With over 80% of successful data breaches being due to compromised login credentials, password managers are an essential tool for consumers. However, while cybersecurity starts with password security, it doesn’t end there. As ever-greater portions of our lives shift online, more of our data is being digitized. All of it needs to be properly secured,
Can you keep a secret? How about your organization’s data environment? In an IT network, a “secret” is any compact datum that must remain confidential. Typically, secrets are used for authentication or as input to a cryptographic algorithm. Common secrets include: Since IT network secrets unlock access to highly privileged systems and data, securing secrets
Why Is Accessibility Important? According to the World Health Organization (WHO), about 15% of the world’s population has a disability. The U.S. Census Bureau estimates that 18.7% of the U.S. population has a disability with almost 30 million people having motor or vision difficulties that impact their ability to access online websites, applications, and documents.
Between the year-end holidays and breach fatigue, it’s easy for consumers and organizations to fall into a sense of complacency around cybersecurity. Cybercriminals know this, so while many people are vacationing, they’re hard at work. Case in point: Numerous users of the LastPass password manager have been receiving disturbing emails over the past few days,
On Dec 10, 2021, Keeper’s security team researched a publicly-reported vulnerability regarding an open-source Java logging library developed by the Apache Foundation called Log4j (vulnerability number CVE-2021-44228). Within 24 hours following the public disclosure of CVE-2021-44228, Keeper’s security and DevOps teams published updates to its infrastructure and enterprise software applications to remediate and replace all
Cloud computing isn’t inherently less secure than on-prem infrastructure — if organizations configure their cloud instances properly. Unfortunately, in many cases, they do not. Cloud misconfigurations account for 65% to 70% of cloud security issues. What does “cloud misconfiguration” mean? It’s a rather broad term that covers many possible errors, but by far, the most
The holiday season may be in full swing, but cybercriminals don’t take holidays. In fact, during major holidays, they frequently take advantage of thinner staffing levels and distracted employees to up their ante. We can expect the breaches, ransomware, and other cyber hits to keep coming, and possibly even increase over the next few weeks.
Trading platform Robinhood has suffered a breach compromising the personal information of about 7 million customers. In an official blog post, Robinhood said that the incident took place on November 3, when a cybercriminal “socially engineered a customer support representative by phone” to gain access to the company’s customer support system. After exfiltrating data, the
Active duty service members, veterans, and their families are disproportionately targeted by cybercrime. According to the Federal Trade Commission (FTC), the military and veteran community lost over $420.5 million to online scams between 2016 and 2020, a figure that was 44% higher than the civilian population. Most cybercrimes targeting veterans involve phishing and other social
The 2021 holiday shopping season is upon us, and the National Retail Federation (NRF) expects sales to rise by 8.5% to 10.5%, an all-time high. However, retailers are also facing serious challenges, including labor shortages, global supply chain disruptions, and cybersecurity concerns. In a recent survey by the NRF, 76% of retail loss prevention professionals
The White House Executive Order on cybersecurity and the push for all federal agencies to adopt a zero-trust security framework will fundamentally reshape public sector information security strategies. The work ahead will be a continuing journey, from migrating legacy systems to cloud environments, to mandating Multi-Factor Authentication (MFA), to improving software supply chain security and
Updated on July 3, 2023. Supply chain attacks are a clear and present danger to organizations in all industries, but many companies underestimate this threat. To protect against supply chain attacks, organizations should establish vendor security requirements, use a zero-trust model, keep up with regular software updates and prepare an incident response plan. Continue reading
While many organizations treat governance, risk, and compliance (GRC) as a standalone department, GRC impacts every area of the enterprise. The negative impact of siloing GRC from the rest of the organization is especially clear during compliance audits. The audit process — already complex and time-consuming — is made even more difficult as GRC personnel
Microsoft made a bold statement last week when it suddenly announced that their users can now ditch their passwords and log in using Microsoft Authenticator, Windows Hello, a physical security key like a Yubikey, or an SMS/email verification code. Microsoft rolled out passwordless login for its business and education customers earlier this year, but this
It’s that time of the year again. Cybersecurity Awareness Month, which occurs every October, is an important annual event where government and industry leaders work together to increase awareness of cybersecurity best practices. This time last year, organizations and consumers were scrambling to adjust to the new everything-from-home realities ushered in by the COVID-19 pandemic.
Stating that the U.S. federal government “can no longer depend on perimeter-based defenses to keep its critical systems and data safe,” the Office of Management and Budget (OMB) and Cybersecurity Infrastructure Security Agency (CISA) released a draft memorandum outlining a very aggressive goal: to have all federal agencies adopt a zero-trust security architecture by 2024.
Keeper is pleased to announce a special 30% discount off our Keeper Unlimited and Family Plans to active duty and retired military, first responders, and healthcare workers, including: Reservists and National Guardsmen Veterans and retirees Military spouses, including surviving spouses, and dependent family members Firefighters, EMTs, law enforcement personnel, and other first responders Nurses, physicians,
One week after T-Mobile initially disclosed that it had been victimized by a data breach, the news just keeps getting worse for the telecom giant. What the company originally thought was a breach impacting just under 50 million consumers has now grown to over 53 million — and, as T-Mobile stresses on its website, it
A new report from the Ponemon Institute, commissioned by IBM Security, reveals that the COVID-19 pandemic pushed data breach costs to record highs, and consistent with other studies, most breaches involve compromised login credentials. According to “Cost of a Data Breach 2021,” organizations can expect to shell out an average of $4.24 million per incident,
Happy SysAdmin Appreciation Day! This Friday, July 30, 2021, is the 22nd annual System Administrator Appreciation Day, when organizations around the world demonstrate their appreciation to their hard-working SysAdmins. What is a SysAdmin? Systems administrators are the unsung heroes who toil behind the scenes to keep IT systems around the world running and secure. As