Accountability, Authentication and Small Business

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Without robust IT budgets or fully staffed cybersecurity departments, small businesses often rely on their own small stable of workers (including sole proprietors with effectively zero employees) to stay safe online. Here are the three biggest cybersecurity threats to small businesses right now.

Small Business

Small Business Cybersecurity Scams Passwords

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month. Financial services giant Intuit this week informed 1.4

Small Business

Small Business Financial Services Government Media

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

PT kontekbrothers/Getty We've probably all received confirmation codes sent via text message when trying to sign into an account. Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone.

Authentication

Authentication Password Management Small Business Passwords

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability

Accountability Identity Theft Hacking Insurance

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Related: SMBs too often pay ransom Small businesses, including nonprofit organizations, are not immune to cyberattacks.

Small Business

Small Business Cybersecurity Technology Accountability

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

Just because you are running a small business doesn’t mean you are out of the reach of cybercriminals and hackers. In fact, small businesses are more susceptible to security breaches and cyberattacks because most often they dont expect the attack, thus are unprepared to handle the situation. Two-factor authentication .

Small Business

Small Business Cyber Attacks VPN Backups

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 3, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog. Exploiting it requires admin credentials and grants root access. ” reads the advisory.

Small Business

Small Business Authentication Hacking Accountability

Cisco addresses flaws in Small Business Routers and Switches

Security Affairs

JULY 2, 2020

Cisco announced that it has patched several vulnerabilities affecting its products, including security issues in Small Business routers and switches. Cisco has addressed eight vulnerabilities affecting its products, including flaws in Small Business routers and switches. Pierluigi Paganini.

Small Business

Small Business Authentication Engineering Architecture

Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack

Security Affairs

JANUARY 20, 2019

Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device. it ties the default configuration on the devices that includes a default, privileged user account.

Small Business

Small Business Hacking Accountability Software

Expert found multiple flaws in Cisco Small Business 220 series

Security Affairs

JUNE 18, 2021

A researcher discovered multiple vulnerabilities in smart switches of Cisco’s Small Business 220 series, including some issues rated as high severity. Security researcher Jasper Lievisse Adriaanse has discovered multiple vulnerabilities Cisco’s Small Business 220 series smart switches. ” continues the advisory.

Small Business

Small Business Firmware Authentication Accountability

Watch out for these 3 small business cybersecurity mistakes

Malwarebytes

MAY 2, 2022

May 2 marks the start of National Small Business Week , a week that recognizes “the critical contributions of America’s entrepreneurs and small business owners”, and promises to “celebrate the resiliency and tenacity of America’s entrepreneurs.” Thinking you are not a target.

Small Business

Small Business Cybersecurity Ransomware Backups

Delivering simplified cybersecurity to small businesses

Cisco Security

MAY 13, 2021

He laid out the challenge small businesses face perfectly, “Everyday our customers entrust us with sensitive data such as payment methods, shipping addresses, names – information that must be managed by the best technical partner. Protecting 86 million end points and processing 900 million authentication requests per month.

Small Business

Small Business Cybersecurity Cyber threats Technology

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

Collectively, they could easily put affected customers at risk for account takeovers and identity theft. million former account holders. This leak reportedly included full names, dates of birth email addresses, mailing addresses, phone numbers, social security numbers, and AT&T account numbers.

Password Management

Password Management Passwords Identity Theft Artificial Intelligence

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

The Last Watchdog

JUNE 23, 2021

The challenge of embracing digital transformation while also quelling the accompanying cyber risks has never been greater for small- and mid-sized businesses. Related: How ‘PAM’ improves authentication. PAM tools help companies discover and manage access to sensitive accounts. Remote desktop risks.

Accountability

Accountability Passwords Hacking Cyber Risk

RSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposures

The Last Watchdog

MAY 30, 2024

From MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Service accounts have multiplied exponentially in recent years and become a prime target of threat actors, since little has been done to beef up protection. LW provides consulting services to the vendors we cover.)

