June 1, 2017 With the EU GDPR One Year Away, Data Shows There Is Still Much to Do With EU GDPR one year away, there is still a lot of ground to cover for organizations that will be most affected, and the data shows it. Over the past year, the EU General Data Protection Regulation (GDPR) and the online collection of personally identifiable information (PII) have been top-of-mind for RiskIQ, and we’ve recently […]
May 25, 2017 Fresh from the Oven: Cookie Data Set in RiskIQ PassiveTotal The cookie data set in RiskIQ PassiveTotal is fresh from the oven. When most people hear the word cookies, they imagine fresh-baked confectionary treats. Here at RiskIQ however, we think of web crawling, browser sessions and most importantly, data! After several weeks of testing, we are finally happy to release a new data set into […]
May 23, 2017 RiskIQ PassiveTotal: Part of the Citizen Lab’s Core Workflow The Citizen Lab is an interdisciplinary research group at the Munk School of Global Affairs, University of Toronto, that investigates targeted digital espionage operations against civil society groups. We are dependent on the generous support of companies, like RiskIQ, to help us access and work with threat intelligence products for our research. Citizen Lab has […]
May 19, 2017 Are there Insecure Webforms on your Assets? Data Suggests Yes Are your customers putting sensitive data into insecure webforms? Data suggests many people are. That’s why this past January, internet browser giants Google and Mozilla attempted to increase the security awareness of their users around the dangers of using insecure forms. Any information submitted over a non-HTTPs secured connection—login credentials, credit card numbers, and other […]
May 17, 2017 WannaCry? Take These Three Steps to Protect your Attack Surface Today, it’s WannaCry, yesterday it was Struts2, the day before it was Heartbleed, and tomorrow will be a brand new threat to your organization’s attack surface. While digital threats increase in velocity, volume, and adaptability, two things are certain: organizations need to think about their automating defenses for external threats, and need a complete and […]
May 16, 2017 RiskIQ Is on Ovum’s Radar. Digital Threat Management Should Be on Yours When it comes to digital threat management, Ovum has put RiskIQ on the radar, featuring us in their “On the Radar” report for digital threat management. And as digital threats resulting in material loss continue to blindside businesses, consumers, and security organizations, digital threat management will soon be on your radar, too (if it’s not […]
May 11, 2017 The Problem with Newly Registered Domains Newly registered domains are an effective tool for threat actors. Threat actors often create new infrastructure quickly, engaging in their attack campaigns and then ducking and running in a matter of hours or even minutes. From a security perspective, there are very few reasons someone would need to visit a domain that has just come […]
May 5, 2017 The Not-so-puny Problem with Punycode In the realm of external threats, domain infringement and phishing currently reign supreme for scale. Domain squatting, which uses similarly spelled domains to target Internet users who incorrectly type a website address into their browser, is a go-to resource for threat actors launching these campaigns or to legitimize links. But while end users slowly come […]
May 3, 2017 Automating Investigations: Announcing Updated API for RiskIQ PassiveTotal The RiskIQ PassiveTotal team continually strives to improve our platform’s capabilities and make it even easier for our analyst community to investigate threats, track actor groups, and proactively monitor malicious infrastructure in response to an ever-evolving threat environment. Today, we are happy to announce the launch of our updated API, which adds projects and monitoring […]
