Author: Alex Tomasi

Forescout: More Than Your Average NAC

Today’s Brite Insight is brought to you by one of Brite’s certified Forescout Engineers, Matt Ostrowski.  Matt specializes in unique Forescout deployments and enjoys finding new ways to utilize the technology.  When people are first exposed to Forescout, it’s typically as a Network Access Control (NAC) solution.  But what is NAC? NAC is a security…

Read More

Relationships are everything in security

Executives for the St. Louis Cardinals, one of the most successful franchises in Major League Baseball history, are under investigation by the F.B.I. and Justice Department prosecutors. The front-office personnel are accused of hacking into an internal network of the Houston Astros to steal information. The accused hacking illustrates several pain points that enterprises across…

Read More

Breach Breakdown: Pentagon

  What happened: The U.S. Department of Defense suffered a data breach affecting at least 30,000 service members and employees.  An unnamed third-party vendor was compromised exposing the personal and payment card information of the military and civilian workers. The method and date of the attack are not known.  Pentagon leadership was informed of the…

Read More

Breach Breakdown: Shopper Approved

The Breach Shopper Approved is the latest Magecart victim.  A malicious JavaScript compromised the code of the popular plugin that online retailers can embed their sites to allow customers to post opinions and ratings. A payment card skimmer code had been added to a legitimate file that collected information entered in checkout forms. Compared to…

Read More

Breach Breakdown: Apollo

What Happened: Apollo Apollo is a sales engagement startup that helps salespeople connect with prospective customers.  This startup is the latest company who failed to properly protect their data. As a result, attackers were able to access the company contact database that is used to match sellers with potential buyers.  The prospect database contains 200…

Read More

Breach Breakdown: GovPayNow Leaks 14M+ Records

What Happened: GovPayNet (GovPayNow.com) is the latest victim of a data leak. The online payment company is used by more than 2,000 government agencies in 35 states for online payment of everything from traffic citations to court-ordered fines.   On September 14, 2018, it was discovered that more than 14 million customer records could be accessed…

Read More

Breach Breakdown: Veeam Exposed Customer Records

What happened: Veeam, a Swiss-based data company exposed more than 445 million records after using a misconfigured host on Amazon Web Services.  The issue was that it did not require any password to access. An independent security researcher, Bob Diachenko, discovered the open database on September 5. Diachenko notified Veeam about the issue but received no response. …

Read More