DEFENSESTORM
Thought leadership and customer testimonials are some of the many ways we build a community of trust. These cyber security resources highlight our recent research and success stories.
Fraud Squad
With cybercriminals always devising new methods to target consumers, cybersecurity experts emphasize the importance of security awareness in preventing fraud. However, despite being an acclaimed financial-advice columnist, Charlotte Cowles [Brooklyn, NY] fell victim to a manipulative scam that cost her $50,000.
Webinars & Videos
Learn about how Rich Friedberg, CISO, at Live Oak Bank works with DefenseStorm to face challenges in managing cyber risk & steps he is taking to protect his customers against threats.
Insights
A proposed rule from the Federal Deposit Insurance Corporation (FDIC) will establish new regulatory standards and increase the focus of cybersecurity risk management and governance while bringing an expectation of faster response times and real-time remediation of deficiencies.
Threat Alerts
Reports of a massive AT&T data leak have surfaced, with around seventy million customers potentially affected. The data is reportedly for sale on a leak forum or website.
Insights
DefenseStorm has updated its Account Takeover Fraud Prevention further enhancing its capabilities as a powerful cyber risk management solution. Organizations can now join the Community Watchlists within Account Takeover Fraud Prevention, where they not only receive alerts of new threats, but can add a threat to the watchlist directly from the Alert view.
Fraud Squad
New and innovative applications are touted as a fun way to make prank calls, but they aren’t just being used by teenagers to pull a fast one on a friend. Fraudsters are using these apps to mimic legitimate business numbers and send text messages or calls that appear to be from the victim’s trusted financial institution (FI) in a scam called bank spoofing. Scammers on the other end of the call attempt to acquire sensitive information such as bank account numbers, passwords, personal identification numbers (PINs), and authentication codes that allow money transfers or access to the account.
Insights
NIST’s Cybersecurity Framework (CSF) is designed to help institutions of all sizes and sophistication levels manage and reduce their unique cybersecurity risks. With the release of CSF 2.0, the guidance provided by NIST has expanded the practice and controls that institutions can use to best understand, assess, prioritize, and communicate its cybersecurity efforts.
Fraud Squad
Romance scams continue to gain prevalence as scammers use online dating platforms and social media to prey on vulnerable individuals looking for love. Continue reading to learn how a man nearly fell victim to a romance scam where the perpetrator intended to use him as a money mule, but the scam was stopped before any transactions occurred, thanks to a concerned bank employee.
Threat Alerts
DefenseStorm is aware of an incident involving AnyDesk and the compromise of some of their production systems. The incident was reported by AnyDesk on 2/2/2024. We have not been able to locate any usable technical details or IOCs at this time. AnyDesk is a widely used remote desktop software that allows users to access and control computers from anywhere in the world.
Fraud Squad
With the rise of online dating and social media, millions of people flock to digital platforms to find love. But from behind the protection of a computer screen, scammers exploit the most vulnerable people seeking romance and relationships, ultimately leaving the unsuspecting victim with a broken heart and an empty bank account.
Insights
Cyber scams and election season just go together, and as election season begins to ramp up, so will cyber scams and the variety of tactics that bad actors will deploy in the attempt to obtain your personal information.
Insights
Banking trojans continue to evolve and succeed due to their ability to persist, bypass security, and evade detection on mobile devices. As investment from fast-moving threat actors continues to increase, traditional security practices are unable to keep up.
Case Studies
Pasadena Federal Credit Union was consistently disappointed in their previous IT vendors, so they began the daunting task of shopping around for a cyber risk management solution. The wanted a relationship- a partner, and DefenseStorm was the obvious choice for them. Within a few months of signing, a simple phone call from DefenseStorm proved a real return on investment in their new partnership.
Insights
DefenseStorm has made a cyber security software update to our GRID Active Governance Program with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution. Organizations now can link dashboards to task schedules for scheduling and documenting report reviews.
