Blog

Why does healthcare require the severest cybersecurity measures?
Why does healthcare require the severest cybersecurity measures?
Innovations are designed to improve the quality of service and save time for patients and doctors, however, doctors and patients realize how vulnerable medical information is.
25.12 Blog
2020 infosec in pictures
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
Ledger hardware wallet breach echoes with phishing
The investigation into the Ledger compromised security case was launched after the data breach which dates back to June 25, 2020.
An entire database stolen, Microsoft hacked
People’s Energy company faces an overwhelming data exposure, Microsoft becomes another company tricked by hackers via SolarWinds in case the investigation proves it.
FAQ: Frequently Asked and Finally Answered
FAQ: Frequently Asked and Finally Answered
15 questions the monitoring solution developer responds to during seminars.
Should companies pay ransom? Is there a way out when you’re deprived of confidential data?
Should companies pay ransom? Is there a way out when you’re deprived of confidential data?
One of the world’s biggest plane makers got its data leaked.
07.12 Blog
How much can a GDPR breach cost you?
Non-compliance could cost companies dearly
03.12 Blog
South Koreans data was leaked by Facebook
South Koreans data was leaked by Facebook
Facebook is penalized by South Korea’s regulatory authority for divulging user data.
26.11 Blog
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Indian companies chose cloud
83% of companies chose cloud to deal with cybersecurity issues of remote work quick
How much can a former employee cost you?
Keeping the accounts of dismissed employees active and failing to revoke excessive rights might be one of the biggest mistakes a company can make.
U.S. city will pay the Office for Civil Rights $202,400
New Haven, Connecticut, didn’t deny access and left confidential health information available to a former employee.
A customer guessed a password
A customer guessed a WeWork shared user account password for employees
Aetna charged $1m for three data breaches under HIPAA
The HIPAA (the Health Insurance Portability and Accountability Act) has exacted a $1 million penalty from Aetna, U.S. health care insurance company.
Awareness doesn’t prevent from human factor
Employees keep opening emails even though they look like a phishing attack
28.10 Blog
British Airways has been charged £20 million
British Airways has been charged £20 million
British Airways have been charged £20 million instead of paying £183 million – the initial fine imposed by the Information Commissioner’s Office.
Shifting to the cloud
Almost half of IT companies shifted to the cloud during the lockdown
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
Today DLP system’s purpose is not just monitoring data leaks as it was in the beginning - now DLP systems are commonly used to solve a much broader list of problems.
Rights and wrongs when creating profile
How can you analyse employee personality and steer clear of breaching privacy?
Mayo Clinic clients’ data was accessed by a former employee
Mayo Clinic clients’ data was accessed by a former employee
A former employee has compromised more than 1600 patient records.
07.10 Blog
The biggest GDPR fine in Germany
H&M will be charged €35.3 million – penalty imposed by the Data Protection Authority of Hamburg.
Data breaches analysis
SearchInform analysed breaches that occurred in the first half of 2020.
25.09 Blog
Insiders in Shopify and patients records leaked by an employee
4000 patients records appeared to be exposed over the past few years.
23.09 Blog
Student data breach at the Warsaw University of Life Sciences
BYOD might face some critics, as usage of personal devices led to a data breach.
Data Protection in the Cloud
Security innovations and strict compliance are key in achieving the utmost security for your cloud data.
The Darwin Awards in Information Security World
...or 7 stories about stupidity, careless work, credulity and their consequences
Information security in small businesses demands owners' and execs' attention
Each third employee considers information security within a company an average or a massive issue.
What is confidential information and how does it affect your finances?
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
Leaked on purpose
The Intel leakage was intentional, according to both Intel and ZDNet.
$3.86 million is an average expense when dealing with a data breach
500 organisations which experienced data breaches were studied during the survey.
Use case: eDiscovery
Proper information governance facilitates data search and analysis required for internal investigation.
Bribing an employee to compromise the company's security
A Nevada-based company's employee was bribed by a Russian fraudster to install a malware within the corporate network.
Use case: file cleanup
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
A 65% increase in phishing attacks
Agari reports results drawn from the company's recent survey covering the first half of 2020.
