DEFENSESTORM

RESOURCES

Thought leadership and customer testimonials are some of the many ways we build a community of trust. These resources highlight our recent research and success stories.

DefenseStorm cyber security monitoring.
Our Community Credit Union

Case Studies

Our Community Credit Union

Our Community Credit Union was seeking a cyber risk management solution that would leverage DefenseStorm’s existing 24/7 monitoring and compliance tasks. The credit union also had an extremely short timeline to implement the tool to support its strategic initiatives.

Cybercriminals Love the Olympics Too, but for Different Reasons.

Insights

Cybercriminals Love the Olympics Too, but for Different Reasons.

The Olympic Games begin July 26, 2024, and end August 11, 2024. I, like most people around the globe, will be watching and cheering on our nation’s athletes as they achieve their goals and live out their Olympic dreams. Unlike most of the audience, though, I will also be thinking about the unseen but expected threats and attacks that will be occurring from bad threat actors taking advantage of such a major event.

Lone Star Credit Union

Case Studies

Lone Star Credit Union

In 2020, Pure IT deployed DefenseStorm to ensure optimal levels of security for Lone Star Credit Union through improved monitoring, detection, and prevention of cyber threats.

“I Handed Over $50,000 in a Shoe Box”

Fraud Squad

“I Handed Over $50,000 in a Shoe Box”

With cybercriminals always devising new methods to target consumers, cybersecurity experts emphasize the importance of security awareness in preventing fraud. However, despite being an acclaimed financial-advice columnist, Charlotte Cowles [Brooklyn, NY] fell victim to a manipulative scam that cost her $50,000.

Live Oak Bank and DefenseStorm Testimonial

Webinars & Videos

Live Oak Bank and DefenseStorm Testimonial

Learn about how Rich Friedberg, CISO, at Live Oak Bank works with DefenseStorm to face challenges in managing cyber risk & steps he is taking to protect his customers against threats.

Cybersecurity Risk 2024: Keeping Pace with Evolving Standards

Insights

Cybersecurity Risk 2024: Keeping Pace with Evolving Standards

A proposed rule from the Federal Deposit Insurance Corporation (FDIC) will establish new regulatory standards and increase the focus of cybersecurity risk management and governance while bringing an expectation of faster response times and real-time remediation of deficiencies.

Everything You Need to Know About the Alleged AT&T Data Leak

Threat Alerts

Everything You Need to Know About the Alleged AT&T Data Leak

Reports of a massive AT&T data leak have surfaced, with around seventy million customers potentially affected. The data is reportedly for sale on a leak forum or website.

New GRID Active Fraud Detection Functionality – Community Watchlists

Insights

New GRID Active Fraud Detection Functionality – Community Watchlists

DefenseStorm has updated its GRID Active Fraud Detection, further enhancing its capabilities as a powerful cyber risk management solution.  Organizations can now join the Community Watchlists within GRID Active Fraud Detection, where they not only receive alerts of new threats, but can add a threat to the watchlist directly from the Alert view.

Hi, It’s Your Financial Institution…or is it?

Fraud Squad

Hi, It’s Your Financial Institution…or is it?

New and innovative applications are touted as a fun way to make prank calls, but they aren’t just being used by teenagers to pull a fast one on a friend. Fraudsters are using these apps to mimic legitimate business numbers and send text messages or calls that appear to be from the victim’s trusted financial institution (FI) in a scam called bank spoofing. Scammers on the other end of the call attempt to acquire sensitive information such as bank account numbers, passwords, personal identification numbers (PINs), and authentication codes that allow money transfers or access to the account.

New Guidance for Managing Cybersecurity Risks with NIST CSF 2.0

Insights

New Guidance for Managing Cybersecurity Risks with NIST CSF 2.0

NIST’s Cybersecurity Framework (CSF) is designed to help institutions of all sizes and sophistication levels manage and reduce their unique cybersecurity risks. With the release of CSF 2.0, the guidance provided by NIST has expanded the practice and controls that institutions can use to best understand, assess, prioritize, and communicate its cybersecurity efforts.

