Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Middle East cyber-espionage is heating up with a new group joining the fold

    Source: ZDNet
    By: Catalin Cimpanu
    Published: August 27, 2019

    * The Middle East cyber-espionage scene has gotten a little bit more crowded this month with the discovery of a new hacking group that's been targeting the region since mid-2018.
    * In a report published earlier this month, ICS security firm Dragos said that Lyceum (Hexane) had repeatedly targeted oil and gas companies in the Middle East, with "Kuwait as a primary operating region."

  • Your Ultimate Guide to Cybersecurity: At Home, at Work, and on the Go

    Source: International Business Times
    By: Staff reporter
    Published: August 27, 2019

    * People know they should protect their physical valuables with locks and alarms, but when it comes to cybersecurity, most find themselves a little lost.
    * Most people will face at least one cyberattack throughout their lives, either at home or at work.

  • Cybersecurity Firm Imperva Discloses Breach

    Source: KrebsonSecurity
    By: Krebs
    Published: August 27, 2019

    * Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users.
    * "On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017," wrote Heli Erickson, director of analyst relations at Imperva.

  • Chrome's new password leak protection alerts you when your login has been hacked

    Source: Komando
    By: Janet Perez
    Published: August 27, 2019

    * Americans are not very careful about their passwords. Even with the growing number of large data breaches, it's hard to get people to change their passwords.
    * In February, Google released the Chrome Extension Password Checkup. As you log in to a site, the extension automatically scans your passwords as you enter them.
    * If it matches an exposed password you'll receive an alert to change it, as well as some suggestions on how to make your new password more secure.

  • The grim reality of cyberattacks: How to mitigate the risks?

    Source: IP Pro Portal
    By: Sonali Datta
    Published: August 26, 2019

    * According to a 2019 press release by Global Market Insights, the cybersecurity market's value is anticipated to reach $300 billion by 2024. * Sophisticated cybersecurity measures are important, but it is equally crucial to pay attention in securing company-owned devices and hardware from thefts, loss and misuse.

  • Hostinger Data Breach Affects Almost 14 Million Customers

    Source: BleepingComputer
    By: Ionut Ilascu
    Published: August 25, 2019

    * Hosting provider Hostinger today announced that it reset the login passwords of 14 million of its customers following a recent security breach that enabled unauthorized access to a client database. * Hostinger offered more details about the incident in a blog post today, saying that an unauthorized party accessed one of their servers and was then able to obtain further access to customer information. * This was possible because the server had an authorization token that allowed access and privilege escalation to a RESTful API used for queries about customers and their accounts, including phone numbers and home address or business address.

  • Sextortion scams are back, security expert warns

    Source: FOX News
    By: Brooke Crothers
    Published: August 23, 2019

    * Your account has been hacked and we have video proof of you watching sexual content on porn sites. Now we demand immediate payment in Bitcoin or we will release the video to the public.
    * Extortionists are able to convince victims that they have the goods on them by flaunting a victim's breached credentials - such as usernames, passwords, and addresses - that have been gleaned from the Dark Web then bolstering this with training in the dark art of extortion via DIY extortion guides, according to a report from Digital Shadows, a U.K.-based cybersecurity company.

  • Phishing: These are the companies that hackers impersonate when they try to steal your data

    Source: ZDNet By: Danny Palmer 22August2019

    * Microsoft is still the brand most spoofed by cyber criminals attempting to conduct phishing attacks - but fraudsters are increasingly sending phony emails claiming to be the likes of Facebook and Amazon to steal login credentials, financial data and other information from victims.
    * An analysis of phishing URLs and most-impersonated brands in recent months has been conducted by cybersecurity company Vade Secure.

    --_000_CY1P110MB0550780B480853BA08E4F9F6D0A40CY1P110MB0550NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

    --_000_CY1P110MB0550780B480853BA08E4F9F6D0A40CY1P110MB0550NAMP_--
  • Texas ransomware attacks show big gaps in cyber defenses - expect more like them

    Source: CNBC By: Kate Fazzini 22August2019

    * Texas is still recovering from a spate of ransomware attacks against small towns.
    * The attacks are highly worrisome because of how easy they were for criminals to execute and how vulnerable small towns in the U.S. may be.
    * Ransomware attacks are not always merely criminal acts - they have been used readily in the past by hostile nation-states and as a means to hobble critical services, including emergency care and vaccine production.
  • Hackers Targeting Healthcare with Financially Motivated Cyberattacks

    Source: Health IT Security By: Jessica Davis 21August2019

    * The healthcare sector is seeing a high frequency of financially motivated cyberattacks targeting personally identifiable information and patient data due to poor infrastructure security, FireEye finds.
    * While it's been clear for some time that hackers have targeted the healthcare sector given many providers operate on outdated or unsupported systems, new FireEye research explains the motivation behind the hacks, including attempts to steal research data.

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017