Brent Baker is the Executive Vice President of Information Technology at Rosen’s Diversified (RDI), a conglomerate of businesses in the Agriculture, Manufacturing, and Life Sciences industries. He spent time with us to share the value and security outcomes of partnering... Read More
Download PDF Incident Name: Retool August 2023 Social Engineering Attack Date of Incident: August 27th, 2023 Summary: Retool, a popular software company, announced on September 13, 2023, that it had fallen victim to a cyber attack in August 2023. According to their... Read More
Download PDF Incident Name: MGM Resorts International September 2023 Ransomware Attack Date of Incident: September 10th, 2023 Summary: On September 11th, 2023, MGM Resorts International announced that they are currently dealing with a cyber attack that is impacting their company’s systems and... Read More
Download PDF Incident Name: Kroll August 2023 SIM Swap Attack Date of Incident: August 19th, 2023 Summary: Kroll is a global company providing organizations with risk and financial solutions. On August 19th, 2023, they discovered that a T-Mobile account belonging to a... Read More
Download PDF Incident Name: Okta August 2023 Social Engineering Attack Advisory Date of Incident: August 2023 Summary: Okta, a provider of identity and authentication services, recently issued a warning to its customers regarding an ongoing, sophisticated social engineering attack that has been... Read More
Download PDF Incident Name: CoinsPaid Social Engineering Attack Date of Report: August 7th, 2023 Date of Incident: July 22nd, 2023 Summary: CoinsPaid, one of the world’s largest cryptocurrency payment providers, suffered a cyber attack on July 22, 2023, which resulted in the theft... Read More
Download PDF Incident Name: Henry Ford Health Data Breach Date of Public Report: July 18th, 2023 Date of Incident: March 3rd, 2023 Summary: Henry Ford Health is a Detroit based not-for-profit healthcare provider. On July 18, 2023, the company informed customers that it... Read More
44 Minutes of Cybersecurity Insights Picnic CEO Matt Polak joined Jeff Farinich, CISO of New American Funding, on an Audience 1st podcast hosted by Dani Woolf. With the accelerating proliferation of cyber threats, a challenge at hand involves addressing the human attack surface –... Read More
The importance of understanding and managing the human element in your organization’s security strategy cannot be overstated as the stakes rise in the cybersecurity landscape. This whitepaper explores and exposes the intersection of threat intelligence, attack surface management, and human vulnerabilities... Read More
We Got This Covered: Picnic Picnic CEO Matt Polak recently joined Tidal Cyber’s Chief Innovation Officer Frank Duff on the “We’ve Got This Covered” fireside chat series to discuss Picnic joining the Tidal Product Registry™, Picnic’s scope within the MITRE ATT&CK® framework,... Read More
Human vulnerabilities create risks to infrastructure and data, which impacts operational, legal, financial, and reputational risks. Picnic prioritizes the vulnerabilities by mapping them to external threat intelligence and target intelligence. We then mitigate these risks with automatic protection and response... Read More
Company arms the cybersecurity community with best practices aligned to NIST CSF and MITRE ATT&CK to proactively protect the human attack surface WASHINGTON, D.C., U.S., June 15, 2023 /EINPresswire.com/ — Most organizational breaches today continue to be the result of... Read More
The Threat of the Human Attack Surface Picnic CEO Matt Polak shares practical steps that businesses can take to protect themselves from ransomware, including simulating social engineering attacks, safeguarding the human attack surface, and more. The podcast also goes over 5 threats... Read More
VanishID is the first platform I’ve seen that can map threat intelligence to an organization’s employee population and proactively mitigate the risk of humancentric attacks.” — Chris Key, former Chief Product Officer of Mandiant and founder of Verodin WASHINGTON, D.C.,... Read More
Social engineers collect intelligence on human targets to develop paths for attack and compromise. Picnic’s platform emulates this external, human attack surface reconnaissance to expose Target Intelligence about an organization. Picnic pairs this unique perspective of threat actors with automated... Read More
Download PDF Incident Name: Kodi February 2023 Data Breach Date of Public Report: April 8th, 2023 Date of Incident: February 16th and 21st, 2023 Summary: Kodi is an open-source media player software provider created by the non-profit XBMC Foundation. On April 8th, 2023,... Read More
Social engineers collect intelligence on human targets to develop paths for attack and compromise. Picnic’s platform emulates this external, human attack surface reconnaissance to expose Target Intelligence about an organization. Picnic pairs this unique perspective of threat actors with automated... Read More
Threat actors leverage exposed credentials, including passwords associated with employee and contractor personal accounts, in order to power credential stuffing attacks and gain initial access to targeted infrastructure. Picnic provides visibility and continuous monitoring of breach data to identify exposed... Read More
Did you know credential compromise was the single largest source of breaches last year?* That’s why incorporating credential-stuffing security practices into your organization’s security strategy is more crucial than ever. In this webinar, we dive deep into the methods used by adversaries... Read More
Download PDF Incident Name: Activision December 2022 Social Engineering Attack and Data Breach Date of Public Report: February 27th, 2023 Date of Incident: December 4th, 2022 Summary: Activision is a video game developer most famous for creating Call of Duty and World of... Read More
Webinar with Scott Goodhart, CISO Emeritus We talk with Scott Goodhart, CISO Emeritus, on the importance of knowing your human attack surface and how to manage exposed employee data to mitigate social engineering and credential compromise risk. Read More
Most cybersecurity whitepapers start with a scary anecdote, a statistic on annual losses in the billions, some specifics on hard-hit industries or recent attack variations, and then move on to practical information. Not this one. Cybersecurity teams understand credential stuffing.... Read More
Download PDF Incident Name: Coinbase Social Engineering Attack Date of Incident: February 5th, 2023 Summary: Coinbase is an American cryptocurrency exchange platform. On February 5th, 2023, the company came under a social engineering attack in which several employees were targeted with SMS messages... Read More
Download PDF Incident Name: Reddit Feb 2023 Social Engineering Attack and Data Breach Date of Incident: February 5th, 2023 Summary: Reddit, a popular news and social media platform, announced recently that on February 5, 2023, the company suffered a data breach. The breach... Read More