Romance Scam to Money Mule

Fraud Squad

Romance Scam to Money Mule

Romance scams continue to gain prevalence as scammers use online dating platforms and social media to prey on vulnerable individuals looking for love.  Continue reading to learn how a man nearly fell victim to a romance scam where the perpetrator intended to use him as a money mule, but the scam was stopped before any transactions occurred, thanks to a concerned bank employee.

AnyDesk Threat Alert

Threat Alerts

AnyDesk Threat Alert

DefenseStorm is aware of an incident involving  AnyDesk and the compromise of some of their production systems.  The incident was reported by AnyDesk on 2/2/2024.  We have not been able to locate any usable technical details or IOCs at this time.  AnyDesk is a widely used remote desktop software that allows users to access and control computers from anywhere in the world.

Love, Lies and Deception: A Romance Scam

Fraud Squad

Love, Lies and Deception: A Romance Scam

With the rise of online dating and social media, millions of people flock to digital platforms to find love. But from behind the protection of a computer screen, scammers exploit the most vulnerable people seeking romance and relationships, ultimately leaving the unsuspecting victim with a broken heart and an empty bank account.

Election Scams

Insights

Election Scams

With election season beginning to ramp up, it’s important to be aware and prepared for the barrage of phishing, smishing, vishing, and other “ishing” scams and campaigns that are sure to follow. Just this weekend, I received multiple texts related to voting and polling, so let’s explore a few of the common scams and tactics that bad actors will try to leverage to obtain your personal information.

The Rise of Banking Trojans in Rogue Mobile Apps

Insights

The Rise of Banking Trojans in Rogue Mobile Apps

Banking trojans continue to evolve and succeed due to their ability to persist, bypass security, and evade detection on mobile devices. As investment from fast-moving threat actors continues to increase, traditional security practices are unable to keep up.

Pasadena Federal Credit Union Testimonial

Case Studies

Pasadena Federal Credit Union Testimonial

Pasadena Federal Credit Union was consistently disappointed in their previous IT vendors, so they began the daunting task of shopping around for a cyber risk management solution. The wanted a relationship- a partner, and DefenseStorm was the obvious choice for them. Within a few months of signing, a simple phone call from DefenseStorm proved a real return on investment in their new partnership.

New GRID Active Governance Program and Reporting Functionality – Linking Dashboards to Task Schedules

Insights

New GRID Active Governance Program and Reporting Functionality – Linking Dashboards to Task Schedules

DefenseStorm has recently updated its GRID Active Governance Program with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution.  Organizations now can link dashboards to task schedules for scheduling and documenting report reviews.

The Tech Support Scam That Cost a Senior Citizen Her Life Savings

Fraud Squad

The Tech Support Scam That Cost a Senior Citizen Her Life Savings

Technology is advancing at an unprecedented pace, and even the most tech-savvy individuals can find themselves in need of assistance to remain connected and productive. Unfortunately, with the increased demand for tech support comes a rise in fraudulent activity exploiting this important service. Senior citizens are the most vulnerable group because they are more likely to seek help in navigating the complexities of technology.

Venture Tech 2023 Podcast: Interview with DefenseStorm CEO, Steve Soukup

Webinars & Videos

Venture Tech 2023 Podcast: Interview with DefenseStorm CEO, Steve Soukup

Learn how DefenseStorm helps your credit union drive change, and enable growth without compromising safety, by approaching cybersecurity with the same risk management disciplines you use in other areas of business.

 

New GRID Active Risk Assessment Functionality – Exception Tracking and Reporting

Insights

New GRID Active Risk Assessment Functionality – Exception Tracking and Reporting

DefenseStorm has recently updated its GRID Active Risk Assessment with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution with GRID Active Risk Assessment Exceptions.

