Fortscale Insider Blog

Data Breaches Worse than Thought

19 Apr Data Breaches Worse than Thought–Many Firms Not Reporting

Symantec’s recent Internet Security Threat Report confirms what many of us have suspected for some time–that the number of data breaches is worse than we thought because a significant number of firms don’t report the real number of stolen records. In 2015 there were nine mega breaches, and over 400 million records were reported stolen. But the study from Symantec indicates...

Read More
hackers

18 Apr Security Questions Not Hard For Hackers

Cybercriminals are increasingly obtaining the answers to security questions that only we are supposed to know. With that information these thieves can potentially gain access to our bank or other accounts. So in the annual push to get my taxes done and filed I kept thinking of last year’s IRS data breaches where hackers gained access to a number of online...

Read More
Fort Friday Security Clips

15 Apr Fort Friday Security Clips—Gov has lowest score for cybersecurity, ISACA LA

U.S. federal, state and local government agencies is riding the caboose in cybersecurity, when compared to 17 major private industries. The new report was released by SecurityScorecard on Thursday, and measured the relative security of government and industries across 10 categories. Security Scorecard’s benchmarking platform grades 10 security categories comprised of thousands of unique data points to determine a category score and then...

Read More
naughty list in behavioral analysis

14 Apr The Naughty List Is New Again

So Here's How to Pick the Better Behavioral Analysis Security Product . . . The security industry wants you to behave. That's apparently the latest hurdle to cybersecurity at the corporate level-- behaving. Now imagine a collapsed mother in near tears as kids knock over all the nice things that parents can't have and that's the security industry as a metaphor. Cybercriminals...

Read More
law firm cyber attacks

13 Apr Law Firms – Next Wave of Cyber Attacks?

The recent data breach of the Panama-based law firm Mossack Fonseca, or the so called “Panama Papers” leak, has captured a lot of headlines lately. The 11.5 million records, emails, databases, and images that were stolen apparently contained very damaging data on a number of high profile politicians and public figures. Last week, we also saw two other law firms disclose...

Read More
fake data breach FE

12 Apr Scammed by a fake data breach

The number and types of new cyber crimes never cease to amaze me. This week I learned of yet another type of social engineering or Phishing attack where hackers fabricate a fake data breach to dupe supposed victims into giving up sensitive data. With the large number of data breaches these days, and the wide coverage the media is giving them,...

Read More
Computer mouse insecure with wireless

11 Apr Your Computer Mouse Can Betray You

We’ve known for a long time that except for the few devices using Bluetooth, the signals between your wireless computer mouse and your computer are not secure. But nobody seemed to really care about this vulnerability. This callous attitude probably stems because most assume, as I did, that the wireless range of a mouse and computer was so small that...

Read More
Fort Friday Security Clips

08 Apr Fort Friday Security Clips—the Panama Papers, ransomware with a twist

The Panama Papers is the biggest data leak in history—featuring 11.5 million documents (2.6 Terabytes of data) from Panamanian law firm Mossack Fonseca—released last Sunday by the International Consortium of Investigative Journalists (ICIJ). The law firm has denied any wrongdoing and recently set up a separate website to address allegations in real-time. Global stir Time Magazine states: "Among those caught up in the...

Read More
hacked underground

07 Apr Hacked corporate email accounts dirt cheap in the underground

Want to dig up some dirt on a competitor? There's an underground service available where hackers-for-hire can get that corporate email account hacked (dirt cheap) for $500 USD. In a recently released report, Dell SecureWorks research uncovered a highly popular underground cybercrime forum offering corporate email account hacking services for hire. The report noted that Russian cybercriminals jacked up their work hours to 24/7; offered customers...

Read More
ex-employee credentials

06 Apr Fear The Walking Dead: Reanimated Ex-Employee Credentials

Think your ex-employees are really gone? Think again. In 2014 a survey by Lieberman Software confirmed what many of us in the security industry already suspected—that there are a lot of ex-employee accounts out there that are still active, and can be accessed simply by using the old login credentials. Here we are two years later and another study just released...

Read More