Below you'll find a list of all posts that have been tagged as “Compromised Credentials”
Cybersecurity intelligence is only as valuable as the actions it allows you to take. Especially in the realm of prevention, fast analysis and notification is critical. It’s no secret to threat actors; they know that as soon as data is available or a vulnerability is identified, the window of opportunity for exploitation is closing. As many cybersecurity professionals can confirm, …
Password authentication isn’t going anywhere anytime soon. It’s part of our culture, users and employees are accustomed to it, and many systems depend on the “what you know” layer. Newer technologies like biometrics might work in certain situations, but they won’t replace passwords altogether anytime soon. In our series on password security, we’ve talked about some worrying trends, the myths …
At Enzoic, we understand the need for threat intelligence that allows both businesses and users to take action to keep themselves safe. Effective threat intelligence for compromised credential screening involves constant evolution, discerning reconnaissance, and real-time analysis and deployment. Unfortunately, most threat intelligence services are vague and laconic, relying on misleading statistics and alarmist reports as veneers for validity. Nearly …
A Portal to Danger With the pandemic in 2020, it’s safe to say that healthcare changed forever. While many hospitals and care facilities had previously been distant to overhaul their telehealth services, the need for locked-down health facilities quickly shifted priorities. Patient portals rapidly became more common as they serve as a way for patients to communicate with providers, receive …
The Safeguards Rule A recent SEC ruling could inform future cybersecurity cases relating to how financial investment firms must secure their users’ personal accounts. In enforcement actions taken against eight different firms, the SEC announced on August 30, 2021, that each firm had violated the ‘Safeguards Rule’ for failing to protect against account takeover. Rule 30(a) of Regulation S-P, commonly known as the …
Cracked Wide Open Over the past decade, the number of data breaches in almost all industries has skyrocketed. From healthcare to finance, user credentials have become both the tool of cyberattack and one of its primary targets. The 2021 Verizon DBIR report indicated that upwards of 61% of breaches involved leveraged credentials. Communicating clearly about the problem The Open Web Application …
Repercussions from the ongoing pandemic are still reverberating through workplaces all over the world. Businesses are racing to catch up with the changes they’ve had to make to accommodate remote workers, digitalization, and new cloud technologies. Many have let their cybersecurity practices fall to the wayside in a rush to evolve with the times. In a report by PwC, 64% …
Planning, Protecting and Not Paying Your company is aware of the many attempts that hackers make every day to infiltrate organizations, steal data, and demand ransoms. Hacking methods seem to propagate rapidly, but ransomware has been making the headlines regularly in the past two years. Ransomware, a form of malware, accounted for about ten percent of the breaches collated in …
The education sector is a prime target for credential attacks and password reuse is rampant. So, we took some time to talk with one of our customers (a large private university) about how our solution has enabled them to shore up their defenses and reduce the risk from compromised credentials. Tell us about your situation. Higher education is similar to …
Every aspect of our lives is touched by the digital world and passwords are one of the most critical issues in cybersecurity. Internet users of all ages and abilities employ passwords without necessarily understanding the process. Why are they being asked to create passwords with specifications like capital letters and only certain symbols? It’s time for us all to visit …
