Social engineering attacks are one of the most commonly used methods for cyber criminals to gain access to sensitive data and information. Recent advances in generative AI have enabled threat actors to utilize AI-generated content to fuel these attacks, making... Read More
Download PDF Incident Name: Henry Ford Health Data Breach Date of Public Report: July 18th, 2023 Date of Incident: March 3rd, 2023 Summary: Henry Ford Health is a Detroit based not-for-profit healthcare provider. On July 18, 2023, the company informed customers that it... Read More
44 Minutes of Cybersecurity Insights Picnic CEO Matt Polak joined Jeff Farinich, CISO of New American Funding, on an Audience 1st podcast hosted by Dani Woolf. With the accelerating proliferation of cyber threats, a challenge at hand involves addressing the human attack surface –... Read More
Cybercriminals are always looking for ways to exploit the exposed personal data of high-value targets to breach companies. High-value targets (HVTs) are those individuals within an organization who have access to sensitive information or assets and have the potential to... Read More
The spotlight in the fight against cybercrime continues to be an often overlooked yet pivotal factor – the human element. A profound understanding of this dimension is vital for safeguarding digital ecosystems, and the recently published 2023 Verizon Data Breach... Read More
We Got This Covered: Picnic Picnic CEO Matt Polak recently joined Tidal Cyber’s Chief Innovation Officer Frank Duff on the “We’ve Got This Covered” fireside chat series to discuss Picnic joining the Tidal Product Registry™, Picnic’s scope within the MITRE ATT&CK® framework,... Read More
Company arms the cybersecurity community with best practices aligned to NIST CSF and MITRE ATT&CK to proactively protect the human attack surface WASHINGTON, D.C., U.S., June 15, 2023 /EINPresswire.com/ — Most organizational breaches today continue to be the result of... Read More
The Threat of the Human Attack Surface Picnic CEO Matt Polak shares practical steps that businesses can take to protect themselves from ransomware, including simulating social engineering attacks, safeguarding the human attack surface, and more. The podcast also goes over 5 threats... Read More
VanishID is the first platform I’ve seen that can map threat intelligence to an organization’s employee population and proactively mitigate the risk of humancentric attacks.” — Chris Key, former Chief Product Officer of Mandiant and founder of Verodin WASHINGTON, D.C.,... Read More
The exploitation of human attack surface data and a crucial intelligence gap According to Verizon’s 2022 DBIR report, stolen passwords and phishing were the top two techniques used by threat actors last year, accounting for around 70% of all analyzed breaches.... Read More
Download PDF Incident Name: Kodi February 2023 Data Breach Date of Public Report: April 8th, 2023 Date of Incident: February 16th and 21st, 2023 Summary: Kodi is an open-source media player software provider created by the non-profit XBMC Foundation. On April 8th, 2023,... Read More
Download PDF Incident Name: Activision December 2022 Social Engineering Attack and Data Breach Date of Public Report: February 27th, 2023 Date of Incident: December 4th, 2022 Summary: Activision is a video game developer most famous for creating Call of Duty and World of... Read More
Webinar with Scott Goodhart, CISO Emeritus We talk with Scott Goodhart, CISO Emeritus, on the importance of knowing your human attack surface and how to manage exposed employee data to mitigate social engineering and credential compromise risk. Read More
Compromised employee credentials are a major threat to any organization’s cyber security. According to Verizon’s 2022 Data Breach Investigation Report, compromised credentials were the single largest source of breaches, accounting for nearly half of them. By taking the right proactive... Read More
Download PDF Incident Name: Coinbase Social Engineering Attack Date of Incident: February 5th, 2023 Summary: Coinbase is an American cryptocurrency exchange platform. On February 5th, 2023, the company came under a social engineering attack in which several employees were targeted with SMS messages... Read More
Download PDF Incident Name: Reddit Feb 2023 Social Engineering Attack and Data Breach Date of Incident: February 5th, 2023 Summary: Reddit, a popular news and social media platform, announced recently that on February 5, 2023, the company suffered a data breach. The breach... Read More
Webinar with Dr. Max Kilger We talk with Dr. Max Kilger, Director of the Data Analytics Program and Associate Professor of Practice at the University of Texas at San Antonio, about how cybercriminals harness big data to find pathways to... Read More
Download PDF Incident Name: Riot Games Jan 2023 Date of Incident: January 20th, 2023 Summary: Riot Games is an American video game developer and publisher, most famous for the games League of Legends and Valorant. The company reported on January 20th via their... Read More
The Role of OSINT in social engineering and how to manage your human attack surface Picnic CEO Matt Polak recently joined award-winning journalist Steven Bowcut of the Brilliance Security Magazine Podcast to discuss the role of OSINT in social engineering and how to manage your human attack surface.... Read More
Picnic is excited to be featured on Startup to Follow’s list of the top startups of 2022! Check out their list of other innovative startups that are changing the world. As for us, we protect companies against all manner of... Read More
Webinar with Jim Routh In this webinar, we talk with Jim Routh, a former CSO and CISO, and current board member, advisor, and investor about the problem of social engineering for enterprises, traditional approaches and difficulties for security professionals in protecting against... Read More
Protecting People and Companies from Social Engineering Attacks Picnic is a cybersecurity firm going after an aspect of risk that the industry doesn’t spend nearly enough time talking about: attacks by social engineers. Social engineers are hackers who use public... Read More
Webinar with Robert M. Lee, Dragos Founder and CEO As traditional infrastructure has become sufficiently hardened, hackers have turned to human-hacking, or social engineering–the practice of manipulating people to get them to perform a desired action–in order to bypass security... Read More
SANS First Look Webcast with Matt Polak, Picnic Founder and CE0 An attacker needs very little other than open source intelligence (OSINT) to profile an organization or individual successfully. But OSINT can also be used to protect against social engineering. In this... Read More
