Blog

(In) Secure Digest The New Year Edition: Stolen Code, DNA leaks and Safe Data Leak
(In) Secure Digest The New Year Edition: Stolen Code, DNA leaks and Safe Data Leak
In the final digest of 2023, we’ll tell about stealing corporate secrets, putative labourers, genetic information leaks and very vindictive employees.
Information Security Trends 2024
Sergio Bertoni, Lead Analyst at SearchInform, shares his thoughts and predictions on the key trends in information security for the year 2024.
Unexpected Findings With the Help of FileAuditor Part 2
The second task of the self-test was to check whether user access rights were distributed appropriately and eliminate violations (in case of detection).
Unexpected Findings With the Help of DCAP Solution, or how did we Performed Audit of our File System Part 1
Today we decided to reveal a few illustrative cases of how we performed audit of our own file storages and share that the statistics, provided by clients, isn’t an exaggeration.
Two Recent Information Security Incidents Resulted Into Exposure of Customer Data
Here's another roundup of the latest information security incidents you need to know about today.
Methods of Enhancing Users' IS Literacy: What is the Safest Password?
In this article, we share our experiences and advice on how to enhance employees’ IS-related competencies.
Connected Devices Remain the Most Popular Data Leakage Channel
SearchInform together with its partner NEXTA ÇÖZÜM surveyed representatives of 100 Turkish leading companies to find out how their experts ensure data leaks protection, whether they are planning to increase data security budgets and what data channels their security officers consider the riskiest.
Ways to Ensure Children’s Safety on the Internet: Cybersecurity Experts’ Views and Advice
On the occasion of World Children’s Day, we share an article, containing recommendations and a few tools, which can help to protect children from inappropriate content on the Internet.
Deepfake Science Basics: How are They Created and how to Detect Them
Alex Drozd, CISO of SeachInform, sheds light on deepfakes and how they are created.
Exposure of Data on Popular Singapore Hotel Group Clients and French Torrent Tracker Users’ Personal Details Compromise
Today we invite you to examine two recent major data leaks, exposing the details on hundreds of thousands of individuals.
(In)Secure Digest: a Leak via Contractor, Hack of Airline and Case of Corporate Fraud
(In)Secure Digest: a Leak via Contractor, Hack of Airline and Case of Corporate Fraud
At the end of the month, traditionally, we’ve  gathered a selection of high-profile IS incidents.
Casio and Redcliffe Labs Data Leaks Expose Customer Information
Today, let's examine the incidents those resulted in the disclosure of customer information at two large companies.
Film Festival Website Leak and Data Theft by Former Employee
Once again, we've rounded up two information security incidents worth knowing about with a short report to keep you informed.
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
Read the article to find out how to detect a cyber attack just in time and what are the best practices are for detecting cyber attacks.
A Case in Point: You’ve got Mail
Recently, it was the birthday of electronic mail. To celebrate the occasion, we would like to share the case study from our practice that involves email.
Not all the DLP Solutions are Equally Useful: How to Choose the System and not be Disappointed
In this article we will examine, DLP class systems reproaches are fair and which ones are unfair and will reveal, which limitations are typical for all DLP systems and which are in fact disadvantages of some specific products.
E-mail Compromise: How to Protect Business Against BEC-attacks
The senior analyst at SearchInform, Sergio Bertoni reveals, why BEC attacks are so popular and how to protect against them.
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
In a new roundup of recent information security incidents, we examine two more cases of inadvertent disclosure of private information.
How to Train Employees in Information Security Related Issues Efficiently
In this article, Sergio Luis Bertoni, Leading Analyst at SearchInform will share my observations, based on the practical experience in the sphere of educational courses development.
A Case in Point: Set a Search Rule to Catch a Thief
It's time to present a compelling case study that underscores the criticality of maintaining comprehensive visibility into your organization's file system.
Ransom Demand for Human Error and Two-year Data Leakage
Today we will examine two recent instances of data disclosure, both of which, as is often the case, have resulted in serious financial and reputational losses for the companies involved.
Leaked personal data of more than 500,000 employees and an unprotected 4GB database
Leaked personal data of more than 500,000 employees and an unprotected 4GB database
Today you will learn about the data leak of over 500,000 employees from a major clothing retailer and the 4GB open database from a popular digital publisher.
Two recent incidents involving inadvertent personal data exposure
In our new report on recent information security incidents, we examine two cases of inadvertent disclosure of personal data.
Two recent insider incidents: Tesla and Jefferson Health affected
It's time for another roundup of recent information security incidents. Today we're going to reveal details of the Tesla insider incident and the alleged patient data compromise at Jefferson Health.
SearchInform SIEM system – out-of-the box analytics and proactive incident management
Employees in charge of numerous organizations worldwide tend to understand the necessity to implement a SIEM class solution, which detects security events within the digital infrastructure.
The number of victims of the MOVEit vulnerability continues to grow: two recent major data leakages
Today, we are going to report on two recent data leakages caused by the well-known MOVEit Transfer attack.
Bunch of new personal data leak incidents: police officers and hospital patients affected
In this report we reveal details on the recent major data related incidents: exposure of hospital patients’ and police officers’ personal data.
