Skip to main content
Welcome to the Community Weekly Highlights!

#HappyFriday

 

This is a weekly series to highlight the best articles and stories happening all across the web. 

What was your favorite story? What topics would you like to see? Sound off in the comments!

 



10 Mistakes End Users Make That Drive Security Managers Crazy

Based on interviews with Forrester's Maxim and IDC's Frank Dickson and Robert Westervelt, Dark Reading pinpointed 10 common ways employees mishandle - and inadvertently breach - an organization’s security:


  • Leaky Amazon S3 Buckets
  • Leaving a laptop at the security line at an airport
  • Losing track of corrupted thumb drives
  • Mishandling company information
  • Sloppy care of security cameras and other devices with IP addresses
  • Careless handling of BYOD devices
  • Poor handling of user privileges
  • Lax attention to "tailgating" at physical entry points
  • Improper handling of sensitive medical data
  • Blogging about work matters
 

Get all the information on how to better protect your Organization.

 



YES Bank fined $1 million over massive ATM breach

The Reserve Bank of India has hit YES bank with a $1 million fine for failing to promptly report a breach of its ATM network.



 

The malware compromised customer debit card details, leading India's top banks to advise some customers to change PIN codes and to recall millions of debit cards. A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600). 

 

Read the full Story.

 



59% of Employees Hit by Ransomware at Work Paid Ransom Out of Their Own Pockets

A survey of more than 1,000 office workers carried out by business cloud services provider Intermedia has revealed that 59% of employees that had their computer hit by ransomware paid the ransom demand out of their own pockets. Only 37% said their employer paid the ransom. 



 

Employees cited shame and embarrassment over falling victim as the primary reasons. Most hoped to pay the ransom and decrypt company data before everyone else discovered the incident.

 

Get all the details of the Survey.

 



IoT anxiety is consuming security professionals

A new survey conducted by Forrester Consulting unveiled that security and LoB leaders are experiencing high levels of anxiety due to IoT/OT security concerns, largely due to the negative business ramifications a security failure can have on critical business operations.



 

“IoT and OT bring significant benefits to organizations around the world,” according to Forrester Research. “Enterprises are heading in the right direction when it comes to IoT security investments and our hope is to bring greater awareness to both the challenges as well as the best practices. However, this survey brings to light that more is needed to be done around IoT security", said Michael DeCesare, President and CEO atForeScout.

 

Dig into all of the insightful details of the Survey.

 



DNStwist Helps You Find Phishing Sites Based on Your Domain

Dnstwist is Python script created by Marcin Ulikowski over two years ago, but is still very useful, that allows you to detect phishing, typosquatters, and attack domains that are based on an inputted domain. If you are a site owner or in charge of your company's domain management and brand safety, this tool can be of great use in seeing sites that are trying to harm others by pretending to be your brand.

 

For basic usage, you can just simply input a domain to get a list of potential attack domains. While somewhat useful, by using various command line arguments you can further refine the search to get to the meat of what you are looking for.

 

See if DNStwist is a good tool for your Company!

 

What story from the last week the most important for you? We love hearing your feedback! 

First time hearing about this tool.  I'll have to add it to my toolbox.
Happy to hear it, @. Let us know how you like it. 

Reply