Businesses already reeling from the impact of COVID-19 may take another blow as Bank of America disclosed in mid-May that, while uploading loan applications related to the Paycheck Protection Program, some customers' data may have been exposed.
Multiple states in the U.S. have been struggling to combat fraudulent “Pandemic Unemployment Assistance” (PUA) claims. To compound the issue, the affected states may actually be making it easy for the perpetrators by leaking citizens’ personal data from the websites scammers have been using the file the claims.
Verizon has released its 2020 Data Breach Investigations Report (DBIR) was released on Tuesday with some interesting findings:
As organizations continue to implement multifactor authentication (MFA), hackers have been looking for ways to bypass these added protections. A recent phishing campaign has succeed in bypassing MFA protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks.
A highly convincing phishing campaign has been attempting to harvest Office 365 credentials using cloned imagery from automated Microsoft Teams notifications.
Multiple cybercrime groups have been using a sophisticated phishing kit to target high-ranking employees in North America and other parts of the world. Researchers with the cybersecurity firm, Group-IB, believe there have been at least 150 victims, with over half from the financial services sector, though targets have also included individuals within the real estate, legal, consulting, manufacturing, energy, retail and IT sectors.
The average ransom payment demanded from ransomware operators increased 33% in the first quarter of 2020, driven in large part by the operators of Sodinokibi and Ryuk ransomware. Behind this are successful attacks against large enterprises that can afford to pay top dollar to get their data back.
The Federal Bureau of Investigation (FBI) has released a new FLASH warning online retailers about the latest Magecart skimming threat.
The Cybersecurity and Infrastructure Security Agency (CISA), with FBI and U.S. Government, issued an alert providing details on common vulnerabilities and exposures routinely exploited by foreign cyber actors, to help employers reduce their risk.
A new report from cybersecurity software firm, Carbon Black, examines an increase in cyber attacks against financial institutions amid the COVID-19 pandemic. The report, released in May, notes that 80% of the financial firms surveyed experienced more cyberattacks over the past 12 months, an increase of 13% year-over-year.
Source: Carbon Black Report
In an ironic twist, private conversations between hackers have been exposed as the database for a defunct hacker forum and data breach marketplace itself goes up for sale on the dark web.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies. Jake has served on several non-profit boards throughout his career and is a frequent speaker on D&O and cyber liability risks. Jake joined Associated Benefits and Risk Consulting (ABRC) in 2014 and his primary responsibilities include leading the firm’s management liability group and serving as global team lead.
Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
Send a Message
Find a Location