Ensuring security and compliance in multi-departmental teams
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
If a data breach - then data protection tips
A detailed check-list of actions to take in order to save the data
21.08 Blog
Enormous, but hidden Uber 2016 data breach goes public
The federal prosecutors of the US charged Uber’s former chief security officer, Joe Sullivan for his attempt to cover-up this massive breach.
21.08 Blog
ABC insider breach in major tech company in NY
Tyler C. King, a savvy man from Dallas, Texas was accused of computer fraud and aggravated identity theft.
17.08 Blog
Two important data protection questions to answer: Why and How to protect data at rest, in motion and in use
A short explanation why to protect your sensitive data, types of data and advice on how to protect data at rest, in motion and in use.
14.08 Blog
Key features of employee monitoring software
Key features of employee monitoring software
Are you sure that your employees do not goof off? Are you sure your employees are not idling away precious hours of productivity they rather spend on work-related tasks?
Healthcare app, college students' data and other leaks
Patient details, telecom user data, low security level at a university - data breaches have already become frequent in the healthcare, telecom and education sectors.
User activity audit, investigation
There are so many contextual factors to sift through that actually finding the newest threat and eliminating it is an encumbering job.
Compliance
Regulatory internet data laws you should be aware of and maintain compliance with
Use case: access control and change management
The solution boosts risk assessment ensuring that access rights are properly managed and privileged user activity is under control, data access policies are in place and kept updated.
Data protection and classification
The massive impact of access to your data being obtained and an outsider security risk materializing cannot be overstated.
04.08 Blog
Access rights audit
Our data need insurance, and just like we have to cover every other potential risk that we couldn’t afford compensating for if it materialized, we need to conduct a security audit of our sensitive data.
04.08 Blog
Impactful data breaches in 2020 so far
Sometimes people do the simplest cyber security mistakes, namely, misconfiguring a database or using the same password for their bank account that they used for their social media
31.07 Blog
Life changing risks pentesters take to help you boost security (cont.)
The very courthouse that they broke into last night and now they’re sitting in the courthouse waiting to see the judge.
The Twitter breach seems to be an insider job
Accounts were targeted on the 15th of July, and the investigation is ongoing.
28.07 Blog
Life changing risks pentesters take to help you boost security
Conducting a penetration test on a courthouse and defending in front of a judge in the same building a few hours after – this is what happened to two pentesters working under contract.
Malaysian telco customer data breach
A syndicate was gaining profit from illegal charges for services provided to clients of different telecom companies who weren’t aware of making payment.
27.07 Blog
EU largest telecom affected in a ransomware attack
Bleeping computer detected and reported the breach
22.07 Blog
Businesses’ role in cyber security and threat prevention
Businesses’ role in cyber security and threat prevention
The financial service company sector is targeted more than any other industry, as attacks against them account for over a quarter of cyberattacks.
Dutch authority charges under GDPR
Dutch Data Protection Authority charges Dutch Credit Registration Bureau €830,000.
How to comply with the Bill effectively?
The Personal Data Protection Bill has been developed for three years already and requires attention to the issue of efficient compliance.
Mobile device encryption
Businesses realized the important role devices play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security.
How to stop hackers
Hacking isn’t quite as flashy as in the movies and it takes a major time investment on the criminal’s part, however it is every bit as damaging and threatening to companies as it is portrayed
BMW and other car owners got their data breached
UK car owners got their data compromised. About half of a million car owners got their data exposed, the individuals including BMW, Hyundai, SEAT, Mercedes and Honda owners.
Corporate espionage
A little-known evil that is occurring today is the phenomenon of industrial espionage. In fact, this is a problem that has been around for quite some time.
UniCredit is fined by Garante
The Italian Data Protection Authority, also known as “Garante” (Garante per la protezione dei dati personali) has imposed a fine on UniCredit institution.
Internet privacy laws and regulations
Internet privacy laws and regulations
One of the greatest challenges in the world today is making the Internet a secure place.
The cloud services revolution
The cloud services revolution
Conducting software and web operations is an expensive endeavor indeed.
A vulnerability in a WordPress plugin
Credit card "skimmerware" - can you tell if a virtual transaction is safe?
