NormShield Blog

Misconfigured Server by the Third Party Vendor Exposed 2.8 Million Customer Records

A security incident accidentally exposed 2.8 million customer information of CenturyLink due to a misconfigured MongoDB database affiliated with a third-party vendor. The name of the third-party vendor is not disclosed but it is a notification platform used by CenturyLink. The exposed data may include possibly including names, addresses, phone numbers, email addresses, and CenturyLink […]

Open Banking and Cyber Security in 10 Questions

1.  What is Open Banking? Open Banking is a system that shares financial institutions’ data, capabilities and/or processes to ensure the secure accession and availability of financial information to the users via third parties including fintech firms, technology providers, and other institutions by using Application Programming Interfaces (APIs). Your financial information is yours, and if […]

Major Third-Party Data Breaches Revealed in September 2019

Major Third-Party Data Breaches Revealed in September 2019

A recent survey conducted by the Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies and devastating to small businesses. Third-parties are those companies that support […]

Vulnerability Scanners vs. Cyber Risk Scoring Solutions

“Why would I need a cyber risk scoring solution when I already have a vulnerability scanner?” We get this question a lot. Cyber Risk Scoring Solutions such as NormShield Scorecards are in high demand to see what hackers see when they look at your network. These solutions are new in the cybersecurity marketplace and many […]

By 2020, More Than 3,500 New Phishing Domains will be Active, Targeting 50 Major Banks

The European Central Bank (ECB) website was hacked in August by an unknown group in the hope of being able to conduct phishing attacks. The hack has been utilized for phishing exercises, whereby adversaries attempt to acquire sensitive data or cash through misdirection. The financial industry is one of the top targets of hackers using […]

Major Third-Party Data Breaches Revealed in August 2019

Major Third-Party Data Breaches Revealed in August 2019

A recent survey conducted by the Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies and devastating to small businesses. Third-parties are those companies that support […]

Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach?

Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach?

The data breach experienced by American Medical Collection Agency (AMCA), a third-party bill-collection vendor for the health institutions, affected 17 health institutions including the United States’ biggest lab testing companies, Quest and LabCorps. The incident came to light in early June. Hackers exploited a vulnerability in AMCA’s web payment portal, the company’s database filled with […]

Steps to Mitigate What Happened in The Capital One Data Breach

Steps to Mitigate What Happened in The Capital One Data Breach

Capital One Bank announced [1] that on July 19, 2019, they determined an intrusion to their system that has affected approximately 100 million individuals in the United States and approximately 6 million in Canada. The stolen data includes “personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, […]

Major Third-party Breaches Revealed in June 2019

Major Third-party Breaches Revealed in June 2019

A recent survey conducted by Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies. Third-parties include a broad range of companies a company directly worked with […]

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

A third-party code sharing site was part of the latest breach. On July 6, the GitHub account of Canonical Ltd was hacked. Canonical is well-known for developing the famous Ubuntu Linux Distribution. The accounts on third-party code-sharing sites like GitHub may reveal critical information to adversaries when they are hacked. In a public announcement, Ubuntu […]