SolCyber Blog

Enterprises are attractive, high-value targets for hackers; and, because enterprises often have more employees and a more complicated environment, protecting against phishing and social engineering attacks is even more difficult. The Dropbox breach of late 2022 is a prime example of this weakness. Hackers emailed a large number of Dropbox employees, directing them to a malicious website where their credentials were stolen. This kind of risk is more common than not. According to the 2023 Verizon Data Breach Report, 74% […]

Email is the second-most common vector for cyberattacks, according to the latest data breach report from Verizon while IBM’s Cost of a Data Breach report for 2023 indicates that Business Email Compromise (BEC) attacks, one type of email attack, resulted in an average loss of $4.67 million. Clearly, these attacks are succeeding against organizations. However, by following a few best practices, you can prevent many of the most common email-based cybersecurity incidents. 1. Invest in email/spam filters A sophisticated email […]

2023 has furnished an onslaught of data breaches, smashing 2022’s numbers, and putting an exclamation point on the need for companies of every size to invest in cybersecurity. By September 2023, there were already 20% more data breaches in the US than in the entirety of 2022. Probably most alarming is that 98% of all organizations have a relationship with at least one vendor that has been breached in the last two years. In an extensive study of the 2023 […]

Phishing emails are often sent out en masse and target people indiscriminately. According to a recent Gone Phishing Report, 7% of users clicked a phishing email in 2022. Of those, 44% submitted credentials in a subsequent online form. As high as these statistics are, spear phishing attacks–a highly targeted form of phishing–are much more successful. According to research by Barracuda, 11% of spear phishing email recipients click the links inside them. Let’s dive into what spear phishing is, why it’s […]

Enterprises are attractive, high-value targets for hackers; and because enterprises often have more employees and a more complicated environment, protecting against phishing and social engineering attacks is even more difficult. The Dropbox breach of late 2022 is a prime example of this weakness. Hackers emailed a large number of Dropbox employees, directing them to a malicious website where their credentials were stolen. This kind of risk is more common than not. According to the 2023 Verizon Data Breach Report, 74% […]

Business Email Compromise (BEC) is a type of email cybercrime in which attackers impersonate the owner of an email account in an effort to defraud a company. The attack, which is increasing in prevalence, often looks to obtain funds or credentials. Global losses from BEC attacks have increased by 17% from December 2021 to December 2022, reports the FBI’s Internet Crime Complaint Center (IC3). From October 2013 to December 2022, the IC3 recorded over $50 billion in global losses due […]

The year 2023 hasn’t been kind in terms of data breaches. By October, the number of data compromises was already up by 17% (2,116 compromises) compared to the entirety of 2022. An Apple-commissioned study carried out by MIT professor Dr. Stuart Madnick labels the current state of data breach prevalence as an “epidemic.”  The Identity Theft Resource Center (ITRC) attributes the 2023 increase to the combined increase of zero-day vulnerabilities, ransomware attacks, and supply chain attacks. Each of these elements […]

During my 25 years of working in the security space, I’ve seen many shifts both in the security industry and the world outside of it. The technology that has been developed in the last two decades has drastically affected the way we work and the way we secure our business operations and data. I’ve watched as the industry shifted from securing data on servers to the cloud, and I believe another equally disruptive shift is coming soon. There are many […]

As cyber threats grow more numerous and sophisticated, they’ve placed an excessive burden on IT departments. Managed security services have emerged as a way to better serve a company’s cybersecurity needs and fill key gaps. There are many types of managed security services each with its own benefits and best applications. Let’s look at some of the more common types of managed security services to help you understand which might be the best for your organization. Types of managed security […]

The days of purchasing anti-virus software for your organization and knowing that’s all you need to do to be secure are long gone. Businesses large and small need a full security tech stack that includes a variety of tools and solutions to address a multitude of threats. The cybersecurity market, however, is crowded. With more than 3,500 vendors to choose from, it can be difficult to assess which vendors will best address your security concerns. The issue is further complicated […]

SolCyber is participating in Channel Program’s Annual Holidaze event starting today and running until on December 15th and we’d love to see you there!   Holidaze is a 10-day virtual event that brings together vendors and IT Professionals. It’s an awesome opportunity to network and learn about the current vendor landscape. Additionally, each day, two lucky participants will win a grand prize, valued at more than $500!   Prize up for grabs on DAY 7 is a limited edition Spiderman PS5! Don’t […]

The U.S. Securities and Exchange Commission (SEC) has been busy trying to protect investors from losing funds due to cyberattacks. As the number of cyberattacks continues to rise, the SEC has taken a hard stance: A breach is an inevitability. To help affected parties, companies need to be prepared and communicate when an incident occurs. In March of 2022, the Cyber Incident Reporting for Critical Infrastructures Act of 2022 (CIRCIA) was signed into law. The SEC has since proposed additional updates to […]

As the threat landscape continues to grow and shift and cyberattacks continue to rise, many companies are looking for new ways to defend themselves against bad actors, nation-states, and competitors trying to hack their systems and steal intellectual property. One major threat organizations may not be on top of is the one that lurks within their company — insider threats. It’s estimated that 60% of data breaches are caused by insider threats, and a study by the Ponemon Institute found […]

