In June-August 2014, about 83 million customer records were stolen from JP Morgan Chase through a breach. The attackers were able to access over 90 servers using stolen credentials from an employee's infected machine. The breach went unnoticed for three months until a charity website was found to have had usernames and passwords purged from it. JP Morgan needs to focus on employee training, network segregation, monitoring systems, and protecting critical assets like customer databases. While expensive security measures may not be feasible for all companies, low-cost options like penetration testing and employee education can still help strengthen cyber defenses.
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
In this security insight brief, 21CT researchers look at the malicious network behaviors that concern organizations the most, and how to use security analytics to find them before damage is done. Understanding these 12 indicators of compromise are critical to identifying a network breach.
A detailed scenario of risks present in a proposed collaborative platform and the various steps involved with detailed risk assessment for the business environment.
A detailed analysis on one of the biggest data breaches in history...What JP Morgan Chase & Co did wrong and proposed mitigation techniques. The data breach at J.P. Morgan Chase is yet another example of how our most sensitive personal information is in danger.
.
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
In this security insight brief, 21CT researchers look at the malicious network behaviors that concern organizations the most, and how to use security analytics to find them before damage is done. Understanding these 12 indicators of compromise are critical to identifying a network breach.
A detailed scenario of risks present in a proposed collaborative platform and the various steps involved with detailed risk assessment for the business environment.
A detailed analysis on one of the biggest data breaches in history...What JP Morgan Chase & Co did wrong and proposed mitigation techniques. The data breach at J.P. Morgan Chase is yet another example of how our most sensitive personal information is in danger.
.
With every Security & Privacy Breach survey pointing towards insiders as a potential threat and incidents leading to data loss and violation of the corporate information security policy, it is imperative that we answer the following questions:
Who are these insiders?
What activities do they carry out to breach security?
Why an insider seeks to cause harm?
How do we mitigate this threat?
This course focuses on SCADA/ ICS systems. The title of this course is: Advanced Threat Detection in ICS – SCADA Environments.
In this course we take a look at the effectiveness of honeypots within a SCADA/ ICS context. A honeypot typically consists of data, or a network site that appears to be part of the organization’s network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Proactive Measures to Mitigate Insider ThreatPriyanka Aash
The threat posed by rogue insiders affects every organization worldwide. The difficulties in balancing employees’ legitimate need to access corporate data along with the need to compartmentalize access are often in conflict. This presentation will walk through several real-world insider threat cases and discuss proactive measures that could have greatly mitigated the damage and losses.
(Source: RSA USA 2016-San Francisco)
Bitdefender - Solution Paper - Active Threat ControlJose Lopez
This Solution Paper describes how Bitdefender's Active Threat Control can protect Windows Endpoints both desktops and servers from Advanced and 0-day threats like Cryptomalware thanks to a proactive-by-design, dynamic detection technology, based on monitoring processes’ behavior, along with tagging and correlating suspect activities with minimal footprint
Insider threats come in a variety of forms and may be malicious or simply the result of negligence. Insider attacks can cause more damage than outsider threats, so it is important that organizations understand how to protect against and remedy insider threats. Learn more about insider threats and GTRI's Insider Threat Security Solution in this presentation. (Source: GTRI)
This presentation includes information about Cisco Stealthwatch, which goes beyond conventional threat detection and harnesses the power of NetFlow. With it, you get advanced network visibility, analytics, and protection. You see everything happening across your network and data center. And you can uncover attacks that bypass the perimeter and infiltrate your internal environment. (Source: Cisco)
Malicious Insiders examines the role that insider play in sabotage, industrial espionage and fraud. We also examine how taking proactive steps reduces these risks.
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
See the 2022 version at: http://bit.ly/cyberdefensematrixrevolutions
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
If you're serious about becoming a successful, well-rounded IT professional, you need to
constantly broaden your skills and knowledge--and in some areas that might surprise you. This list details
key competencies that will help advance your career.
Una estrategia de pérdida de peso algo inusual que te va a ayudar a obtener un vientre plano en menos de 7 días mientras sigues disfrutando de tu comida favorita.
With every Security & Privacy Breach survey pointing towards insiders as a potential threat and incidents leading to data loss and violation of the corporate information security policy, it is imperative that we answer the following questions:
Who are these insiders?
What activities do they carry out to breach security?
Why an insider seeks to cause harm?
How do we mitigate this threat?
This course focuses on SCADA/ ICS systems. The title of this course is: Advanced Threat Detection in ICS – SCADA Environments.
