Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Here's How to Browse Your Way Through Phishing, Cyber Threats as You Work From Home during Covid-19
    • The number of registered phishing sites has been snowballing over the last three months.
    • In January, Google registered a total of 149,195 active phishing websites and the number increased to 522,495 in a span of two months, thereby showing a 350 per cent rise.
    • With cloud-based remote connectivity, there's a fair chance of hackers attempting to compromise employee devices and collect credentials that can give them access to companies' accounts and data.

      News 18 - Khushbu Jain and Brijesh Singh | April 5, 2020
  • 2020 Roundup Of Cybersecurity Forecasts And Market Estimates
    • Cybersecurity now dominates the priorities of every organization as each adapts to a post-COVID 19 world.
    • Remote workers identities' and devices are the new security perimeter.
    • This is what Zero Trust Security was designed for, and the post-pandemic world is its acid test and crucible.

      Forbes - Louis Columbus | April 5, 2020
  • Zoom Recordings Exposed
    • Zoom's value and use has skyrocketed over the last several weeks, mostly due to the COVID-19 pandemic.
    • Between December 2019 and March 2020, they have gone from 10 million users per day to 200 million.
    • Videos recorded through Zoom's software were saved onto a separate online storage space without a password.

      Security Boulevard - Jamie Gale | April 5, 2020
  • Hacking forum gets hacked for the second time in a year
    • OGUsers, one of the most popular hacking forums on the internet, disclosed today a security breach, the second such incident in the past year.
    • "It appears that someone was able to breach the server through a shell in avatar uploading in the forum software and get access to our current database dating April 2, 2020," said Ace, the forum's administrator.

      ZDNet - Catalin Cimpanu | April 3, 2020
  • Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer
    • Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization (WHO) with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure.
    • The body of the email contains multiple points about infection control and other suggestions and recommendations, which is obviously a lure to further compel the recipient to continue reading...and in a twisted fashion, the messaging pretends to address misinformation related to COVID-19/Coronavirus.

      threatpost - Elizabeth Montalbano | April 2, 2020
  • Coronavirus chaos 'golden age' for hackers – Robert Herjavec on how to protect yourself online
    • While there have been warnings for years about phishing emails and phone calls, Herjavec said they remain one of the most common scam tactics.
    • Herjavec said Zoom users can do things immediately to beef up privacy.

      CNBC - Kevin Stankiewicz | April 2, 2020
  • Protecting Office 365 from external and insider data breaches
    • Today, one out of every five corporate employees use Office 365 as more enterprises adopt the cloud-based suite of applications to reduce costs and increase productivity.
    • Office 365 combines multiple apps together, creating a honeypot of sensitive data and files that can be exploited.

      Enterprise Times - Brian Ussher | April 2, 2020
  • Why All Employees Are Responsible for Company Cybersecurity
    • A recent lawsuit filed regarding the infamous 2017 Equifax data breach revealed that the company was using "admin" as a username and password to protect sensitive data from 147 million customers — even though this password has been exposed through data breaches almost 50,000 times, according to the Have I Been Pwned database.
    • When new employees start working at your company, they need to make protecting business data (and their own jobs) a priority from the start.

      Dark Reading - Diya Jolly | April 1, 2020
  • 'Human-layer' cybersecurity and AI thwart data breaches
    • Data breaches are at an all-time high, because traditional cybersecurity methods just can't predict human behavior.
    • Over the past decade companies have been boosting their cybersecurity budgets and investments, yet data breaches are still on the rise. The reason? Human error.

      Venture Beat | April 1, 2020
  • Why COVID-19 makes the case to get rid of passwords
    • The current situation is only accelerating the trend of global economic dependency on the Internet, which continues to be a key strategic global driver for business.
    • The password and use of stolen and compromised credentials are now one of the single most vulnerable items to tackle if we are to meaningfully reduce online cybercrime.

      World Economic Forum - Ori Eisen and William Dixon | April 1, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017