Old News: Passwords Are Still Risky

Passwords remain one of the most common targets for hackers. A single stolen password can create a ripple effect that spreads to additional services and users as passwords are reused across accounts and phishing emails are sent to the account’s contacts. In an example of this vicious cycle, researchers discovered a network of 711 million email accounts hackers used to distribute malware. The sophisticated attack included a reconnaissance campaign to gather information for more targeted outreach.

Identity providers like Okta, which recently hosted its annual user conference, give companies a tool to enforce multi-factor authentication for enterprise applications. The challenge is that employees often use services without IT’s knowledge and authenticated users can take risky activities within cloud services. For these reasons, visibility into cloud usage post-authentication is an essential layer of security on top of multi-factor authentication for greater cyber resiliency.

711 MILLION Email Accounts Weaponized by Onliner for Spam Campaigns | David Bisson, Graham Cluley Blog

Monitoring Logons ‘the Most Effective Way to Detect Data Breach’ | SC Magazine

Machine Learning Makes Security a Fair Fight

IT security professionals face an unfair battle. That’s not pessimism – just an observation of the fact that companies need to invest much more money and human resources in keeping data safe than criminals do in breaking in. This is because IT security teams must successfully protect against every attack, while hackers only need to be successful once. In looking to even the playing field, companies have turned to artificial intelligence.

Cybersecurity often comes down to looking for a needle in a haystack, whether for a human error that exposes information or a malicious hacker exploiting a vulnerability. Compounding these challenges is the fact that there is a shortage of skilled professionals with expertise in emerging technologies.

Artificial intelligence and machine learning can help information security teams process the massive amounts of information that every company creates every day and separate the signal from the noise. Today’s security tools don’t just monitor for malware signatures or malicious IP addresses; they monitor for the signs of activity indicative of a malicious presence to detect rogue insiders or attackers disguised behind employee accounts.

Cybersecurity: An Asymmetrical Game of War | Hal Lonas, Darkreading

Cybersecurity Threats to Companies Only Growing | CNBC

By the Numbers

1,000

The number of Gbps of today’s DDoS attacks, up from 150 requests per second in the ‘90s.

47

The number of cybersecurity experts interviewed in the latest TAG Cyber Security Annual report.

29%

The percentage of transportation companies who reported experiencing an IoT attack.