Massive email-targeted incidents only now being resolved
Ransomware scammers have enough time and dark web - enough space till launched investigations get carried out.
The information security team
Cyber criminals are working very hard to discover top-secret company information in order to sabotage it or sell the information to other companies.
Security in an ever more connected world
We live in a world that is forever shrinking, and the more connected we become to the things in our environment, the more convenient our errands and everyday work become.
User data up for sale on the dark web
Pakistan and Indonesia got the data of patients and mobile users offered for a considerable sum
The CIA and its major security incident
The CIA and its major security incident
This year the processing of the court case considering the employee who breached the CIA's data in 2016 to WikiLeaks has been resumed
Tait Towers Manufacturing data compromised
The data breach has recently been announced by the gear provider
Monitoring solution in the cloud
According to the research conducted by SearchInform, each company detected a user attempt to take at least some corporate data, whereas only 26% controlled employee activity with the help of monitoring software.
BEML sensitive data leaked
BEML, Indian defence contractor, couldn't protect internal documents from appearing on the dark web
Intricate fraud impacting Electrolux revealed
Electrolux, Solid Bridge got affected in BEC attacks.
To be applied... New apps, new laws
Will the privacy limits be reconsidered? Dedigitisation as utopia
How to measure the performance of remote and onsite employees
Going remote is a challenge, and work discipline might “shiver”. There is a chance that as soon as employees put on slippers and robes they will feel too comfortable and that will impact the quality of their performance.
7 million Indians got their data affected
BHIM (Bharat Interface Money), an Indian mobile payment app, put user personal data in jeopardy.
How do crisis and stress affect your team?
The need to transfer employees to remote work appeared to be one of the reasons to get stressed - businesses have to make such a transition to avoid losses and try to keep it going for as long as required.
The ways companies risk security in a crisis: internal threats
The ways companies risk security in a crisis: internal threats
According to the research by SearchInform, 100% of companies identified the attempts of employees to take corporate data during the first months of using the company’s services
26.05 Blog
The ways companies risk security in a crisis: external threats
Pandemic, oil collapse, global economic crisis, there are enough reasons for concern in 2020. However, these are not the only factors that will influence businesses all over the world.
26.05 Blog
GDPR is brought to regulate personal matters
whereas a former contractor at Apple reveals Siri's ongoing wrongdoings
The rise of virtual private networks
Everyone is well aware that criminals on the internet are becoming savvier every day.
Security system provider faces lawsuits
Clients filed suits against the company's employees who allegedly spy on them via security cameras
Staying ahead of malware
Staying ahead of malware
With all the benefits that the worldwide connectivity of the Internet offers, so too come the vulnerabilities.
Have companies managed to shift to remote work?
SearchInform has conducted a research on companies’ experience in shifting to remote work and keeping business processes going.
Social engineering prevention
When cyber criminals target organizations, their target normally is people themselves, because they can be manipulated. 70 to 90 percent of data breaches occur as a result of social engineering.
Server performance monitoring
In order for a website to operate, a database to be accessed from a distance, or e-mails to be facilitated, there must be a server to power this process.
Deloitte and IDES launch investigation
The Pandemic Unemployment Assistance portal got briefly exposed after only one week of operating
Common unethical business practices
We live in a world full of risks and individuals who are willing to do others harm when an opportunity for personal gain presents itself.
As businesses keep staying remote
The insight into key threats and brief reminder why you shouldn't set it loose.
Software security and efficiency
Software security and efficiency
With all of the programs the ordinary user has installed on his computer, users are frequently proposed to have a software update performed.
Setting up access to company files
Due to potential social engineering and the fact that many losses that companies suffer are related to employees, access control system installation is a major factor in ensuring company security.
14.05 Blog
Construction companies are dealing with cyber threats
The pandemic makes violators reactivate and invade the systems of companies helping healthcare during the lockdown
Digital Ocean platform data breach
Personal data breach was announced by the company
12.05 Blog
Personal data protection
Personal data protection
Despite the greater amount of opportunities and convenience that the Internet provides us, we also find ourselves vulnerable in the event that we fall victim to an Internet scams.
