enterprise client portal and stole contact information of a number of its customers. Several other sources put the number of stolen records at over 1.5 Million in number. The security vulnerability discovered on the client enterprise portal was reported to Verizon on December 22 last year by security...

Read More
R0b1n H00d malware April 1

01 Apr Fortscale’s Latest Discovery “R0b1N H00d” Malware Does Pretty Much Exactly What You’d Think

San Mateo, CA - April 1, 2016 – Researchers at Fortscale, the security pioneer in machine-learning user behavior analytics (UBA), issued warnings to major online banking and payment customers of the emergence of a new class of malware making the rounds among disgruntled insiders. The trojan, which is commented inside the code as “R0b1N H00d”, triggers small cash transfers to...

Read More
data breach

31 Mar Prior to the data breach . . . insider threats for TCC?

Earlier this month, more than 3000 current and former employees of Tidewater Community College (TCC) were leaked in a sophisticated phishing scam. The unknown hacker gained access to TCC employee data via sending a phishing email to another TCC employee with a request for 2015 W-2 data. The data breach occurred on March 2 when a finance department employee responded to...

Read More