Accountability

Accountability Small Business Insurance Authentication

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

JUNE 22, 2025

Here's how to check if your accounts are at risk and what to do next. Breach victims can be individuals, small businesses, non-profits, or Fortune 500 companies. Recycled credentials leaked online from company A could be used to access your account from company B, for example.

Passwords

Passwords Data breaches Password Management Accountability

Microsoft Defender vs Bitdefender: Compare Antivirus Software

eSecurity Planet

MAY 27, 2025

Microsoft Defender and Bitdefender are two popular small business security providers with multiple products for small teams. Microsoft Defender can protect your office solutions, like Word and Teams, and business endpoint devices. Bitdefender performs vulnerability scans on your devices and protects your email accounts.

Antivirus

Antivirus Software Small Business VPN

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

Here's how to check if your accounts are at risk and what to do next. Breach victims can be individuals, small businesses, non-profits, or Fortune 500 companies. Recycled credentials leaked online from company A could be used to access your account from company B, for example.

Passwords

Passwords Data breaches Password Management Identity Theft

Facebook's new passkey support could let you ditch your password once and for all

Zero Day

JUNE 19, 2025

PT NurPhoto / Contributor/Getty For all of us who hate passwords, passkeys represent a simpler and safer way of authenticating online accounts. But the passkey won't be limited to your actual Facebook account. Because that passcode is tied to you, you're able to use it to sign into the same account everywhere.

Passwords

Passwords Password Management Small Business Mobile

Complete Guide to Cybersecurity for Small Businesses

eSecurity Planet

OCTOBER 15, 2024

If you’re a small business owner, it’s crucial to understand the significance of cybersecurity and the steps needed to safeguard your data, customers, and company reputation. The Financial Impact of Cyberattacks For small businesses, the financial consequences of a cyberattack can be devastating.

Small Business

Small Business Cybersecurity Backups Firewall

MY TAKE: Why companies should care about 2.2 billion stolen credentials circulating in easy reach

The Last Watchdog

FEBRUARY 1, 2019

The clear and present risk to the average consumer or small business owner is that his or here stolen account credentials will surface in one or more credential stuffing campaigns. And once they do, they swiftly try to gain access to accounts on other popular services. Two-factor authentication, or even better, FIDO/U2F.”

Small Business

Small Business Passwords Authentication Accountability

How global threat actors are weaponizing AI now, according to OpenAI

Zero Day

JUNE 6, 2025

One of the cases with probable Chinese origins, for example, found ChatGPT accounts generating social media posts in English, Chinese, and Urdu. China's foreign ministry has denied any involvement with the activities outlined in OpenAI's report, according to Reuters.

Artificial Intelligence

Artificial Intelligence Password Management Small Business Passwords

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

MAY 24, 2019

The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser. No authentication was required to read the documents. Image: Linkedin.

Insurance

Insurance Banking Identity Theft Scams

Legacy Authentication Protocols: Why RADIUS Is (Still) Important

Duo's Security Blog

MAY 23, 2024

When reading the title of this blog, you might be wondering to yourself why RADIUS is being highlighted as a subject — especially amidst all of the advancements of modern authentication we see taking place recently. Instead, it supports a variety of authentication protocols , including EAP, PAP, CHAP, and others. What is RADIUS?

Authentication

Authentication Wireless Passwords Encryption

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Malwarebytes

AUGUST 4, 2023

In the phishing attacks the group leverages previously compromised Microsoft 365 instances, mostly owned by small businesses, to create new domains that look like technical support accounts. Once the target has done this, the attacker can use the gained access to further compromise the account.

Authentication

Authentication Phishing Accountability Small Business

Cisco addresses a High-severity flaw in CMX Software

Security Affairs

JANUARY 14, 2021

Cisco addressed tens of high-severity flaws, including some flaws in the AnyConnect Secure Mobility Client and in its small business routers. This week Cisco released security updates to address 67 high-severity vulnerabilities, including issues affecting Cisco’s AnyConnect Secure Mobility Client and small business routers (i.e.

