Domain Hijacking & 3 Easy Countermeasures

Domain hijacking is the act of changing the domain name registration without the original Registrant’s permission, or by abuse of privileges on domain hosting and registrar software systems. It is a form of theft that takes place online, where the thief/attacker takes access of a domain without the consent of the domain registrant.Read More

Top 9 Highlights Of Google’s Study On Leaked Credentials

This blog is based on the Google’s study on leaked credentials which was published by Google along with researchers from University of California, research paper titled “Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials.

 

Researcher have collected data over the course of March, 2016–March, 2017, They identified:

  • 788,000 potential victims of off-the shelf keyloggers;
  • 12.4 million potential victims of phishing kits;
  • 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums

 

Key Highlights (Google’s Study On Leaked Credentials):

 

1- More Than 20% Users Were Affected:

As per the study, 7–25% of exposed passwords match a victim’s Google account.Read More

Shadow IT in Healthcare Organizations

Healthcare organizations and pharmaceutical companies rest on a foundation of sensitive patient data and intellectual property.

Healthcare entities in the private sector – especially those affiliated with academic medical centers and university research facilities – also commonly face challenges of identifying and reining in shadow IT and mitigating the security risks posed by technology deployments that aren’t formally sanctioned or managed by the healthcare organization’s IT or security team.Read More

Top 3 Insights Into The Impact Of Shadow IT

Digital Security is a challenging practice of protecting your organization’s information and to understand the Impact of Shadow IT. In most organizations, it would be hard just to make sure that they are not compromised through your networks, communication systems, and storage systems. Having to worry about information that is outside your control, and that you know little or nothing about, makes it even harder.Read More

Understanding Key Attack Surface Dimensions

We will discuss a few key areas in the vast attack surface today. With increasing technology advancement and its intervention into the enterprise world makes the scope of cyber defense enormously large. It reminds me of depth-first and breadth-first search algorithms to cover scopes in varied situations. The security landscape is so widely expanding, the change is constant and the depth and breadth is too.Read More

Credential Stuffing: 8.7 Identity-Record Data Are On Surface, Deep & Dark Web

Credential stuffing is a method that hackers use to infiltrate a company’s system by automated injection of breached username & password pairs. Attackers use credentials to bypass anti-spam and firewall devices and access users accounts. Once they were inside the company network, they can send phishing emails or compromise company systems/data.Read More