Safeguarding Credit Unions with Threat Intelligence with Elizabeth Houser and James Bruhl

Webinars & Videos

Safeguarding Credit Unions with Threat Intelligence with Elizabeth Houser and James Bruhl

Listen to Director of Cyber Defense, Elizabeth Houser, and Director of Cyber Threat Intelligence, James Bruhl discuss with NAFCU about what threat intelligence is and why is it important to Financial Institutions.

PSA:  Apple’s Name Drop Feature

Insights

PSA: Apple’s Name Drop Feature

Apple just rolled out a new default feature for iPhone and Apple watch that allows nearby users to share contact information with one another.  This feature has sparked some concern in online social communities and even prompted law enforcement agencies to release statements and privacy warnings over the last few days due to the concern that people could “drop” information on another user’s phone at random, which seems scary.

CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Insights

CISO on Cyber Risk: Embracing Accountability and Transparency in the Wake of the SolarWinds Lawsuit

Insights from the desk of Chief Information Security Officer, William Wetherill

The Importance of Asset Management

Insights

The Importance of Asset Management

Cybersecurity is a critical concern for any organization, regardless of its size or industry; however, for financial institutions (FIs), it’s vital due to the sensitive data and valuable assets they are entrusted to safeguard. While there are many aspects to consider in building a robust cybersecurity program, one crucial component is effective asset management.

DefenseStorm releases User Behavior Analytics (UBA) model in GRID Active Fraud Detection

Insights

DefenseStorm releases User Behavior Analytics (UBA) model in GRID Active Fraud Detection

Powered by machine learning to help better proactively detect fraud, financial institutions can monitor suspicious non-monetary activities for individuals to complement rules-based approaches and detect fraudulent activities.

SIM Swapping

Insights

SIM Swapping

If you stay up to date with cybersecurity news and events, you are likely bombarded with technical analysis of the latest ransomware, malware, dropper, trojan, or vulnerability that was exploited by bypassing controls and using “living off the land” techniques.  While these tactics, techniques, and analyses are incredibly important and useful, we can often forget that it’s sometimes the simple, age-old ways of getting your information and property that can also harm us.
That’s where SIM swapping comes in. 

Holiday Fraud Delivery Notification Scams: “You have a package for delivery!”

Fraud Squad

Holiday Fraud Delivery Notification Scams: “You have a package for delivery!”

With the holiday season just around the corner, it’s a time for celebrations, travel, and shopping, but it’s also prime time for fraudsters to prey on unsuspecting consumers. Amidst the hustle and bustle of planning and festivities, people become easy targets for scammers.

Critical Severity Authentication Vulnerability: CVE-2023-22518

Threat Alerts

Critical Severity Authentication Vulnerability: CVE-2023-22518

A recent vulnerability has been discovered for Confluence Server and Data Center and is being tracked as CVE-2023-22518.  At this time of this writing, this vulnerability is NOT known to have been exploited; however, Atlassian is recommending that those impacted take immediate action.  The below information was taken directly from the Atlassian FAQ page for CVE-2023-22518, and the page was last updated on November 1, 2023.

GRID Active Fraud Detection:  Alert Enhancements

Insights

GRID Active Fraud Detection: Alert Enhancements

As fraud detection and prevention continue to be crucial in today’s digital landscape, it’s imperative for fraud investigators to utilize efficient tools that empower and support their investigative work.  The current Trigger and Alert views have been strategically modified to enhance the service provided to fraud investigators where they can now see relevant information that is intuitive to their role.

AI and its Impact on Cybersecurity Part 3: The DefenseStorm Approach

Insights

AI and its Impact on Cybersecurity Part 3: The DefenseStorm Approach

In our final entry into our series, AI and its Impact on Cybersecurity, we will explore how DefenseStorm utilizes AI in our own built-for-banking technology.

1 2 3 5