Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Permanent Mobile And Remote Security For Workers Is An Organization's Duty

    • As the spread of the virus persists and organizations realize that teleworking offers strong advantages for employers as well as employees, what appeared to be a temporary adjustment made on the fly is becoming a more prominent — and in some cases permanent — part of operations.
    • Companies may need to make some adjustments while enacting their business continuity and continuity of operations (COOP) plans in the current Covid-19 environment.
    • Many of those plans were originally intended as short-term responses to sudden emergencies, and they often were built on the presumption that most employees would still be getting together in a shared space of some kind, such as a secondary office site.
    • In some cases, the adjustments may involve processes such as ensuring end-to-end digital steps that include an on-premises paper-based stage.
    - Jonas Gyllensvaan | September 8, 2020
  • Your work laptop may not be as secure as it should be

    • With more employees than ever working from home, making sure that devices connected to the corporate network are secure has become a key priority for businesses.
    • Or so they claim: according to Kaspersky, 23% of desktops and 17% of laptops supplied by UK employers have no antivirus or cybersecurity software installed.
    • Companies have scrambled to implement internal controls and safeguards in the meantime, with IT leaders shifting their focus to fostering cybersecurity-savvy cultures in the workplace and a renewed focus on protecting critical capabilities and services.
    - Owen Hughes | September 8, 2020
  • Botnets: A cheat sheet for business users and security admins

    • Botnets are used to do all sorts of malicious things, like launch distributed denial of service (DDoS) attacks, spread malware, and mine cryptocurrency--all without the device's owner being aware that it's been hijacked.
    • That doesn't mean there aren't signs that an internet-connected device has been hijacked, and botnet victims aren't beyond saving.
    • The most common use of malicious botnets is to launch DDoS attacks that knock down websites, DNS providers, and other internet services.
    • DDoS attacks rely on massive amounts of traffic that paralyze a provider, making it impossible for legitimate traffic to reach it before eventually knocking it offline.
    - Brandon Vigliarolo | September 7, 2020
  • SMB Cybersecurity Catching Up to Enterprise… But the Human Element Still a Major Concern

    • Some believe hackers are aggressively targeting smaller firms because they believe SMBs lack adequate resources and enterprise-grade security tools, making them easier prey than larger businesses.
    • Yet even with improved technology to reduce threats, the human factor is still a significant concern; one single misstep by an employee can cause a breach that leads to a major security incident.
    • To achieve a truly effective security posture, SMBs must put systems in place to minimize human error that can turn an unintentional mistake into a security disaster.
    | September 7, 2020
  • The State Of Identity Security, 2020

    • Identities are the fastest growing and most vulnerable threat surface every organization has.
    • Enterprise IT and cybersecurity leaders are most confident they can stop a breach attempt based on privileged user access credentials – and least confident about stopping machine-to-machine and IoT-originated breaches.
    - Louis Columbus | September 6, 2020
  • APT Group Targeting FinTech Sector Changes Method of Attack

    • APT group Evilnum, known for its targeting of financial technology companies via fake know your customer (KYC) documents, has undergone a significant change in tactics and armory recently that the FinTech sector must be made aware of...
    • Instead of delivering four different LNK files in a zip archive that will be replaced by a JPG file, only one LNK is archived, which masquerades as a PDF containing several documents such as utility bills and credit card photos.
    • When the LNK file is executed, a JavaScript file is written to disk and executed, replacing the LNK file with a PDF.
    • This version of the JavaScript is the first stage of the infection chain, which leads to the delivery of a new Python Rat developed by Evilnum, which has been dubbed PyVil RAT.
    - James Coker | September 4, 2020
  • Organizations facing nearly 1,200 phishing attacks each month

    • IT professionals are dealing with roughly 1,185 phishing attacks per month, which breaks down to about 40 attacks each day.
    • Although just 6% of all phishing attacks result in a breach, many of the respondents determined that the employees at their organizations would not be able to spot and properly mitigate a phishing attack in real-time.
    • 38% of those surveyed also stated that last year, someone within their organization was tricked by a phishing attack.
    OODA Loop | September 3, 2020
  • How to keep your hybrid workforce safe in three easy steps

    • With many companies structuring their workforce around a model that accommodates around 30% remote workers, few were prepared for the jump to 100%.
    • While this transition brings a wave of opportunity for organizations and employees, it also opens new doors for bad actors to capitalize on strained IT departments who have taken on additional responsibility to ensure sensitive data remains secure, whether on or off the corporate network.
    - Mark Bowen | September 2, 2020
  • Phishing alert: See a tricky password-stealing scam in action

    • Phishing scams usually try to get you to their malicious payload as quickly as possible, so when security researchers discovered a new type of campaign featuring multiple steps and downloads, they knew they had to dive deeper.
    • As it turns out, this new campaign is just as dangerous as classic phishing schemes — and might even have an easier time making it to your inbox.
    • With phishing campaigns, you’re only as vulnerable as you are naive. If you’re wise to the tricks and skeptical about anything coming into your inbox, you won’t fall victim to one of these scams.
    - James Gelinas | September 2, 2020
  • China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks

    • A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher.
    • Researchers discovered the new malware being distributed over the past six months through two separate campaigns.
    • The first, in March, targeted European diplomatic and legislative bodies, non-profit policy research organizations and global organizations dealing with economic affairs.
    • The second, in July, targeted Tibetan dissidents. They tied the campaigns to APT group TA413, which researchers say has been associated with Chinese state interests and is known for targeting the Tibetan community.
    - Lindsey O'Donnell | September 2, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017