29.04 Blog
Compliance issues in the workplace
Compliance issues in the workplace
One of the ways that companies are gaining more success and reducing crime is through compliance issue management – compliance on all policy, in a broad spectrum of areas.
Risk management
No matter what you do in life, there are always risks. And this is a good thing, because without risk, there is no potential reward.
Access control
We all know very well that companies have their secrets as to the way they operate and that companies are always interested in the state of their security and potential losses
Remote work: the way of the future?
Nobody would deny that the world is going digital. Like it or not, things are becoming ever more automated as technology facilitates business processes to an ever larger degree.
Social engineering attacks
Social engineering attacks
With how connected the Internet is today, a lot of information that we couldn’t afford to share is potentially within the grasp of the most inventive malicious predators online.
Project management tools
Project management software also provides us a range of benefits, from scheduling events to creating project plans, and there are certain methods and tools that, if taken into account, provide a multitude of benefits and evade numerous risks that make it worth obtaining
Risk management in healthcare
Our health information is a private issue. For a number of reasons, people’s health information being shared could result in negative consequences.
Employee time tracking
On both fronts, time tracking software stands to render the lives of employees and employers much easier.
Employee monitoring software: is it illegal?
The first question one might ponder is: “Is it illegal to monitor employees’ computers?” The issue of employee monitoring has become a bit of a contested topic in recent years.
Aptoide user exposure, the new data leak in healthcare
Unauthorise access is a pressing problem for the healthcare industry which might only escalate amid the current situation.
Have you got everything fixed?
Look at our brief reminder and maintain vigilance
NASA deals with the surge in phishing attacks
The pandemic topic keeps being exploited by the violators.
Indispensable services during lockdown
Indispensable services during lockdown
Solutions we use for remote working and industries we need for isolated living
Most expensive GDPR cases yet to be settled
British Airways and Marriott keep being investigated by ICO under GDPR
Morrisons' implication has been ruled out
And the company might “set precedent”, according to The Telegraph
Does GDPR have loopholes?
The Belgian Data Protection Authority published the litigation chamber’s decision showcasing the disputable situation
General Electric is dealing with a data breach
Canon Business Process Services which represents GE processes support had its email account comrpomised
SearchInform gets first feedback on the company's services
Any employee might do it – SearchInform revealed the most frequent security incidents within companies which applied to the company's services
Virgin Media faces a leak
One of the most perfect companies has people to complain
06.03 Blog
Cathay Pacific gets fined
The Information Commissioner's Office makes the company pay £500 000 - the biggest possible Data Protection Act 1998 fine
05.03 Blog
Is there a safe way of using apps?
And what is more dangerous: spyware or mere negligence when using digital services?
Telecom companies will be dealing with substantial fines
T-Mobile and Verizon are among the telecommunications companies on the verge of a huge penalty
Global surveys emphasise the damage inflicted by insider leak
97% of IT specialists are sure that incidents due to an insider can have a big impact
Impressive numbers of government data breach
Government appears to be as likely to mishandle data as commercial and industrial organisations
18.02 Blog
Estée Lauder could have exposed 440 million records due to a database leak
Phishing and unprotected databases have become reasons for serious leakage this week
13.02 Blog
6.5 million voters' data compromised
6.5 million voters' data compromised
6.5 million Israeli voters got their personal details leaked due to the lack of security measures.
11.02 Blog
Data Privacy Day
Data Privacy Day
January 28 - Data Privacy Day
28.01 Blog
Microsoft Elasticsearch databases compromised
Details of 250 million customers were endangered due to poor configuration.
23.01 Blog
Mitsubishi Electric is dealing with a leakage case
Mitsubishi Electric reported the data breach which triggerred the company's attention in summer.
21.01 Blog
Data breach statistics according to infosec specialists
6 out of 10 businesses dealt with a data breach during the past three years
Addresses online, listening to calls, disgruntled employee
1000 New Year Honour recipients’ data exposed online, thousands of Skype calls listened to without security protection, a dismissed co-founder stole €1,1 million to revenge.
Amazon employees get dismissed
Amazon employees have been dismissed for leaking personal information of clients to a third party.
Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.