Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials

Elie

In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. million potential victims of phishing kits; and 1.9 Drawing upon Google as a case study, we find 7–25% of exposed passwords match a victim’s Google account.

Google's Data on Login Thefts

Schneier on Security

This is interesting research and data: With Google accounts as a case-study, we teamed up with the University of California, Berkeley to better understand how hijackers attempt to take over accounts in the wild. Our research tracked several black markets that traded third-party password breaches, as well as 25,000 blackhat tools used for phishing and keylogging. academicpapers credentials google keylogging phishing

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

NHS is still assessing the cost of WannaCry one year later

Security Affairs

The report includes a case study related a “large NHS mental health trust” that was protected with Advanced Threat Protection that allowed to repeal a phishing email attack with a weaponized excel spreadsheet attachment. The UK’s Department of Health and Social Care provided an update on the efforts to secure the NHS IT infrastructure, with a focus on WannaCry overall costs.

What did you do for European Cyber Security Month?

IT Governance

Likewise, we explained the after-effects of a data breach , and continued our monthly review of phishing scams and of the latest data breaches and cyber attacks.