Until recently, hackers have had limited success stealing Two-Factor Authentication (2FA) PIN and token information. Unfortunately, a tool has been released that will now make it much easier for practically any bad actor to bypass many implementations of 2FA: https://www.zdnet.com/article/new-tool-automates-phishing-attacks-that-bypass-2fa/ This does not mean we should stop using Two-Factor Authentication (2FA). We should still use … Continue Reading
A presentation at Black Hat recently revealed that the creators of the “SamSam” ransomware have netted over $6M to date, attacking mostly medium-to-large public and private sector organizations. And they’re showing no signs of slowing down. In the most recent SamSam attacks, the attackers concentrated their efforts on brute-force hacking of weak passwords on devices accessible … Continue Reading
As you work to finalize your cyber insurance riders or supplemental policies, it’s important to pay attention to the language around what is specifically covered. To ensure you’re receiving the coverage desired, the first step is to understand the difference between hacking and phishing, and how this is being applied to your policy, and to … Continue Reading