Software

Software Small Business Mobile Authentication

AI and collaboration tools: how cyberattackers are targeting SMBs in 2025

SecureList

JUNE 25, 2025

This accounted for nearly 41% of all unique files detected, a 14-percentage point increase compared to 2024. Microsoft Office applications remained frequent targets for impersonation: Outlook and PowerPoint each accounted for 16%, Excel for nearly 12%, while Word and Teams made up 9% and 5%, respectively.

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

CSO Magazine

OCTOBER 6, 2022

These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses.

Authentication

Authentication Small Business Password Management Passwords

Kaseya obtained a universal decryptor for REvil ransomware attack

Security Affairs

JULY 23, 2021

For the initial attack vector, REvil operators exploited an authentication bypass zero-day (CVE-2021-30116) in the web interface of the Kaseya VSA server to gain an authenticated session. Then, the attackers uploaded the payload and executed a command via SQL injection to deploy the malicious updates.

Ransomware

Ransomware Small Business Encryption Authentication

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware

Spyware Manufacturing Small Business Surveillance

3 crucial security steps people should do, but don't

Malwarebytes

OCTOBER 17, 2023

Just 24 percent of people use multi-factor authentication. Just 35 percent of people have unique passwords for most or all of their accounts. Creating strong, unique passwords is simple enough, as any person can throw a cat at a keyboard and likely fulfill the password requirements for most online accounts.

Password Management

Password Management Antivirus Passwords Accountability

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

As we’ll see in a moment, Salomon is now behind bars, in part because he helped to rob dozens of small businesses in the United States using some of those same harvested passwords. bank accounts. Multiple accounts are registered to that email address under the name Alexander Valerievich Grichishkin , from Cherepovets.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Reddit’s new AI-powered tools scan your posts to serve you better ads

Malwarebytes

JUNE 17, 2025

It described this new addition as the collective knowledge of billions of conversations to help businesses and organizations make “smarter marketing decisions.” Also don’t link your account to your Google or Apple account. Regularly check your account activity for unauthorized access and report anything suspicious.

Media

Media Identity Theft Artificial Intelligence Accountability

U.S. Security Agencies Release Network Security, Vulnerability Guidance

eSecurity Planet

MARCH 4, 2022

Among the latest additions are: Cisco Small Business RV routers and IOS software (38 new Cisco vulnerabilities in all). The new guidance is significantly more comprehensive and in-depth, addressing network architecture, maintenance, authentication, routing, ports, remote logging, monitoring and administration.

Network Security

Network Security Architecture Authentication Firewall

What you need to know: The biggest cyber threats in 2024

Webroot

SEPTEMBER 24, 2024

In today’s world, both small businesses and everyday consumers face a growing number of cyber threats. Whether you’re running a small business or managing personal data at home, here’s what you need to know. Scammers love to take advantage of busy times to trick people into clicking malicious links.

Cyber threats

Cyber threats Small Business Scams Cybercrime

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. These emails appear to be coming from some authentic source like from your bank or some legit business organization. Use Two Factor Authentication. Tips to Prevent Phishing. Be Extra Vigilant.

Phishing

Phishing Accountability Authentication Passwords

The Top 3 OWASP Threats Your Business Should Address Today

SiteLock

AUGUST 27, 2021

If you’re a small business owner looking to boost your cybersecurity efforts, you’ve likely come across the term “OWASP Top 10.” If cybercriminals gain this type of access to your site, it allows them to exploit for financial gain all kinds of sensitive data such as usernames, passwords, phone numbers, and bank account numbers.

Small Business

Small Business Passwords Authentication Accountability

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated administrator can exploit the issue by sending specially crafted requests and execute arbitrary commands on the appliance. Targets span across the globe, they include both small businesses and large organizations.

VPN

VPN Authentication Small Business Telecommunications

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, An authenticated administrator can exploit the issue by sending specially crafted requests and execute arbitrary commands on the appliance. Targets span across the globe, they include both small businesses and large organizations.