In this course we take a look at the effectiveness of honeypots within a SCADA/ ICS context. A honeypot typically consists of data, or a network site that appears to be part of the organization’s network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Proactive Measures to Mitigate Insider ThreatPriyanka Aash
The threat posed by rogue insiders affects every organization worldwide. The difficulties in balancing employees’ legitimate need to access corporate data along with the need to compartmentalize access are often in conflict. This presentation will walk through several real-world insider threat cases and discuss proactive measures that could have greatly mitigated the damage and losses.
(Source: RSA USA 2016-San Francisco)
Bitdefender - Solution Paper - Active Threat ControlJose Lopez
This Solution Paper describes how Bitdefender's Active Threat Control can protect Windows Endpoints both desktops and servers from Advanced and 0-day threats like Cryptomalware thanks to a proactive-by-design, dynamic detection technology, based on monitoring processes’ behavior, along with tagging and correlating suspect activities with minimal footprint
Insider threats come in a variety of forms and may be malicious or simply the result of negligence. Insider attacks can cause more damage than outsider threats, so it is important that organizations understand how to protect against and remedy insider threats. Learn more about insider threats and GTRI's Insider Threat Security Solution in this presentation. (Source: GTRI)
This presentation includes information about Cisco Stealthwatch, which goes beyond conventional threat detection and harnesses the power of NetFlow. With it, you get advanced network visibility, analytics, and protection. You see everything happening across your network and data center. And you can uncover attacks that bypass the perimeter and infiltrate your internal environment. (Source: Cisco)
Malicious Insiders examines the role that insider play in sabotage, industrial espionage and fraud. We also examine how taking proactive steps reduces these risks.
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
See the 2022 version at: http://bit.ly/cyberdefensematrixrevolutions
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
If you're serious about becoming a successful, well-rounded IT professional, you need to
constantly broaden your skills and knowledge--and in some areas that might surprise you. This list details
key competencies that will help advance your career.
Una estrategia de pérdida de peso algo inusual que te va a ayudar a obtener un vientre plano en menos de 7 días mientras sigues disfrutando de tu comida favorita.
This presentation provides tips and tools to help nonprofit organizations develop relationships with funders. It focuses on building relationships with corporate funders, strategically communicating to capture a funder's attention, and how to solidify relationships by providing added value.
Studying the specifications of both Obi' Fox and Huawei, it was found that in most of the aspects, Obi has defeated Huawei. For more reviews you can visit Brands Dialogue.
This presentation focuses on utilizing community involvement to drive employee engagement. It is Part One of a three part series on Creating a Culture of Engagement.
User engagement relies greatly on the ease of accessing information, the flexibility in fulfilling transactions, and the time taken in the process. To continue delivering efficiency for the modern workforce
5 STEP PROCESS TO MOBILE RISK MANAGEMENT
1/ Understand how employees want to use Mobile Devices and Applications
2/ Identify potential threats
3/ Define the impact to the business based on probable threat scenarios
4/ Develop policies and procedures to protect the business to an acceptable level
5/ Implement manageable procedural and technical controls, and monitor their effectiveness
We are a new generation IT Software Company, helping our customers to optimize their IT investments, while preparing them for the best-in-class operating model, for delivering that “competitive edge” in their marketplace.
Security is not an area newly arisen in the wake of the 9/11 tragedy. There have always been reasons to be concerned:
conflicting priorities, business environmental factors, information sensitivity, lack of controls on the Internet, ethical lapses,
criminal activity, carelessness, and higher levels of connectivity and vulnerability. It’s a tradeoff between limiting danger
versus affecting productivity: 100 percent security equals 0 percent productivity, but 0 percent security doesn’t equal 100
percent productivity.
An Improved Method for Preventing Data Leakage in an OrganizationIJERA Editor
Data is one of the most important assets an organisation has since it denes each organisations unique- ness.It
includes data on members and prospects, their inter- ests and purchases, your events, speakers, your content,
social media, press, your staff, budget, strategic plan, and much more. As organizations open their doors to
employees, part- ners, customers and suppliers to provide deeper access to sensitive information, the risk
sassociated with business increase. Now, more than ever, within creasing threats of cyber terrorism, cor- porate
governance issues, fraud, and identity theft, the need for securing corporate information has become paramount.
Informa- tion theft is not just about external hackers and unauthorized external users stealing your data, it is also
about managing internal employees and even contractors who may be working within your organization for
short periods of time. Adding to the challenge of securing information is the increasing push for corporate
governance and adherence to legislative or regulatory requirements. Failure to comply and provide privacy,
audit and internal controls could result in penalties ranging from large nes to jail terms. Non-compliance can
result in not only potential implications for executives, but also possible threats to the viability of a corporation.