Fraud Squad
Technology is advancing at an unprecedented pace, and even the most tech-savvy individuals can find themselves in need of assistance to remain connected and productive. Unfortunately, with the increased demand for tech support comes a rise in fraudulent activity exploiting this important service. Senior citizens are the most vulnerable group because they are more likely to seek help in navigating the complexities of technology.
Webinars & Videos
Learn how DefenseStorm helps your credit union drive change, and enable growth without compromising safety, by approaching cybersecurity with the same risk management disciplines you use in other areas of business.
Insights
DefenseStorm’s cyber risk assessment solution has recently been updated with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution with GRID Active Risk Assessment Exceptions.
Webinars & Videos
Listen to Director of Cyber Defense, Elizabeth Houser, and Director of Cyber Threat Intelligence, James Bruhl discuss with NAFCU about what threat intelligence is and why is it important to Financial Institutions.
Insights
Keeping up with cyber security alerts is important and Apple just rolled out a new default feature for iPhone and Apple watch that allows nearby users to share contact information with one another. This feature has sparked some concern in online social communities and even prompted law enforcement agencies to release statements and privacy warnings over the last few days due to the concern that people could “drop” information on another user’s phone at random, which seems scary.
Insights
Cyber risk Insights from the desk of DefenseStorm’s Chief Information Security Officer, William Wetherill.
Insights
Cyber security asset management is a critical concern for any organization, regardless of its size or industry. For financial institutions (FIs), it’s vital due to the sensitive data and valuable assets they are entrusted to safeguard. While there are many aspects to consider in building a robust cybersecurity program, one crucial component is effective asset management.
Insights
GRID Active Fraud Prevention is powered by machine learning and helps financial institutions to proactively detect fraud and monitor suspicious non-monetary activities, complementing rules-based approaches to detect fraudulent activities.
Insights
SIM Swapping is nothing new and if you stay up to date with cybersecurity news and events, you are likely bombarded with technical analysis of the latest in ransomware, malware, dropper, trojan, or vulnerability that was exploited by bypassing controls and using “living off the land” techniques.
While these tactics, techniques, and analyses are incredibly important and useful, we can often forget that it’s sometimes the simple, age-old ways of getting your information and property that can also harm us.
Fraud Squad
With the holiday season just around the corner, it’s a time for celebrations, travel, and shopping, but it’s also prime time for fraudsters to prey on unsuspecting consumers. Amidst the hustle and bustle of planning and festivities, people become easy targets for scammers.
Threat Alerts
A recent vulnerability has been discovered for Confluence Server and Data Center and is being tracked as CVE-2023-22518. At this time of this writing, this vulnerability is NOT known to have been exploited; however, Atlassian is recommending that those impacted take immediate action. The below information was taken directly from the Atlassian FAQ page for CVE-2023-22518, and the page was last updated on November 1, 2023.
Insights
As fraud prevention in banking continues to be crucial in today’s digital landscape, it’s imperative for fraud investigators to utilize efficient tools that empower and support their investigative work. The current Trigger and Alert views have been strategically modified to enhance the service provided to fraud investigators where they can now see relevant information that is intuitive to their role.
Insights
In our final entry into our series, The Impact of AI on Cybersecurity, we will explore how DefenseStorm utilizes AI in our own built-for-banking technology.
Fraud Squad
In our latest article in Fraud Squad series, we cover a deepfake scam that started with a call, a familiar voice, and a frantic plea for help. One couple is scammed out of nearly $10,000 when they received a call from whom they believed to be their incarcerated son requesting money for bail.
Datasheets
DefenseStorm Cyber Threat Surveillance Operations (CTS Ops) team is an extension of your cybersecurity team to bolster your cyber defenses and ensure your FI is threat ready. Our team’s professional expertise and certifications make them your ally in the fight against cybercrime, diligently working to stop threats from becoming costly and destructive attacks.
Insights
Innovations in technology and security are top of mind for banks and credit unions, and when it comes to firewall security, it is critical to strengthen the weakest link in your cybersecurity efforts. As cyber risks evolve, institutions of all asset sizes must prioritize and invest in strengthening cybersecurity efforts.