Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Credit and debit cards have become the most prominent form of wealth access in the last decade. Once consumers pulled out thick wallets of cash—they now pull out thin clips of cards—if they bother using a card, not a watch or cellphone. Credit cards are necessary in modern life because they allow individuals to access their money instantly and because they can be better protected than physical money.

In early 2023, the FBI made a public service announcement warning that scammers had been targeting owners of timeshares in Mexico; they reported an estimated $39.6 million in losses involving only Mexico timeshares. Worldwide, countless more scammers are influencing consumers into signing binding contracts and pushing them into an endless cycle of issues. When created, timeshares and vacation clubs were exclusive, high-end vacation options. Each offered a unique option to those who purchased the services.

The sun produces enough energy every 90 minutes to power the world for a year. Despite this, in 2020, only around 0.2% of solar’s potential power production was utilized. Many organizations and nations have planned to move toward solar power. Still, consumers must have individual wealth, knowledge to vet potential installation companies, and wisdom to recognize and avoid potential traps.

Dell recently issued a notice regarding a data breach that occurred on May 9, which has reportedly affected over 49 million customers across the globe. According to a report by BleepingComputer, Dell initiated the distribution of notifications cautioning its customers that their personally identifiable information (PII) had been compromised in a data breach.

In a startling revelation, a hacker known as "kiberphant0m" has claimed responsibility for breaching a major Asian telecom company with annual revenues exceeding $5 billion. This breach, described as one of the largest and most damaging in recent history, has exposed a wealth of sensitive data and granted unprecedented access to the company's internal network.

When someone is born on US soil, they are a national citizen; with this distinction, they obtain a list of entitlements and benefits, as well as societal obligations and predetermined consequences for bad behavior. Digital citizenship works like this, with unique freedoms, consequences, and obligations.

In 2020, the world moved online, and the pandemic kicked industry demand into overdrive. Seemingly overnight, entire organizations yielded to the mandates pushed by health professionals, encouraging anyone not already online to make an account or two. That year, transaction card fraud totaled around $149 million in losses in the US and has only increased since then, up to $48 billion globally.

More organizations than ever are moving to online processes, offering convenience and efficiency to their consumers and clients. However, the move to digital isn’t without its risks; security audits assess the current state of an organization’s IT and data environments and then offer recommendations to improve them. Security audits are an essential aspect of an organization’s approach to data defense, especially when threats are moving and growing daily.

As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.

Despite growing security investments in prevention, detection and response to threats, users are still making uninformed mistakes and causing breaches. One of the basic tenets of KnowBe4 is that your users provide the organization with an opportunity to have a material (and hopefully positive) impact on a cyber attack. They are the ones clicking malicious links, opening unknown attachments, providing company credentials on impersonated websites and falling for social engineering scams of all kinds.