The Threat of the Human Attack Surface Picnic CEO Matt Polak shares practical steps that businesses can take to protect themselves from ransomware, including simulating social engineering attacks, safeguarding the human attack surface, and more. The podcast also goes over 5 threats... Read More
VanishID is the first platform I’ve seen that can map threat intelligence to an organization’s employee population and proactively mitigate the risk of humancentric attacks.” — Chris Key, former Chief Product Officer of Mandiant and founder of Verodin WASHINGTON, D.C.,... Read More
Social engineers collect intelligence on human targets to develop paths for attack and compromise. Picnic’s platform emulates this external, human attack surface reconnaissance to expose Target Intelligence about an organization. Picnic pairs this unique perspective of threat actors with automated... Read More
The exploitation of human attack surface data and a crucial intelligence gap According to Verizon’s 2022 DBIR report, stolen passwords and phishing were the top two techniques used by threat actors last year, accounting for around 70% of all analyzed breaches.... Read More
Download PDF Incident Name: Kodi February 2023 Data Breach Date of Public Report: April 8th, 2023 Date of Incident: February 16th and 21st, 2023 Summary: Kodi is an open-source media player software provider created by the non-profit XBMC Foundation. On April 8th, 2023,... Read More
Social engineers collect intelligence on human targets to develop paths for attack and compromise. Picnic’s platform emulates this external, human attack surface reconnaissance to expose Target Intelligence about an organization. Picnic pairs this unique perspective of threat actors with automated... Read More
Did you know credential compromise was the single largest source of breaches last year?* That’s why incorporating credential-stuffing security practices into your organization’s security strategy is more crucial than ever. In this webinar, we dive deep into the methods used by adversaries... Read More
Download PDF Incident Name: Activision December 2022 Social Engineering Attack and Data Breach Date of Public Report: February 27th, 2023 Date of Incident: December 4th, 2022 Summary: Activision is a video game developer most famous for creating Call of Duty and World of... Read More
Most cybersecurity whitepapers start with a scary anecdote, a statistic on annual losses in the billions, some specifics on hard-hit industries or recent attack variations, and then move on to practical information. Not this one. Cybersecurity teams understand credential stuffing.... Read More
Compromised employee credentials are a major threat to any organization’s cyber security. According to Verizon’s 2022 Data Breach Investigation Report, compromised credentials were the single largest source of breaches, accounting for nearly half of them. By taking the right proactive... Read More
Download PDF Incident Name: Coinbase Social Engineering Attack Date of Incident: February 5th, 2023 Summary: Coinbase is an American cryptocurrency exchange platform. On February 5th, 2023, the company came under a social engineering attack in which several employees were targeted with SMS messages... Read More
Download PDF Incident Name: Reddit Feb 2023 Social Engineering Attack and Data Breach Date of Incident: February 5th, 2023 Summary: Reddit, a popular news and social media platform, announced recently that on February 5, 2023, the company suffered a data breach. The breach... Read More
Written by Karen Walsh Phishing scams and other social engineering attacks work because cybercriminals use people’s digital footprints against them. Threat actors scrape social media and the internet, looking for insights about people. Cybersecurity awareness training programs, however, rarely teach people... Read More
Cybercriminals do what they do for money. According to the 2022 Data Breach Investigations Report, 96% of data breaches were caused by external actors motivated by financial or personal gain. In order to maximize their return on investment, these cybercriminals take... Read More
What you’ll learn: What social engineering is Why social engineering matters Which organizations should be concerned Which individuals should be concerned Why current solutions fail to stop attacks How to evaluate potential solutions How Picnic works and how it’s different... Read More
The Role of OSINT in social engineering and how to manage your human attack surface Picnic CEO Matt Polak recently joined award-winning journalist Steven Bowcut of the Brilliance Security Magazine Podcast to discuss the role of OSINT in social engineering and how to manage your human attack surface.... Read More
Social engineers collect intelligence on human targets to develop identity paths for attack and compromise. Picnic emulates this external, human attack surface reconnaissance to provide customers with Target Intelligence about their organization seen from the perspective of threat actors. Picnic’s... Read More
Every day, people follow a set of digital routines. Some people read the news online while drinking their morning coffee. Others check their work email from their smartphone. Still others log into social media to see what’s going on with... Read More
Picnic is excited to be featured on Startup to Follow’s list of the top startups of 2022! Check out their list of other innovative startups that are changing the world. As for us, we protect companies against all manner of... Read More
Exploitation through easily accessible sensitive personal information is the single largest threat to companies and their people today. It’s how nearly all cyber-attacks begin and is at the root of all manner of human and organizational compromise. In this article,... Read More
DOWNLOAD E-BOOK Exploitation through publicly available information is the single largest threat to companies and their people today. Known as Open-Source Intelligence, or OSINT, this public data reveals to hackers how they can compromise human targets via social engineering attacks and defeat... Read More
Protecting People and Companies from Social Engineering Attacks Picnic is a cybersecurity firm going after an aspect of risk that the industry doesn’t spend nearly enough time talking about: attacks by social engineers. Social engineers are hackers who use public... Read More
SANS Cyber Solutions Fest ’22 Webinar with Jim Somborovich, Cybersecurity Leader and Veteran (USMC) SOC teams have historically not had adequate visibility of the public data footprint of their organization and its people beyond the firewall. This lack of visibility,... Read More
SANS Blue Team Summit ’22 Webinar with Manit Sahib, Picnic Director of Global Threat Intelligence More than 90% of all cyberattacks start with social engineering campaigns which are specifically crafted from users’ OSINT. Security teams have historically not had adequate... Read More
