1> Maltego CE Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. You can find more details hereHow It Helps You : Maltego can be used for the information… Read More »Top 5 Tools for Digital Attack Surface Enumeration
According to research from Risk Based Security, the total number of breaches was up 33% over last year. That’s a whopping 5,183 data breaches for a total of 7.9 billion exposed records and in November, the research firm called 2019 the “worst year on record” for breaches… Not having real time view of your dynamic attack surface and… Read More »2019 Biggest Breaches: 2019 The “Worst Year On Record” For Breaches
The attack surface of an organization can be divided into two parts 1) Digital attack surface and 2) Physical attack surface. An organization should reduce it’s attack surface as much as possible. The more the attack surface, the higher the risks and also the cost to the company to secure them. Here are a few… Read More »Top Strategies For Digital Attack Surface Reduction
In recent times Cyber Security has become one of the top areas of concern for the board and the CEO. Several high profile breaches coming in news with CEOs, CISOs, CIOs getting fired it is indeed one of the worries for the management and the Board. I have done a loosely defined survey with some… Read More »Top 10 Questions CEO or Board Asks The CISO
Less than 3000 one-plus smartphone users were claimed to be affected by a recent one-plus data breach. One-plus is known to have had previous data breaches. Customers are advised to change their password. Data leaked involves name, address, email. The nature of data revealed maybe used for impersonation and indirect access to other accounts. Recently,… Read More »One Plus Breach – November 2019
Over 1 million+ T-mobile customers were affected with a data breach. Personal information (not including password or financial data) were revealed. Expected data revealed would be name, billingaddress, phone and account number, calling scheme etc. The scheme data by T-Mobile customer privacy policy requires them to notify their customer if there is a leak of… Read More »T-mobile data breach (1 M customers affected)
This year July, facebook settled for a $5billion worth settlement with US Federal Trade Commission for its privacy failures in Cambridge Analytica case. Recently, they have disclosed a group of developers around 100 had access to additional information of people in groups. Malicious apps have leaked personal data of facebook and twitter users to third… Read More »Facebook & Twitter Breach – November 2019
Macy’s is a popular shopping destination and a breach before christmas shopping is a scare. On October 15 it notified customers of a magecart card-skimming device. The unauthorized code on payment page (checkout & wallet) could have accessed name, address, city, phone, email, payment card number, card security code, card month/year of expiration. -> (Free… Read More »Macy’s Breach November 2019
We were happy to participate in a community round table organized by CISO Platform Key Discussion Points : What is Shadow IT? What are the types of Shadow IT? Practical demo using open source tools Controls to manage shadow IT risk Reason Of Risk : No standardization Unknown risks Security breaches Data leaks Types Of… Read More »(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web
Discover Your Attack Surface Before Hackers Do Not having real time view of your dynamic attack surface and the risks it is introducing, leaves an organization in the dark and serves as a low hanging fruit for attackers to use this exposed information to fuel their malicious attacks. Report Includes : Why Your Expanding Attack… Read More »Download Report – (Short Guide) On Attack Surface Analysis