Insiders too represent a sign cant risk to data security. The task of detecting malicious insiders is very
challenging as the methods of deception become more and more sophisticated. There are various solutions
present to avoid data leakage. Data leakage detection, prevention (DLPM) and monitoring solutions became an
inherent component of the organizations security suite.DLP solutions monitors sensitive data when at rest, in
motion, or in use and enforce the organizational data protection policy.These solutions focus mainly on the data
and its sensitivity level, and on preventing it from reaching an unauthorized person. They ignore the fact that an
insider is gradually exposed to more and more sensitive data,to which she is authorized to access. Such data
may cause great damage to the organization when leaked or misused. Data can be leaked via emails, instant
messaging, le transfer etc. This research is focusing on email data leakage monitoring, detection and
prevention. It is proposed to be carried out in two phases: leakage detection through mining and prevention
through encryption of email content.
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
Hundreds of companies, and the most demanding Federal agencies rely on DMI for Mobile Security services and solutions. And with more than 500,000 devices under management, we know how to do it right.
Now we’ve distilled 9 years of Mobile Security best practices into a white paper you can download. The paper lays out a smart, sensible approach to managing mobile risk without unnecessary cost and business disruption.
Please be our guest and check out the white paper. You’ll learn:
How to identify and protect against the threats that matter the most
What to do about “the hottest new technologies”
How to get the most protection for the least cost and disruption
The key differences and similarities between Mobile and traditional cybersecurity
- See more at: http://dminc.com/solutions/enterprise-mobility-services/mobilesecuritywp/#sthash.yTptNZRw.dpuf
Managing a large and growing PC estate is no simple matter, particularly if you are doing it manually. Keeping a close watch on a couple of PCs can be straightforward, and a diligent IT manager will manage to keep such machines fully patched and free of troublesome software. But what happens when your estate grows beyond one or two machines?
1. Gerry Zapantis JPMorgan Chase Data Breach 4/25/2015
In the span of three months (June-August 2014),about 83 million
customerrecords had been purged from the databases of JP Morgan
Chase. Of those roughly 83 million customerrecords,76 million were
households and 7 million were for small businesses. The information that
was stolen include customername, physical address,phone numbers,
email addresses,and a table that had customers sorted into categories
such as mortgage type, credit card, or private banking. The attackers were
able to breach more than 90 servers through a zero-day vulnerability on an
overlooked and neglected server. The vulnerability was a neglected server
that had failed to receive a two-factor authentication update and left the
security professionals with no warning, no time to secure assets, no time to
bolsterdefensesand patch holes. The access to the network was granted
through an employee's infectedmachine and resulted in stolen credentials
when the employee loggedinto the one of the many servers hosted by JP
Morgan. The breach was detected when a charity website had
hemorrhaged usernames and passwords and was detected by Hold
Security, Inc. The platforms that were infected include Chase.com,
JPMorganOnline, Chase Mobile, and JPMorgan Mobile and the attack
would have continued to go unnoticed if JP Morgan security personnel had
not been tipped off by Hold Security analysts.
The first topic that JP Morgan learned from this attack was the value
of having a well-educated workforce. It is very important to keep the
frontline strong because ordinary employees are not thinking about the
ramifications of connecting their mobile phone to the company Internet.
They are not thinking about the security risk of having a static password for
an extended period of time. Their focus is not on preventing an infection
from spreading. Ordinary employeeswill panic when something goes
wrong and they are not trained to cope with the stresses. Training does not
need to be a drawn-out process of seminars and lectures, but can be as
simple as providing employees with copies of documentation on how to
deal with unexpected events, as well as who to contact. According to the
SANS Whitepaper1
,social engineering is one of the mostsuccessful
access points for attackers and "is the technique of tricking or manipulating
someone into providing information through the exploitation of human
vulnerabilities. Phishing, spam, mail attachments, or the impersonation of
someone that they're not are some of the popular forms of social
1 Minimizing Damage From J.P. Morgan's Data Breach Page 5-6 (https://www.sans.org/reading-
room/whitepapers/casestudies/minimizing-damage-jp-morgan-039-s-data-breach-35822)
2. Gerry Zapantis JPMorgan Chase Data Breach 4/25/2015
engineering." The SANS Whitepaperalso states that training should be
"…specific,measureable,achievable, realistic and time-based" and should
allow the employeesto aid in the start of the DR plan.