The underlying protocol that handles email sending—SMTP (Simple Mail Transfer Protocol)—is dangerously outdated. Initially developed in 1982, SMTP remains the de facto standard for sending emails because of its simplicity, compatibility, and efficiency. However, SMTP can be easily abused by threat actors. One simple way to do this is to “spoof” email addresses, which is using a fraudulent email address to impersonate a legitimate one. To deal with some of these vulnerabilities, key authentication protocols bolster SMTP and make it […]

Enterprises are attractive, high-value targets for hackers; and, because enterprises often have more employees and a more complicated environment, protecting against phishing and social engineering attacks is even more difficult. The Dropbox breach of late 2022 is a prime example of this weakness. Hackers emailed a large number of Dropbox employees, directing them to a malicious website where their credentials were stolen. This kind of risk is more common than not. According to the 2023 Verizon Data Breach Report, 74% […]

Email is the second-most common vector for cyberattacks, according to the latest data breach report from Verizon while IBM’s Cost of a Data Breach report for 2023 indicates that Business Email Compromise (BEC) attacks, one type of email attack, resulted in an average loss of $4.67 million. Clearly, these attacks are succeeding against organizations. However, by following a few best practices, you can prevent many of the most common email-based cybersecurity incidents. 1. Invest in email/spam filters A sophisticated email […]

2023 has furnished an onslaught of data breaches, smashing 2022’s numbers, and putting an exclamation point on the need for companies of every size to invest in cybersecurity. By September 2023, there were already 20% more data breaches in the US than in the entirety of 2022. Probably most alarming is that 98% of all organizations have a relationship with at least one vendor that has been breached in the last two years. In an extensive study of the 2023 […]

Phishing emails are often sent out en masse and target people indiscriminately. According to a recent Gone Phishing Report, 7% of users clicked a phishing email in 2022. Of those, 44% submitted credentials in a subsequent online form. As high as these statistics are, spear phishing attacks–a highly targeted form of phishing–are much more successful. According to research by Barracuda, 11% of spear phishing email recipients click the links inside them. Let’s dive into what spear phishing is, why it’s […]

Enterprises are attractive, high-value targets for hackers; and because enterprises often have more employees and a more complicated environment, protecting against phishing and social engineering attacks is even more difficult. The Dropbox breach of late 2022 is a prime example of this weakness. Hackers emailed a large number of Dropbox employees, directing them to a malicious website where their credentials were stolen. This kind of risk is more common than not. According to the 2023 Verizon Data Breach Report, 74% […]

Business Email Compromise (BEC) is a type of email cybercrime in which attackers impersonate the owner of an email account in an effort to defraud a company. The attack, which is increasing in prevalence, often looks to obtain funds or credentials. Global losses from BEC attacks have increased by 17% from December 2021 to December 2022, reports the FBI’s Internet Crime Complaint Center (IC3). From October 2013 to December 2022, the IC3 recorded over $50 billion in global losses due […]

The year 2023 hasn’t been kind in terms of data breaches. By October, the number of data compromises was already up by 17% (2,116 compromises) compared to the entirety of 2022. An Apple-commissioned study carried out by MIT professor Dr. Stuart Madnick labels the current state of data breach prevalence as an “epidemic.”  The Identity Theft Resource Center (ITRC) attributes the 2023 increase to the combined increase of zero-day vulnerabilities, ransomware attacks, and supply chain attacks. Each of these elements […]

SolCyber is participating in Channel Program’s Annual Holidaze event starting today and running until on December 15th and we’d love to see you there!   Holidaze is a 10-day virtual event that brings together vendors and IT Professionals. It’s an awesome opportunity to network and learn about the current vendor landscape. Additionally, each day, two lucky participants will win a grand prize, valued at more than $500!   Prize up for grabs on DAY 7 is a limited edition Spiderman PS5! Don’t […]

The U.S. Securities and Exchange Commission (SEC) has been busy trying to protect investors from losing funds due to cyberattacks. As the number of cyberattacks continues to rise, the SEC has taken a hard stance: A breach is an inevitability. To help affected parties, companies need to be prepared and communicate when an incident occurs. In March of 2022, the Cyber Incident Reporting for Critical Infrastructures Act of 2022 (CIRCIA) was signed into law. The SEC has since proposed additional updates to […]

As the threat landscape continues to grow and shift and cyberattacks continue to rise, many companies are looking for new ways to defend themselves against bad actors, nation-states, and competitors trying to hack their systems and steal intellectual property. One major threat organizations may not be on top of is the one that lurks within their company — insider threats. It’s estimated that 60% of data breaches are caused by insider threats, and a study by the Ponemon Institute found […]

The underlying protocol that handles email sending—SMTP (Simple Mail Transfer Protocol)—is dangerously outdated. Initially developed in 1982, SMTP remains the de facto standard for sending emails because of its simplicity, compatibility, and efficiency. However, SMTP can be easily abused by threat actors. One simple way to do this is to “spoof” email addresses, which is using a fraudulent email address to impersonate a legitimate one. To deal with some of these vulnerabilities, key authentication protocols bolster SMTP and make it […]