Sign up to save your podcasts
Or
Share Data Broker Breaches - Insider Threats and More
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Data Broker Breaches - Insider Threats and More
In this episode of the Security Swarm Podcast, host Andy Syrewicze and guest Eric Siron provide a comprehensive monthly threat review. They cover several major cybersecurity incidents and trends from the past month, including:
-
The massive data breach at data broker National Public Data exposed over 2.9 billion personal information records. They discuss the risks of this breach, such as increased targeted phishing and social engineering attacks.
-
A joint government agency warning about the Ransom Hub ransomware has impacted over 200 victims since February 2022, including critical infrastructure and high-profile organizations.
-
A case study of an IT administrator who held his employer's systems for ransom by deploying logic bombs, highlighting the risks of insider threats even within trusted IT teams.
They also touch on the topics of vendor risk management and the history of election tampering and provide recommendations for organizations to mitigate these threats. In conclusion, EP62 provides valuable insights into the ever-changing cybersecurity landscape and offers practical advice for security professionals.
Do you want to join the conversation? Join us in our Security Lab LinkedIn Group!
Key Takeaways:
-
The National Public Data breach exposed a vast amount of personal information, including names, email addresses, phone numbers, Social Security numbers, and more. This creates risks of more targeted phishing and social engineering attacks.
-
The continued use of easily abused identification methods like Social Security numbers underscores the urgent need to explore more secure alternatives, such as cryptographic key pairs. This is crucial in reducing the risks of identity theft.
-
Insider threats from trusted IT staff members can pose a significant risk, as evidenced by the case of an IT admin holding their employer's systems for ransom. Implementing practices like just-in-time administration and least-privilege access is crucial to mitigate these potentially devastating threats.
-
Overreliance on cloud-based services and a single vendor for critical business functions can lead to vendor risk and single points of failure.
-
Election security remains a significant concern, with the threat of interference and disinformation campaigns continuing. Ensuring robust cybersecurity measures at the state and local levels is crucial for protecting the integrity of elections.
Timestamps:
(03:17) The National Public Data Breach
(12:21) The Issues with Social Security Numbers
(18:02) The Danger of Insider Threats
(27:10) The Risks of Vendor Dependence
(34:12) Recommendations for Protecting Against Threats
Episode Resources:
Security Lab LinkedIn Group
In-depth analyses from Hornetsecurity’s Security Lab
#StopRansomware: RansomHub Ransomware | CISA
Passkeys in Microsoft Entra: Benefits, Implementation Tips & More (hornetsecurity.com)
How Threat Actors Tamper with Elections (hornetsecurity.com)
--
Secure your organization against the evolving threat landscape! Discover how Hornetsecurity's Advanced Threat Protection, Security Awareness Service, and 365 Total Protection can safeguard your business from data breaches, insider threats, and more. Learn more and protect your organization today!
View all episodes
By Hornetsecurity
5
55 ratings
In this episode of the Security Swarm Podcast, host Andy Syrewicze and guest Eric Siron provide a comprehensive monthly threat review. They cover several major cybersecurity incidents and trends from the past month, including:
-
The massive data breach at data broker National Public Data exposed over 2.9 billion personal information records. They discuss the risks of this breach, such as increased targeted phishing and social engineering attacks.
-
A joint government agency warning about the Ransom Hub ransomware has impacted over 200 victims since February 2022, including critical infrastructure and high-profile organizations.
-
A case study of an IT administrator who held his employer's systems for ransom by deploying logic bombs, highlighting the risks of insider threats even within trusted IT teams.
They also touch on the topics of vendor risk management and the history of election tampering and provide recommendations for organizations to mitigate these threats. In conclusion, EP62 provides valuable insights into the ever-changing cybersecurity landscape and offers practical advice for security professionals.
Do you want to join the conversation? Join us in our Security Lab LinkedIn Group!
Key Takeaways:
-
The National Public Data breach exposed a vast amount of personal information, including names, email addresses, phone numbers, Social Security numbers, and more. This creates risks of more targeted phishing and social engineering attacks.
-
The continued use of easily abused identification methods like Social Security numbers underscores the urgent need to explore more secure alternatives, such as cryptographic key pairs. This is crucial in reducing the risks of identity theft.
-
Insider threats from trusted IT staff members can pose a significant risk, as evidenced by the case of an IT admin holding their employer's systems for ransom. Implementing practices like just-in-time administration and least-privilege access is crucial to mitigate these potentially devastating threats.
-
Overreliance on cloud-based services and a single vendor for critical business functions can lead to vendor risk and single points of failure.
-
Election security remains a significant concern, with the threat of interference and disinformation campaigns continuing. Ensuring robust cybersecurity measures at the state and local levels is crucial for protecting the integrity of elections.
Timestamps:
(03:17) The National Public Data Breach
(12:21) The Issues with Social Security Numbers
(18:02) The Danger of Insider Threats
(27:10) The Risks of Vendor Dependence
(34:12) Recommendations for Protecting Against Threats
Episode Resources:
Security Lab LinkedIn Group
In-depth analyses from Hornetsecurity’s Security Lab
#StopRansomware: RansomHub Ransomware | CISA
Passkeys in Microsoft Entra: Benefits, Implementation Tips & More (hornetsecurity.com)
How Threat Actors Tamper with Elections (hornetsecurity.com)
--
Secure your organization against the evolving threat landscape! Discover how Hornetsecurity's Advanced Threat Protection, Security Awareness Service, and 365 Total Protection can safeguard your business from data breaches, insider threats, and more. Learn more and protect your organization today!