By Brad Pierce, Structured Managing Director of Security, CISSP/CISA/PCIP -- Last week in the news were reports of more than a billion accounts being leaked online from just two sources (Facebook (533M) and LinkedIn (500M)). The data is still being validated, but the source seems to largely be public information that has been aggregated, bundled and sold. In this case, it is not passwords or private information but the combination of public information that is the concern. From the Facebook leak: “The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India,” according to Insider. “It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.” From the Linkedin leak: "The leaked LinkedIn data set contains member IDs, full names, email addresses, phone numbers, genders, job titles, workplace information, and potentially other identifying data." These are identities. These are the kinds of data that can be combined in creative ways by resourceful adversaries. Whether this information turns out to be fresh or stale,…

Supply Chain Hacks: Fallout from a nation-state-backed attack


By Jesse Wilson, CISSP, Sr. Security Engineer -- Two weeks have passed since the discovery of Sunburst (https://us-cert.cisa.gov/ncas/alerts/aa20-352a), an exploit so vast it likely will become the biggest breach in history – at least to date. Government agencies and private businesses alike are scrambling to detect indicators of compromise (IOCs), install patches and implement damage…

Read More

Community, Continuity


First, let us extend our most heartfelt wishes that you and those closest to you have been spared illness or financial hardship as a result of coronavirus. As a Pacific Northwest-based company with deep roots in Oregon and Washington state, this community and its collective health means everything to us. Second, we are keenly aware…

Read More