NormShield Blog

Steps to Mitigate What Happened in The Capital One Data Breach

Steps to Mitigate What Happened in The Capital One Data Breach

Capital One Bank announced [1] that on July 19, 2019, they determined an intrusion to their system that has affected approximately 100 million individuals in the United States and approximately 6 million in Canada. The stolen data includes “personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, […]

Major Third-party Breaches Revealed in June 2019

Major Third-party Breaches Revealed in June 2019

A recent survey conducted by Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies. Third-parties include a broad range of companies a company directly worked with […]

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

A third-party code sharing site was part of the latest breach. On July 6, the GitHub account of Canonical Ltd was hacked. Canonical is well-known for developing the famous Ubuntu Linux Distribution. The accounts on third-party code-sharing sites like GitHub may reveal critical information to adversaries when they are hacked. In a public announcement, Ubuntu […]

Worst Passwords of 2018

It’s Time To Change Your Password – Worst Passwords of 2018

By Joshua Belk, NormShield Security Team Every year these lists are published and for good reason. Many people don’t take the time to update the default settings or simply reuse the same password for everything. These are the Top 25 Worst Passwords from 2018 based on over 5 million leaked passwords.[1] Avoid them and protect […]

Major Third-party Breaches Revealed in May 2019

A recent survey conducted by Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies. Third-parties include broad range of companies a company directly worked with such […]

How To Measure What Hackers Know About You

Companies invest in cyber security to protect themselves against cyber attacks. They get cyber security products/solutions from SIEM solutions, SOC services to Firewalls, IPS/IDS devices, etc. to detect and remediate cyber incidents. With all these security measures, how safe are you? Is there a way to measure it? Or in other words, is it possible […]

Major third-party breaches revealed

Major Third-party Breaches Revealed in January 2019

A recent survey conducted by Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to previous year. Data breaches caused by third parties cost millions of dollars to large companies. Third-parties include broad range of entities a company directly worked with, such as […]

Popular Video-Sharing Platform Hit by Credential-Stuffing Attack

Popular Video-Sharing Platform Hit by Credential-Stuffing Attack

The popular video-sharing platform, DailyMotion, released an announcement on January 25 about a persistent attack on their system. It is an ongoing attack where attackers use previously compromised username/password combinations. The press release read: “The attack consists in “guessing” the passwords of some dailymotion accounts by automatically trying a large number of combinations, or by […]

Magecart attackers

An Attack on 3rd-Party Advertising Company Increased Cyber Risk of European E-Commerce Sites

A malicious code injected to a third-party Javascript of an advertising agency targets credit card information of online shoppers at European-based e-commerce sites. Many websites leverage Javascripts to track their visitors, collect analytics, etc. So, use of a Javascript library of an advertising agency is not uncommon. External Javascripts that run at your website pose […]

Top 3 Types of Third Party Caused a Data Breach

Top 3 Types of Third Party Caused a Data Breach

3rd-party (aka supply-chain) cyber attacks were one of the main reasons for major data breaches in 2018.  As NormShield, we regularly monitor, list, and analyze third-party data breaches. In our recent report, NormShield Major Third-Party Data Breaches of 2018, we provide a  recap of 3rd-party data breaches that hit the news in 2018. Third-party breaches […]