Blog

Slim CD Breach and Turkish Ministry Data Leak
Slim CD Breach and Turkish Ministry Data Leak
Here’s the first news roundup of the autumn, where we explore the details of the Slim CD data breach and provide updates on the Turkish Ministry of Health information leak during the pandemic.
Rising Breach Costs, AI’s Double-Edged Sword, and HealthEquity’s Data Drama
Rising Breach Costs, AI’s Double-Edged Sword, and HealthEquity’s Data Drama
In the last IS news roundup for July, we cover the key findings of IBM and Ponemon's Cost of a Data Breach Report 2024 and share details of the HealthEquity case.
A Turbulent Week for Tech and Travelers
A Turbulent Week for Tech and Travelers
This week's news roundup might not be the most uplifting for those planning a trip. However, it is important to dive deeper into the recent events to ensure you are well-informed before you head to the seaside.
Roblox Incident & Security Pros’ Fears
Roblox Incident & Security Pros’ Fears
Today we are going to talk about the details of the Roblox data breach and the main outcomes of a recent cybersecurity professionals survey.
Why Data Theft Can't be Tolerated – Yet Still it Happens
Why Data Theft Can't be Tolerated – Yet Still it Happens
It’s impossible to completely exclude the possibility of data theft, given the speed with which technology is developing and the volumes of assets going digital. However, the risks can be mitigated.
Insurance Market Shake-Up & Digital Diary Breach
Insurance Market Shake-Up & Digital Diary Breach
In this week's IS digest, we will delve deeper into the news about a recent incident and explore the outcomes of new research.
Cybersecurity Remains a Top Concern as Professionals Face Burnout
Cybersecurity Remains a Top Concern as Professionals Face Burnout
The present news digest explores the main findings of recent research on burnout among cybersecurity experts and the state of smart manufacturing in the automotive industry.
Beware of Fakes and Exes
This week’s news digest is about how fired and fake employees can cause disasters.
Cybersecurity Challenges Revealed by New Research & the Epsilon Case Completion
In this week’s cyber news review, we are going to delve deeper into the recent CDW research findings and the Epsilon case updates.
How to Select Data Security Solution and not Fall for Marketing
With information security threats on the rise, vendors release a slew of data protection solutions. Sergio Bertoni, Lead Analyst at SearchInform suggests following 4 steps to choose the one easily and avoid mistake.
8 Dangerous Employees’ Actions Which Endanger Corporate Security
8 Dangerous Employees’ Actions Which Endanger Corporate Security
Sergio Bertoni, the Senior analyst at SearchInform reveals typical mistakes basing on the real life stories.
(In) Secure Digest The New Year Edition: Stolen Code, DNA leaks and Safe Data Leak
(In) Secure Digest The New Year Edition: Stolen Code, DNA leaks and Safe Data Leak
In the final digest of 2023, we’ll tell about stealing corporate secrets, putative labourers, genetic information leaks and very vindictive employees.
Information Security Trends 2024
Sergio Bertoni, Lead Analyst at SearchInform, shares his thoughts and predictions on the key trends in information security for the year 2024.
Methods of Enhancing Users' IS Literacy: What is the Safest Password?
In this article, we share our experiences and advice on how to enhance employees’ IS-related competencies.
Connected Devices Remain the Most Popular Data Leakage Channel
SearchInform together with its partner NEXTA ÇÖZÜM surveyed representatives of 100 Turkish leading companies to find out how their experts ensure data leaks protection, whether they are planning to increase data security budgets and what data channels their security officers consider the riskiest.
Ways to Ensure Children’s Safety on the Internet: Cybersecurity Experts’ Views and Advice
On the occasion of World Children’s Day, we share an article, containing recommendations and a few tools, which can help to protect children from inappropriate content on the Internet.
Deepfake Science Basics: How are They Created and how to Detect Them
Alex Drozd, CISO of SeachInform, sheds light on deepfakes and how they are created.
Casio and Redcliffe Labs Data Leaks Expose Customer Information
Today, let's examine the incidents those resulted in the disclosure of customer information at two large companies.
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
Read the article to find out how to detect a cyber attack just in time and what are the best practices are for detecting cyber attacks.
Not all the DLP Solutions are Equally Useful: How to Choose the System and not be Disappointed
In this article we will examine, DLP class systems reproaches are fair and which ones are unfair and will reveal, which limitations are typical for all DLP systems and which are in fact disadvantages of some specific products.
E-mail Compromise: How to Protect Business Against BEC-attacks
The senior analyst at SearchInform, Sergio Bertoni reveals, why BEC attacks are so popular and how to protect against them.
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
In a new roundup of recent information security incidents, we examine two more cases of inadvertent disclosure of private information.
How to Train Employees in Information Security Related Issues Efficiently
In this article, Sergio Luis Bertoni, Leading Analyst at SearchInform will share my observations, based on the practical experience in the sphere of educational courses development.
SearchInform SIEM system – out-of-the box analytics and proactive incident management
Employees in charge of numerous organizations worldwide tend to understand the necessity to implement a SIEM class solution, which detects security events within the digital infrastructure.
The number of victims of the MOVEit vulnerability continues to grow: two recent major data leakages
Today, we are going to report on two recent data leakages caused by the well-known MOVEit Transfer attack.
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
The time has come to find out if July was full with information security incidents. In our traditional digest we've gathered the most memorable incidents.
A case in point: The thirst for revenge
A case in point: The thirst for revenge
Over the years of working, we have collected a large number of interesting cases. Some of them are amusing, some of them are surprising, but most of them has prevented serious losses for our clients. So, we figured: Why not share them with you?
