By Daniel Ingevaldson, CTO

With over 15 years of experience protecting some of the world’s biggest organizations from next-generation threats, Daniel is our guru when it comes to developing fresh approaches to online security and fraud. As our CTO, he defines and executes the strategies for researching and creating the next generation of Total Fraud Protection® products. Daniel previously co-founded Endgame, a cutting-edge organization focused on building endpoint detection and response (EDR) solutions for large government and enterprise clients. Before Endgame, Daniel joined Internet Security Systems (ISS) in the late '90s as a member of the famed X-Force research team. While at ISS and through IBM’s acquisition of ISS in 2008, Daniel held various research, engineering and strategy positions. Daniel holds a bachelor’s degree in Computer Science from Purdue University.

Transparent Malware Detection

Introducing Detect Safe Browsing Clientless – Transparent Malware Detection that Covers All Users

Share Button

Man-in-the-Browser (MITB) and web injection attacks are the most devastating threat on the Internet today, resulting in infinite number of compromised accounts. These attacks infect a webpage by taking advantage of security vulnerabilities in browsers and common web plugins, modifying web pages and transactions Read more

Anthem Records Hacked

80M Anthem Records Hacked: Where’s My Data Going? Who’s Buying?

Share Button

Details continue to emerge on the massive breach at health care company Anthem, in which hackers have gained access to information including names, birthdays, medical IDs, Social Security Numbers, street addresses, email addresses and employment information (including income), on up to 80 million people. Read more

Online-Dating

Dating Site Breached: 20M Credentials Stolen

Share Button

A hacker calling himself “Mastermind” is claiming to be in possession of over 20 million credentials for an unnamed dating site. These credentials are claimed to be 100% valid in a posting to a paste site. Included in the list are over 7 million credentials from Hotmail, 2.5 million from Yahoo and 2.2 million from Gmail.com. Read more

State of the Union Address

Cybersecurity Becomes a Focus in 2015 State of the Union Address

Share Button

In last night’s State of the Union address, President Obama urged Congress to pass legislation to better protect Americans from cyberattacks. The directive comes on the heels of concerning findings recently unveiled by ISACA:

Read more

dmarc_blog

DMARC Compass Offers New Powerful Features

Share Button

Easy Solutions is committed to supporting the emerging DMARC email authentication standard to help our customers communicate confidently and securely with their customers. We listened to your feedback and included some key features in this DMARC Compass™ release that improve performance, usability and management. Read more

Phishing Attacks Rise Again During the Holidays – Even for DMARC Protected Brands

Share Button

It is no secret that phishing attacks are growing in scope and the reason is quite simple: they are still effective. For the past several years, we have seen a marked increase in the number of email driven phishing scams that coincide with the holidays. Below you’ll find an email-driven phishing scam which shows a notification from FedEx—we’ve seen this with other brand-recognized delivery couriers like UPS and DHL. You can view the US-CERT advisory here. In this instance, the notification indicates that FedEx was unable to deliver a package because there was nobody available to sign for it. Once the recipient clicks on the invoice, the phishing attack is launched. With this kind of attack, the company purported to be sending the message is also a victim as the brands themselves become associated with fraudulent activities. Read more

A Practical Guide to Leverage DMARC

Share Button

Guide to Leverage DMARC

This week we launched a new addition to the Total Fraud Protection platform—DMARC CompassTM. DMARC Compass is a cloud-based service that was built to fill a giant, gaping hole in most anti-fraud programs and to provide huge and wide-ranging benefits to infosec, marketing, advertising, legal and sales teams. The problem with B2B or B2C email is two-fold—email is critical and nobody trusts it, especially with 100 billion pieces of spam sent on a daily basis. Read more

How Can DMARC Compass Help You Fight Fraud?

Share Button

DMARCToday, we announced a new product offering in our fraud intelligence family of products called DMARC CompassTM. If you are not yet familiar with the term, Domain-based Message Authentication, Reporting & Conformance or DMARC, is a technical specification and emerging standard designed to help reduce email fraud. You can read some earlier blog entries and announcements that we have made here, here and here.

Read more

Bash Cheat Sheet by American Banker

Share Button

American BankerUnsurprisingly, Bash has been dominating countless new sites over the past week. I recently spoke to Penny Crosman with American Banker and she wrote a story on what bankers need to know about Bash – it’s a must read.

Here’s the full article: http://www.americanbanker.com/issues/179_187/cheat-sheet-what-bankers-need-to-know-about-bash-software-bug-1070254-1.html

Shellshock – BASH Exploitation Likely to Affect Large Hosting Providers and Sites, Be Used to Create Botnets

Share Button
BASH
Shellshoch Bash

The new Shellshock vulnerability that affects the bash shell is one of the kind of vulnerabilities that makes old infosec guys chuckle. The bash vulnerability and its exploitation is not a marvel of complexity.  We’ll get into the specifics of how it works shortly. But first, let’s address who’s at risk. Read more