Data Protection December 7, 2022

Will the 2.5M records breach impact student loan relief?

2 min read - Over 2.5 million student loan accounts were breached in the summer of 2022, according to a recent Maine Attorney General data breach notification. The target of the breach was Nelnet Servicing, a servicing system and web portal provider for the…

Data Protection January 25, 2021

Credential Stuffing: AI’s Role in Slaying a Hydra

2 min read - One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s…

Endpoint April 9, 2020

Phishers and iPhone Thieves Rolling Out Multimillion-Dollar Operations

9 min read - Going down the rabbit hole of a physical iPhone theft followed by a SMiShing campaign, IBM X-Force IRIS researchers found a large-scale operation of phishers with over 600 phishing domains.

Software Vulnerabilities March 16, 2020

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

6 min read - It is important that gaming companies are prepared to defend against threats to their consumers and that gamers understand the types of threats they can face in their community.

December 17, 2019

Study: 3 in 4 Users Required a Reset of a Forgotten Password in the Last 90 Days

2 min read - A new study found that most users required a password reset in the last 90 days due to a forgotten password.

Fraud Protection October 22, 2019

Credential-Stuffing Attacks Are Just the Tip of the Iceberg

2 min read - Credential-stuffing attacks are indicative of the much larger issue of account takeover. Adaptive authentication can help improve the digital experience for low-risk users.

Identity & Access October 3, 2019

When Digital Identity and Access Management Meets Physical Security

4 min read - If your identity and access management (IAM) and physical security initiatives are not working as one, your organization may be suffering from unnecessary grief — and increasing risk.

August 14, 2019

Phishing Campaign Distributes Fake Microsoft Account Notifications

2 min read - Attackers are disseminating fake Microsoft account notifications alerting users to supposed "unusual sign-in activity" in a ploy to steal credentials.

Incident Response April 9, 2019

Credential Dumping Campaign Hits Multinational Corporations

6 min read - X-Force researchers observed attackers targeting multinational corporations in various sectors using malicious scripts to automate attacks on misconfigured servers.

Identity & Access April 3, 2019

Reap the Promise of One and Done Authentication With Single Sign-On (SSO)

4 min read - With SSO, employees can use one set of credentials to access all their apps instead of remembering, looking up and frequently resetting multiple passwords.