Sabotage of a water treatment facility: a former employee endangered the health of thousands of people
We often report on incidents involving former employees. This time it is an incident that could have had serious consequences not only for the company itself but also for a large number of people.
Exposure of 61,000 private addresses and one more email error
Exposure of 61,000 private addresses and one more email error
This week we will look at two incidents that have affected thousands of people by exposing their personal information.
Human Vulnerabilities in Cyber Security
As technology continues to advance, one persistent problem remains: the vulnerability of humans to cyberattacks.
Implementation department specialists' workdays: millions of questions and the requirement to know literally everything
Implementation department employees can help customers to quickly manage to work with our solutions and benefit as much as possible from the software usage.
MSSP vs MDR
MSSP vs MDR
MSSP vs MDR: what should you choose? This article will help you understand which one suits to your business needs better.
Inadvertent disclosure of personal information
The Public Appointments Service accidentally leaked the personal data of 15,471 candidates for public jobs.
Risks of neural networks and chat bots usage
SearchInform expert reveals artificial intelligence usage related risks and shares advice on how to mitigate them.
Risk Management Certification
Let's consider one of the most significant frameworks for managing risk is ISO 31000, an international standard that provides principles, best practices, and guidelines for managing risk in organizations.
More than half of companies limit their protection with nominal information security literacy
A research on how companies prefer to train employees in information security and what methods do they implement
EPP vs EDR
What is the difference between EPP and EDR? Do they complement each other or they should be used separately?
Certified Risk and Information Systems Control (CRISC)
Сybersecurity and risk management certification: ISACA and ISC
The SearchInform DLP deals with the smartphone threat
Learn how the SearchInform DLP functionality helps to detect, whether an insider has a smartphone in hands.
Cybersecurity Statistics
Numerous cybersecurity issues: serious threats to businesses
Best Network Security Software
What should you look for when choosing a provider of best network security software?
(in)Secure digest: boredom motivated attacks, love to fines and ethical hack
We’ve compiled a selection of information security incidents, which became publicly known in September.
Outsourcing Security Services
Internal and external information security personnel
Best SIEM Tools
What is a SIEM system and how to choose one?
Best Endpoint Protection
Best Endpoint Protection
What is an efficient endpoint protection and a slight overvierw of best solutions.
Confidential documents and personal data leaked due to an insider activities
Central Florida construction firm has recently experienced a data breach. An employee stole a massive of confidential data just before resignation.
I resolve to… leave those security errors for good in 2021
I resolve to… leave those security errors for good in 2021
The resolutions for businesses to begin the New Year without old mistakes finally cleaning up the awareness mess which never seems to be untangled
Major fraud cases in healthcare revealed this year
Pfizer discovers an insider working for a competitor, whereas Genentech hit the news with a deep-rooted story months ago.
Facebook security upgrade decision leaked
The company decided to exempt a number of employees from groups which have access to internal message boards.
Government sector faces human factor data breach issue
Government sector faces human factor data breach issue
Australian public sector is concerned with the growing number of information leakage episodes due to employee mistakes.
A "remote" reminder
Don't set it loose when it comes to data security
(In)Secure digest: default passwords, sensitive info for free, and phisher salary
Every month we collect "classic" and non-trivial incidents on Infosecurity across the world and in Russia in particular. Here is our first digest for 2021.
Insider check: could you be damage to your company?
The test will define you as a certain type of insider. Remember: any employee could become a culprit of a leak, however, circumstances are different. We don’t mean to pretend “scientific”, we intend to make this test entertaining and informative.
2020 infosec in pictures
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
An entire database stolen, Microsoft hacked
People’s Energy company faces an overwhelming data exposure, Microsoft becomes another company tricked by hackers via SolarWinds in case the investigation proves it.
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Aetna charged $1m for three data breaches under HIPAA
The HIPAA (the Health Insurance Portability and Accountability Act) has exacted a $1 million penalty from Aetna, U.S. health care insurance company.
Shifting to the cloud
Almost half of IT companies shifted to the cloud during the lockdown
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
Today DLP system’s purpose is not just monitoring data leaks as it was in the beginning - now DLP systems are commonly used to solve a much broader list of problems.
Data Protection in the Cloud
Security innovations and strict compliance are key in achieving the utmost security for your cloud data.
The Darwin Awards in Information Security World
...or 7 stories about stupidity, careless work, credulity and their consequences
Information security in small businesses demands owners' and execs' attention
Each third employee considers information security within a company an average or a massive issue.
$3.86 million is an average expense when dealing with a data breach
500 organisations which experienced data breaches were studied during the survey.
Bribing an employee to compromise the company's security
A Nevada-based company's employee was bribed by a Russian fraudster to install a malware within the corporate network.
A 65% increase in phishing attacks
Agari reports results drawn from the company's recent survey covering the first half of 2020.
Ensuring security and compliance in multi-departmental teams
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
Use case: access control and change management
The solution boosts risk assessment ensuring that access rights are properly managed and privileged user activity is under control, data access policies are in place and kept updated.
Mobile device encryption
Businesses realized the important role devices play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security.
How to stop hackers
Hacking isn’t quite as flashy as in the movies and it takes a major time investment on the criminal’s part, however it is every bit as damaging and threatening to companies as it is portrayed
Internet privacy laws and regulations
Internet privacy laws and regulations
One of the greatest challenges in the world today is making the Internet a secure place.
The information security team
Cyber criminals are working very hard to discover top-secret company information in order to sabotage it or sell the information to other companies.
Monitoring solution in the cloud
According to the research conducted by SearchInform, each company detected a user attempt to take at least some corporate data, whereas only 26% controlled employee activity with the help of monitoring software.
BEML sensitive data leaked
BEML, Indian defence contractor, couldn't protect internal documents from appearing on the dark web
Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.