Computer Security News and Insights
A Single Employee's Phone Just Cost This Company Everything In August 2021, T-Mobile confirmed a massive data breach affecting over 50 million people. While the full attack chain was complex, the reality is that personal devices connecting to corporate environments create attack surfaces that most IT teams drastically
In April 2021, the FBI's IC3 reported that losses from internet crime topped $4.2 billion in 2020 — and a growing share of those incidents started on a mobile device. Not a server. Not a laptop in a locked office. A phone sitting in someone's pocket
Your Employees' Phones Are the Weakest Link Right Now In September 2021, Lookout reported that mobile phishing attacks had surged 161% since 2020. That's not a typo. The device your employees carry everywhere — the one they check 96 times a day — has become the primary attack surface
A Parking Lot Full of Malware In 2016, researchers at the University of Illinois dropped 297 USB drives across a campus. Nearly 48% were picked up and plugged into a computer. Some were plugged in within six minutes of being dropped. That study still haunts me because the fundamental behavior
A USB Drive in a Parking Lot Changed Everything In 2020, a Tesla employee was approached by a Russian national who offered him $1 million to plant malware inside the company's Nevada Gigafactory. The FBI arrested the threat actor before the attack succeeded, but the plan hinged on
In September 2019, a Chinese national named Yujing Zhang walked past security at Mar-a-Lago carrying a thumb drive loaded with malware. She told the front desk she was there to use the pool. That's tailgating — and it nearly compromised one of the most secured private facilities in the
A $10 Pair of Binoculars Can Beat Your $10 Million Security Budget In 2018, a researcher at a security conference demonstrated how he captured over 100 passwords simply by watching people type at airport gates and coffee shops over a two-week period. No malware. No phishing emails. No zero-day exploits.
In March 2021, a UK-based financial firm was fined after a visitor photographed sensitive client data sitting on an employee's desk — in plain sight, during a routine office tour. No hacking tools. No zero-day exploit. Just a smartphone camera and a messy workstation. That's the reality
The Breach That Started with a Single Employee In May 2021, a single compromised password shut down Colonial Pipeline and triggered fuel shortages across the Eastern United States. The credential was tied to a legacy VPN account that lacked multi-factor authentication. One employee. One password. $4.4 million in ransom
A $4.24 Million Wake-Up Call IBM's 2021 Cost of a Data Breach Report found the average breach now costs $4.24 million — the highest in the report's 17-year history. But here's the number that keeps me up at night: 85% of breaches involved
