Illustration by jcomp On Sept. 15, Uber Technologies Inc. was breached by an 18-year-old. The hacker purchased an employee’s stolen credentials from the dark web and pushed a flood of multi-factor authentication (MFA) requests and fake IT messages to them in hopes of getting into their account. Irritated by the non-stop pop-ups, the employee caved in and approved the request, unwittingly setting off a cyberattack.

eCommerce is a trillion-dollar industry. But as the popularity of online shopping grows, so does the risk of refund fraud, which now costs businesses more than $25 billion every year. Refunds are a standard cost of retail — especially in eCommerce. But online shopping makes it much more difficult for businesses to investigate and verify valid refund demands from customers. Some customers take advantage of these difficulties by committing refund fraud.

It was the worst-case scenario for Uber, the popular ride-sharing app, when the company suffered a major data breach in early September. While the extent of the damage, and the data potentially stolen, is still being uncovered, the attack — and the methods used to execute it — can be examined and used to teach other organizations what (and what not) to do.

For the past few days, I’ve been getting a lot of messages asking about my experience at this year’s Black Hat USA. So in this post, I’ll be recapping the conference to give you an inside look at what was presented and provide some helpful perspective. Black Hat is one of the largest — and most talked about — cybersecurity conferences. Its inception dates back to 1997.

For the sixth consecutive year, Trustwave has been named a Top 10 MSSP by MSSP Alert in its 2022 Top 250 MSSPs List. Trustwave garnered 7th place on MSSP’s list, a strong indicator of the company’s status as a managed security service provider.

According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organizations fell victim to a phishing attack last year. Another report from PhishMe found that 91% of cyberattacks start with a phish, and the top reasons people are duped by phishing emails are curiosity (13.7%), fear (13.4%), and urgency (13.2%), followed by reward/recognition, social, entertainment, and opportunity.

With nearly every organization going through rapid digital transformations, it has become critical that security teams are equipped to provide seamless access for their remote users while keeping sensitive data secure. This is why I’m thrilled that Verizon has launched the Lookout suite of cloud security solutions to deliver security service edge (SSE) and ensure that customers can seamlessly secure their data and apps in the cloud, on premises and on the internet.

Lockbit3.0 is the number one ransomware group in the ransomware industry. The group’s operations are so vast and powerful, that we have witnessed weeks where Lockbit’s victim count was more than all other ransomware families altogether. Ever since Conti’s leaks, Lockbit overtook the ransomware throne without any intention of going down anytime soon.