third party compromise – Page 2

LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC

Posted on February 28, 2023 by Zeljka Zorz

LastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the company’s third-party cloud storage service that hosted backups: &#822… Continue reading LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC→

50% of organizations have indirect relationships with 200+ breached fourth-party vendors

Posted on February 2, 2023 by Help Net Security

98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The Cyentia Institute. The study also found that 50 percent of organizations hav… Continue reading 50% of organizations have indirect relationships with 200+ breached fourth-party vendors→

GoTo now says customers’ backups have also been stolen

Posted on January 24, 2023 by Zeljka Zorz

GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere offerings. However, the attackers… Continue reading GoTo now says customers’ backups have also been stolen→

Why chasing risk assessments will have you chasing your tail

Posted on October 20, 2022 by Help Net Security

Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third parties, meaning they may feel the need to conduct over 5,000 risk assessments…. Continue reading Why chasing risk assessments will have you chasing your tail→

Your vendors are likely your biggest cybersecurity risk

Posted on September 5, 2022 by Help Net Security

As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations expanding their vendor base, there is a critical need for holistic third-party risk … Continue reading Your vendors are likely your biggest cybersecurity risk→

DigitalOcean customers affected by Mailchimp “security incident”

Posted on August 16, 2022 by Zeljka Zorz

A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on Monday. “On August 8th, DigitalOcean discovered that our Mailchimp account… Continue reading DigitalOcean customers affected by Mailchimp “security incident”→

Why cyber security can’t just say “no“

Posted on May 17, 2022 by Help Net Security

There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new computer, or installing a piece of software, your options were limited — if t… Continue reading Why cyber security can’t just say “no“→

Manage and monitor third-party identities to protect your organization

Posted on April 26, 2022 by Help Net Security

SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from cyberattacks due to third-party vulnerabilities. Monitor third-party identities and … Continue reading Manage and monitor third-party identities to protect your organization→

18% of the top 99 insurance carriers have a high susceptibility to ransomware

Posted on April 8, 2022 by Help Net Security

Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top 99 insurance carriers have a high susceptibility to ransomware. “The cyb… Continue reading 18% of the top 99 insurance carriers have a high susceptibility to ransomware→