Identity & Access January 24, 2023

An IBM Hacker Breaks Down High-Profile Attacks

5 min read - On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then…

Intelligence & Analytics December 20, 2022

4 Most Common Cyberattack Patterns from 2022

4 min read - As 2022 comes to an end, cybersecurity teams globally are taking the opportunity to reflect on the past 12 months and draw whatever conclusions and insights they can about the threat landscape. It has been a challenging year for security…

Identity & Access December 16, 2022

The Cybersecurity Takeaway from Twitter’s Verification Chaos

4 min read - Twitter has been verifiably bonkers since electric car and rocket mogul Elon Musk took over and reworked the social network’s long-standing verification system. This provides a valuable lesson about the link between verification or authentication and between security and usability.…

Data Protection December 7, 2022

Will the 2.5M Records Breach Impact Student Loan Relief?

2 min read - Over 2.5 million student loan accounts were breached in the summer of 2022, according to a recent Maine Attorney General data breach notification. The target of the breach was Nelnet Servicing, a servicing system and web portal provider for the…

Identity & Access October 20, 2022

How to Keep Your Secrets Safe: A Password Primer

5 min read - There are two kinds of companies in the world: those that have been breached by criminals, and those that have been breached and don’t know it yet. Criminals are relentless. Today’s cyberattacks have evolved into high-level espionage perpetrated by robust…

Data Protection September 26, 2022

Making the Leap: The Risks and Benefits of Passwordless Authentication

5 min read - The password isn’t going anywhere. Passwordless authentication is gaining momentum, though. It appears to be winning the battle of how companies are choosing to log in. Like it or not, the security industry must contend with both in the future. …

News February 2, 2022

Over 1,200 Phishing Kits Found in the Wild With Ability to Steal 2FA Codes

2 min read - Academics discovered more than 1,200 phishing kits equipped with the ability to intercept users’ two-factor authentication (2FA) codes in the wild. Two Types of 2FA Phishing As noted by researchers from Stony Brook University sponsored by security firm Palo Alto…

Identity & Access January 17, 2022

The State of Credential Stuffing Attacks

4 min read - Credential stuffing has become a preferred tactic among digital attackers over the past few years. As reported by Help Net Security, researchers detected 193 billion credential stuffing attacks globally in 2020. Financial services groups suffered 3.4 billion of those attacks.…

Government October 25, 2021

Nobelium Espionage Campaign Persists, Service Providers in Crosshairs

2 min read - In an advisory released on October 24, Microsoft announced ongoing campaigns it has attributed to the Nobelium state-sponsored threat group. IBM X-Force tracks this group as Hive099. If the name sounds familiar, that’s because it is the same group that…

Zero Trust September 20, 2021

Zero Trust: Follow a Model, Not a Tool

3 min read - The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses. Zero trust ensures verification and…