Attackers are leveraging legitimate file sharing sites to increase phishing effectiveness

We are seeing a new variation of phishing attack that’s leveraging a users trust of legitimate file sharing services (Dropbox and Egnyte specifically) to increase the effectiveness of their phishing campaigns.  We have included similar techniques in a number of recent phishing engagements for clients and have seen a significant increase in the number of […]

Almost 20 million records exposed in breach affecting Quest and LabCorp

Executive Summary Financial, healthcare and other personal / private information is a treasure trove for criminals and the proliferation of online records (payment, healthcare, etc.) and data sharing between entities (e.g., web portals for accessing healthcare records, payment portals for both B2B and B2C payment processing, etc.) gives these criminals countless opportunities to find data […]

Data protection for humans. What are the basics (and how can you protect your data with stuff you already have)?

I recently had a conversation about data protection, specifically protecting the confidentiality and integrity of sensitive data.  Over the course of that conversation, realized that there is a LOT of confusion on the topic. How do we protect data? When does the data have to be protected? What constitutes protected?  Ultimately, we discovered that the […]