Welcome to the Community Weekly Highlights!
This is a weekly series to highlight the best articles and stories happening all across the web.
What was your favorite story? What topics would you like to see? Sound off in the comments!
Based on interviews with Forrester's Maxim and IDC's Frank Dickson and Robert Westervelt, Dark Reading pinpointed 10 common ways employees mishandle - and inadvertently breach - an organization’s security:
The Reserve Bank of India has hit YES bank with a $1 million fine for failing to promptly report a breach of its ATM network.
The malware compromised customer debit card details, leading India's top banks to advise some customers to change PIN codes and to recall millions of debit cards. A subsequent investigation by National Payments Corporation of India found that cases of illegal withdrawals were limited to 641 customers of 19 banks, and the total amount involved was 13 million rupees ($194,600).
A survey of more than 1,000 office workers carried out by business cloud services provider Intermedia has revealed that 59% of employees that had their computer hit by ransomware paid the ransom demand out of their own pockets. Only 37% said their employer paid the ransom.
Employees cited shame and embarrassment over falling victim as the primary reasons. Most hoped to pay the ransom and decrypt company data before everyone else discovered the incident.
A new survey conducted by Forrester Consulting unveiled that security and LoB leaders are experiencing high levels of anxiety due to IoT/OT security concerns, largely due to the negative business ramifications a security failure can have on critical business operations.
“IoT and OT bring significant benefits to organizations around the world,” according to Forrester Research. “Enterprises are heading in the right direction when it comes to IoT security investments and our hope is to bring greater awareness to both the challenges as well as the best practices. However, this survey brings to light that more is needed to be done around IoT security", said Michael DeCesare, President and CEO atForeScout.
Dnstwist is Python script created by Marcin Ulikowski over two years ago, but is still very useful, that allows you to detect phishing, typosquatters, and attack domains that are based on an inputted domain. If you are a site owner or in charge of your company's domain management and brand safety, this tool can be of great use in seeing sites that are trying to harm others by pretending to be your brand.
For basic usage, you can just simply input a domain to get a list of potential attack domains. While somewhat useful, by using various command line arguments you can further refine the search to get to the meat of what you are looking for.
What story from the last week the most important for you? We love hearing your feedback!