Posts by Jay Roxe

4 min Breach Response News

Managing the Impact of the Ebay Breach on You and Your Company

eBay announced [http://blog.ebay.com/ebay-inc-ask-ebay-users-change-passwords/] earlier today that they were the victims of an attack that compromised the email address, encrypted password, physical address, phone number and date of birth of eBay customers.  It's important to note that the company indicated that they have not detected any fraudulent network activity and that credit card information was not taken. Breached Credentials #1 Attack Vector and #1 Most Commonly Sold Information on Bl

4 min Verizon DBIR

Breaches Of Unusual Size

The Verizon Data Breach Investigation Report always arrives with a whoosh as one of the most interesting – and entertaining – pieces of research to test my memory of quotes from Star Wars and The Princess Bride (I particularly enjoyed the subtle reference to Iocane Powder). In all seriousness, this year's DBIR reinforces some key trends and areas of focus. First off, the bad news:  Attackers get in fast, steal data very quickly, and can hang out and stay a while. Close to 100% of attacks show t

2 min

Cloud Service Risk: Cloud Monitoring Doesn't Matter

Some of the security concerns associated with cloud services seem pretty obvious:   75% of all companies have cloud services in use and almost all of them don't even know what those services are.  Almost all of the companies who have implemented our newly-released UserInsight [http://www.rapid7.com/products/user-insight/] product have found cloud service risk they were surprised about or employees who shouldn't be accessing the cloud.   In addition, the responsibility of these services is freque