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
The time has come to find out if July was full with information security incidents. In our traditional digest we've gathered the most memorable incidents.
A case in point: The thirst for revenge
A case in point: The thirst for revenge
Over the years of working, we have collected a large number of interesting cases. Some of them are amusing, some of them are surprising, but most of them has prevented serious losses for our clients. So, we figured: Why not share them with you?
Sabotage of a water treatment facility: a former employee endangered the health of thousands of people
We often report on incidents involving former employees. This time it is an incident that could have had serious consequences not only for the company itself but also for a large number of people.
Exposure of 61,000 private addresses and one more email error
Exposure of 61,000 private addresses and one more email error
This week we will look at two incidents that have affected thousands of people by exposing their personal information.
Human Vulnerabilities in Cyber Security
As technology continues to advance, one persistent problem remains: the vulnerability of humans to cyberattacks.
Implementation department specialists' workdays: millions of questions and the requirement to know literally everything
Implementation department employees can help customers to quickly manage to work with our solutions and benefit as much as possible from the software usage.
MSSP vs MDR
MSSP vs MDR
MSSP vs MDR: what should you choose? This article will help you understand which one suits to your business needs better.
Inadvertent disclosure of personal information
The Public Appointments Service accidentally leaked the personal data of 15,471 candidates for public jobs.
Risks of neural networks and chat bots usage
SearchInform expert reveals artificial intelligence usage related risks and shares advice on how to mitigate them.
One more victim of MOVEit application vulnerability and exposure of data on 260,000 car owners
Learn more about two recent data incidents, which affected Toyota and Prudential subsidiaries' clients.
How to put on a vacation
How to put on a vacation
We implement a few strategies to ensure secure access and help employees not to forget all the IS rules while they're on the road. Let's have a look at the checklist and find out, how we do it.
(In)secure digest:  data leaks with mileage, refuse to use AI and hack of an account
(In)secure digest: data leaks with mileage, refuse to use AI and hack of an account
The time has come for our traditional gather of so-called classic and extraordinary information security incidents, which were reported by mass media.
Recent data privacy incidents
A data leak and massive phishing attack on social network users.
Risk Management Certification
Let's consider one of the most significant frameworks for managing risk is ISO 31000, an international standard that provides principles, best practices, and guidelines for managing risk in organizations.
Leak and misuse of clients’ personal data
Details on a few incident related to violation of clients’ privacy.
The new portion of significant data incidents
Recently details on a number of tremendous data related incidents were exposed.
More than half of companies limit their protection with nominal information security literacy
A research on how companies prefer to train employees in information security and what methods do they implement
(In)Secure digest: if there was the “Darwin Award” in information security sphere – 2023 edition
(In)Secure digest: if there was the “Darwin Award” in information security sphere – 2023 edition
In this April compilation, you’ll find details on aquarium fraudsters, the financial manager, who squandered the company's money, "super-secure" apps, but something went wrong with them and much more.
05.04 Blog
EPP vs EDR
What is the difference between EPP and EDR? Do they complement each other or they should be used separately?
A new portion of fines for inadequate data protection
A new portion of fines for inadequate data protection
Details on a few cases when companies, which failed to implement adequate data protection were fined.
PCI certification
PCI DSS and PCI Certification: All You Need to Know
Certified Risk and Information Systems Control (CRISC)
Сybersecurity and risk management certification: ISACA and ISC
Best Digital Forensics Certifications
The article helps you answer the three most important questions when choosing the right IT security and digital forensics certification.
Australian companies have experienced large data privacy incidents
Australian large company Latitude Financial, involved in the financial industry and IP firm IPH have experienced data privacy incidents.
Large troves of tech giants’ data leaked
Large troves of tech giants’ data leaked
Recently, ACER and Acronis companies’ have experienced massive data related incidents.
Large retailer employees’ data leaked
WHSmith, British retailer has experienced an incident, which led to employees’ personal data leak.
(In)secure digest: enormous data leaks and insider’s revelations
(In)secure digest: enormous data leaks and insider’s revelations
The time has come to discuss major data realted incidents, which happened in February.
A famous video game publisher has recently experienced an alleged data related incident
An unidentified intruder has exposed Activision employees’ data. Overall, nearly 20.000 recordings were made publicly available.
Which sources should be controlled by the SIEM system first of all?
Which sources should be controlled by the SIEM system first of all?
It is very useful to maximize the SIEM system load to make sure that you won’t face a situation when something does not work appropriately in the real-life circumstances.
AI media manipulation service has leaked large trove of users’ data
AI photo editor Cutout.pro users’ data was leaked. Overall, 9 GB of generated pictures and other data was exposed.
The SearchInform DLP deals with the smartphone threat
Learn how the SearchInform DLP functionality helps to detect, whether an insider has a smartphone in hands.
Fizzy giant manufacturer experienced a data related incident
Fizzy giant manufacturer experienced a data related incident
Pepsi Bottling Ventures LLC data was illicitly obtained and extracted because of deployment of info stealer malware.
Data privacy incident in the healthcare sector
Details on a cybersecurity incident in the healthcare sector became publicly known recently.
Email marketing service hacked
MailChimp mail service was hacked… again
SIEM: Use Cases
We will examine more precisely top SIEM use cases.
Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.