The second topic that J.P. Morgan needed to focus their efforts was
on segregationand protecting critical assets. It is not easy to determine
the level of access neededby each department, or employee,because
there is a fine line betweenusers having little access and functionality
dropping and having a virtually opennetwork with loose user restrictions.
Some middle-ground needs to be determined so everyone stays happy and
the data remains secure. According to the SANS Whitepaper 2
, the goal of
segregationis to "…restrict access to critical segments so that critical
assets are not accessible to everyone on the internal network."
Segregating the network into smaller subsections has multiple advantages.
One major advantage is that it is much easier to manage multiple smaller
segments than one massive group. The more users you are attempting to
monitor, the harder it is to notice abnormal traffic and it is entirely possible
for an attack to go unnoticed in the sea of legitimate traffic. Segregation
also has advantages when DR is taken into account. It is much easier to
shut down a portion of the system than it is to shut down the entire system.
It is much simplerto shut down a VLAN than it is to shut down the entire
system because a VLAN is localized, whereas the entirety of the system
has ramifications that could potentially do more damage than the actual
threat itself. The act of managing many networks is not an easy task and
requires managers who are capable of multitasking and the policies and
procedures onlywork if the employees adhere to them. A company could
have the bestpolicies and procedures in the world, but be completely
vulnerable if the employees do notimplementthose actions. One way to
control how much access a user has is to follow the "LeastPrivilege"
philosophyand give the user as much access as they need to complete
their tasks, but nothing further and nothing exceptwhat they need to work.
Another method of control would be through RBAC (Role-Based Access
Control) and its philosophymandates that only one role at a time can be
open for any specificuser. It also mandates that the previous role is
removed whenever an employee begins a new role. The key is to leave no
lingering roles because a lingering role is a potential access point for an
attacker. J.P. Morgan also failed to protecttheir critical assets,their
2 Minimizing Damage From J.P. Morgan Data Breach (https://www.sans.org/reading-
room/whitepapers/casestudies/minimizing-damage-jp-morgan-039-s-data-breach-35822)
3. Gerry Zapantis JPMorgan Chase Data Breach 4/25/2015
customerdatabase. To their credit, account numbers, social security
numbers, and other extremely sensitive information was kept from the
attacker and the attack was undiscovered foronly about three months.
However, J.P. Morgan was lucky because one of their companionsites
noticed usernames and passwords had been purged from their systems.
The major threat to critical assets is privilege escalation, whether it be
vertical or horizontal. Vertical escalation is essentially achieved through
bufferoverflow and can be stopped with routine patching, keep anti-virus
software up-to-date (as well as the virus signature database), and control
MAC through RBAC. Horizontal Escalation is essentially achieved through
the use of stolen credentials and can be prevented with HIPS and user
education. Another way to protect critical assets is the use of VLAN's and
create an onion-like structure within your network, and each layer of the
onion is a layer of protectionfor your critical assets. VLAN's alone are not
enough however, but can be a great deterrent when coupled with firewalls.
Firewalls are great because they offerexcellent TPC level protectionat
network perimeters as well as the entrances to critical assets.
The third topic that J.P. Morgan should take note is the importance of
monitoring, logging,and scanning and how each can be used, in
conjunction with the others, to protect your systems. Monitoring is very
important because it allows you to detectan intrusion before it can do "real"
harm, and real harm would be an action such as spreading beyond
containment or vertical escalation to obtaining root privilege. Monitoring
can be aided by NIDS (Network-based Intrusion DetectionSystems),but
they tend to be rather expensive and require a dedicated and well-versed
team to monitor the NIDS. While this is not an issue for J.P. Morgan, who
spend $250 million per year on security alone, NIDS and the appropriate
supportare beyond the means of most companies,barring the obvious
Fortune companies. The key to a successfulIDS is an up-to-date and
diverse signature database. Those signatures allow the IDS to determine
what is a threat and what is normal and legitimate traffic. Another positive
aspectof implementing NIDS is the possibilityof detecting zero-day
exploits with a proper and vast signature database. The issue is that
monitoring is useless if you do not have a baseline to compare suspected
traffic against. If you do not know what is supposed to be transmitted, it is
impossible,barring an obvious name like virus.exe or
imheretowreakhavok.exe, to detectan increase, or decrease,in network
activity. Central logging is very important because the logs are the record,
the digital fingerprint, of digital activity. If logs are important enough that
4. Gerry Zapantis JPMorgan Chase Data Breach 4/25/2015
