» Blog

Numerous attack campaigns in the past couple of months have demonstrated a common tactic used by cybercriminals and state-sponsored attackers alike―credential harvesting. According to the Verizon 2017 Data Breach Investigation Report, 81% of hacking-related breaches leverage either stolen, default or weak credentials. While credential harvesting is often seen as equivalent to phishing, it uses different…

By Brett McDowell, Executive Director, The FIDO Alliance With attacks shifting away from POS terminals to web and mobile channels, the risk of data breach and account fraud for online retailers is skyrocketing, but new global standards developed jointly by the FIDO Alliance and the W3C are being implemented by leading web browsers and consumer…

The threat landscape has transformed significantly over the last decade. As organizations have invested in security controls, tools and personnel to combat threats, threat actors have found other ways to infect systems and ultimately compromise organizations. As a result, threat actor groups have begun to target third-party vendors. Organizations rely heavily on their third-party vendors…

PHISHING-AS-A-SERVICE (PHAAS) allows attackers to create individual phishing campaigns, schedule and process emails and a lot of other related procedures that are involved in phishing computer targets. While most currently available PhaaS platforms are designed to test the resilience of organizations and their ability to detect social engineering attempts against their employees and help craft…

The commitment to increasing retailer’s cyber security posture via collaboration, partnership and sharing threat intelligence was evident at the RH-ISAC Regional Intelligence Workshop, hosted at member company Target’s headquarters June 7. Rich Agostino, Target’s CISO, kicked things off with a powerful opening statement indicating, “Cybersecurity is critical to the success of the entire organization. Collaboration…