November 26, 2024 at 05:21PM Malwarebytes’ Black Friday 2024 deals offer 50% off annual subscriptions for its anti-malware, VPN, and Personal Data Remover services. Discounts apply until December 8th, with products including Malwarebytes Standard, Plus, and Ultimate. New offerings include Identity Protection and Personal Data Remover. Visit their site for more details. ### Meeting Notes … Read more
November 18, 2024 at 04:04PM Maxar Space Systems reported a data breach where hackers accessed personal employee information, including names and Social Security numbers, via a compromised network. Immediate actions were taken once the breach was discovered on October 11, 2024. Identity protection services are offered to affected employees. No bank account information was exposed. … Read more
November 12, 2024 at 03:39PM CrowdStrike has acquired Israeli startup Adaptive Shield for approximately $300 million to enhance its security posture management capabilities. This acquisition will strengthen its Falcon platform by integrating SaaS application monitoring, improving identity protection, and offering tools to manage and secure identities against increasingly common identity-based attacks. Completion is expected by … Read more
November 6, 2024 at 10:08AM Cross-domain threats have surged, exploiting identity, cloud, and endpoint vulnerabilities with minimal detection footprints. Notable adversaries like Scattered Spider and North Korea’s Famous Chollima utilize stolen credentials and sophisticated phishing to conduct attacks. Defending against these requires integrated visibility, real-time threat hunting, and advanced identity protection measures to prevent breaches. … Read more
November 4, 2024 at 12:04PM The City of Columbus, Ohio, reported that 500,000 residents’ personal data may have been accessed in a ransomware attack by Rhysida. The breach involved sensitive information, including names, addresses, and social security numbers. Columbus offered two years of credit monitoring to affected residents and faces scrutiny over its response. ### … Read more
November 4, 2024 at 09:58AM In July 2024, a ransomware attack in Columbus, Ohio, compromised the personal data of 500,000 individuals. The Rhysida gang claimed to have stolen sensitive information and subsequently leaked 45% on the dark web. The City is offering credit monitoring services and advising impacted individuals to monitor for suspicious activity. ### … Read more
October 31, 2024 at 06:54AM The “Enterprise Identity Threat Report 2024” highlights vulnerabilities in corporate identity management, revealing that 2% of users drive most identity risks. Key issues include shadow identities, weak corporate passwords, high-risk browser extensions, and attackers bypassing legacy tools. Organizations must reassess their identity security strategies for better protection. **Meeting Takeaways: “Enterprise … Read more
October 30, 2024 at 03:22PM Microsoft will mandate multifactor authentication (MFA) registration for all users when security defaults are enabled, enhancing security across Entra tenants. This requirement, part of the Secure Future Initiative, starts for new tenants on December 2, 2024, and for existing tenants in January 2025, reducing account compromise risks. **Meeting Takeaways: Microsoft … Read more
October 4, 2024 at 04:18PM Comcast revealed 237,703 customers’ data was stolen in a cyberattack on a debt collector they used, contradicting previous information. The compromised agency had earlier stated no Comcast data was affected, but later admitted the breach. The affected data included personal details, implying a ransomware attack, and the collector’s financial issues … Read more
September 30, 2024 at 12:06PM Patelco Credit Union reported a ransomware attack in June, leading to a data breach of over 1 million individuals. The attackers obtained personal information, including names, birth dates, Social Security numbers, and more. Patelco is offering affected individuals two years of free credit monitoring and identity protection services, and is … Read more