attackers focus their attack in a way to avoid detectionand erase their log
entries because a log is a clear indication of an intrusion. However, like
monitoring, logging is useless if you do not know what is abnormal. Logs
are only really useful when you have consistent time stamps because it is
difficultto correlate logs from an IDS,firewall, OS, web logs,and switches
and routers if all devices and logs have differenttimestamps,which is
entirely possible if a device is configured in a differenttime zone. Logs are
not very useful if you only have one log because you have nothing to
compare it against to spotany anomalies. For logging to be effective,
baseline logging from access points,access to critical data, and access to
databases needs to be recorded over a period of time. For Windows
servers, the mostcommongateways are web servers, email servers, and
DMZ servers. Fortunately, companies are not helpless and can take
certain steps to help prevent any attacks. The primary step they can take
is to perform periodic vulnerability scans and routine penetration tests. A
network visibility map can be used by an organization to determine what
exposures and targets are visible on the network and then you can plan out
how to patch the holes. A security administrator should also prioritize and
identify the top 10-15 critical assets and then proceedto focus the majority
of your efforts on those critical assets while the other assets reap the
benefitof the other security measures. Prioritizing the top assets also
helps to stay on track with risk reduction. Another aspectJ.P. Morgan can
improve is by performing small scans instead of one massive, company-
wide scan. Small scans allow you to scan the critical assets without having
to scan the minor details entailed in the macro system. All companies
should understand the value of penetration testing. Penetration testing can
be defined as "..the technique of attempting to gain access to a network
without knowledge of the network itself."3
The goal of penetration testing is
to determine if an attacker can gain access to the network and critical
assets without triggering detectionmechanisms.
The topic as to whether these measures taken, or should be taken,
by J.P. Morgan, should be taken by other companies is more of a question
of the budget and whether the company has the financial resources
available for such a focused and specialized craft. Obviously, you would
expecta bank or other financial institution to spend more money on
security than a pizzeria, but not many companies can afford to spend $250
3 Minimizing Damage From J.P. Morgan Data Breach (https://www.sans.org/reading-
room/whitepapers/casestudies/minimizing-damage-jp-morgan-039-s-data-breach-35822)
5. Gerry Zapantis JPMorgan Chase Data Breach 4/25/2015
million on security alone. Some cost-effective alternatives include the use
of honeypot access points,periodic pen testing, and employee education.
Honeypot AP's are brilliant because you establish one and they are
configured to look like a normal AP. It is a wonderfully simple,yet
elaborate, trap in which the only traffic that would traverse the honeypot AP
is an attacker or an anonymous user, both can cause serious issues in their
own way. Periodic penetration testing allows you to frequently check to
see if your defenseshave any obvious and some not-so-obvious
vulnerabilities that an attacker could potentially use against you. Above all,
there is no defense like a workforce who understands the dangers lurking
on the Internet and the various socialengineering threats. While
centralized logging is very useful when used properly,it is rather expensive
to implementand maintain. If you do not have the resources to utilize the
logging to its fullest and have a team dedicated to centralized logging,it is
not worth the time or the money and will be the equivalent of a wet noodle.
While the Whitepapercontained a large amount of useful information,
I did not find a satisfactoryexplanation to two-factor authentication and
sought outside resources to help explain it in more detail or take a different
approach to explaining it. The first article was from treatpost.com4
,and it
describestwo-factorauthentication as "..a user logs in with their chosen
name and password, and then must use a second form of authentication
such as software or hard token, or PIN sent to a mobile or landline." The
second article was from computerworld.com5
,and it described two-factor
authentication as "…combines the use of static passwords with one-time-
use access codes generated by physical hardware devices or mobile
apps." The third article was from esecurityplanet.com6
,and I believe it
offers a perfectsummary to the problem of compromisedcredentials. It
states that "…until companies divorce the belief that users and accounts
are the same thing, and begin monitoring account usage, vigilantly
searching for compromisedaccount usage, this trend of breaches will
continue."
4 Two-Factor Snafu Opened Door to JPMorgan Breach (https://threatpost.com/two-factor-snafu-opened-
door-to-jpmorgan-breach/110119)
5 Two-Factor Authentication Oversight Led to JPMorgan Breach
(http://www.computerworld.com/article/2862578/twofactor-authentication-oversight-led-to-jpmorgan-
breach-investigators-reportedly-found.html)
6 Entry Point Identified for JPMorgan Chase Breach (http://www.esecurityplanet.com/network-
security/entry-point-identified-for-jpmorgan-chase-breach.html)