Chainanalysis, a data firm that specializes in blockchain information, has released a mid-year report on crypto crime. Ransomware comes out swinging So far in 2023, ransomware is the only type of cryptocurrency-based crime that has seen an increase...
The password manager LastPass has suffered a major data breach. Or, more accurately, another major data breach. Using information gained during a security breach in August 2022, threat actors were able to get a full copy of the data LastPass stores on a cloud-based...
The NordPass Research team has published a list of the 200 most popular passwords. If you use any of these most popular passwords... don’t worry, we have recommendations to create strong passwords in 2023. NordPass Research partnered with independent researchers who...
In an update released December 2022, Microsoft patched a zero-day vulnerability that was exploited. A zero-day vulnerability refers to potential weak points in an update that could be exploited the day it is released. The fear is that someone could learn to exploit...
Researchers have discovered more malicious apps on the Google Play Store, including some that are designed to steal users' personal information. The researchers advise users to be cautious when downloading apps from the Google Play Store, and to only install apps...
A new unpatched Microsoft office vulnerability has been discovered by security researchers. The vulnerability, dubbed “Follina”, affects all versions of Microsoft Office from 2007 onwards. Follina tricks the system into downloading malware from a remote URL that is...
We’re starting to hear from clients and insurance brokers that cyber insurance costs are on the rise, in some cases up to 200%. Of course, this comes with insurers cracking down on IT controls – making sure their insureds are operating as securely as...
Let’s start by describing what an app registration is: An app registration happens when you allow an external program to integrate with your Microsoft 365 tenant. A common example might be allowing a scheduling tool like Calendly to access your companies’...
An interesting development came to light recently wherein the FBI intervened on behalf of people who had not updated their watchguard firewalls and had gotten hacked by Russian threat actors. In a clandestine takedown operation cloaked by a federal warrant, FBI...
By now we hope that our clients understand that IT security is never “done”. It is a constantly evolving and maturing process involving additional tools, training, and knowledge. This image shows the journey many clients are on with us to improve and mature the...