VPN

VPN Malware Authentication Small Business

5 Data Breaches You May Have Missed

Identity IQ

JANUARY 19, 2021

Small Business Administration. At the beginning of the pandemic shutdowns last March, businesses were beginning to apply for emergency assistance through federal programs to stay afloat and keep employees on the payroll. million customer accounts. This leaves victims of the data breaches vulnerable to identity theft.

Data breaches

Data breaches Identity Theft Small Business Passwords

How to Use LastPass: Complete Guide for Beginners

eSecurity Planet

AUGUST 21, 2024

There are many types of network security , so understanding how to use LastPass is essential to managing personal accounts or securing an entire team. Step 3: Install the LastPass Browser Extension Once your account is set up, you must install the LastPass browser extension for easier access. Make sure it’s both strong and memorable.

Password Management

Password Management Passwords Accountability Authentication

Wyze wants to keep prying eyes away from your cameras with this new feature

Zero Day

JUNE 20, 2025

Before anyone views a camera or downloads or shares that camera's content, Wyze runs an instant check verification process to make sure the user ID on the content matches the one on the account trying to see it. If the ID doesn't match, access is denied, even if the user already has access-level permissions.

Password Management

Password Management Small Business Artificial Intelligence Digital transformation

Russian APT29 conducts phishing attacks through Microsoft Teams

Security Affairs

AUGUST 3, 2023

The attackers use previously compromised Microsoft 365 tenants owned by small businesses to create new domains that appear as technical support entities. Once the targeted user accepted the message request and entered the code into the Microsoft Authenticator app, the attacker is granted a token to authenticate as the targeted user.

Phishing

Phishing Authentication Social Engineering Government

Bitwarden vs Dashlane: Comparing Password Managers

eSecurity Planet

MAY 14, 2025

Then I looked for different product demo options for potential buyers and whether the two providers offered technical account manager (TAM) services. Its features include 2FA, biometric authentication, and group management. It also offers accounts for guest users and travel mode, which neither Bitwarden nor Dashlane has.

Password Management

Password Management Passwords Data breaches Encryption

The 3 biggest cybersecurity threats to small businesses

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Trending Sources

Why SMS two-factor authentication codes aren't safe and what to use instead

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

Is Your Small Business Safe Against Cyber Attacks?

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

Cisco addresses flaws in Small Business Routers and Switches

Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack

Expert found multiple flaws in Cisco Small Business 220 series

Watch out for these 3 small business cybersecurity mistakes

Delivering simplified cybersecurity to small businesses

86 million AT&T customer records reportedly up for sale on the dark web

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

RSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposures

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Microsoft Defender vs Bitdefender: Compare Antivirus Software

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Facebook's new passkey support could let you ditch your password once and for all

Complete Guide to Cybersecurity for Small Businesses

MY TAKE: Why companies should care about 2.2 billion stolen credentials circulating in easy reach

How global threat actors are weaponizing AI now, according to OpenAI

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Legacy Authentication Protocols: Why RADIUS Is (Still) Important

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Cisco addresses a High-severity flaw in CMX Software

AI and collaboration tools: how cyberattackers are targeting SMBs in 2025

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

Kaseya obtained a universal decryptor for REvil ransomware attack

Security Affairs newsletter Round 377

3 crucial security steps people should do, but don't

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Reddit’s new AI-powered tools scan your posts to serve you better ads

U.S. Security Agencies Release Network Security, Vulnerability Guidance

What you need to know: The biggest cyber threats in 2024

5 Common Phishing Attacks and How to Avoid Them?

The Top 3 OWASP Threats Your Business Should Address Today

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

5 Data Breaches You May Have Missed

How to Use LastPass: Complete Guide for Beginners

Wyze wants to keep prying eyes away from your cameras with this new feature

Russian APT29 conducts phishing attacks through Microsoft Teams

Bitwarden vs Dashlane: Comparing Password Managers

Stay Connected