I have been writing about Cybersecurity for the Mortgage Industry, and in my first post, I explained a myriad of problems trying to get a home loan. One of the issues was that neither the bank nor I could get a copy of my tax transcripts from the IRS. Anyone in the US knows who that is. If you are not in the U.s. replace IRS with whatever your federal tax authority is if they offer login services to view an account. However, most of this post applies only to people paying taxes in the United States.

I have never…

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches & Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab Updates

_____________________________________________

We need more data to prevent cyberattacks

Once again, while reviewing the data breach reports this week, many do not have adequate information to help prevent future attacks. Here’s more detail.

2nd Sight Lab Cybersecurity news blog changes

We have a new look! In addition, the report will cover news through Sunday each week. If you want to get the report as soon as it comes out, join Medium and follow…

This past week I’ve been busy with more consulting calls, but I’ve also been inundated with issues related to my new office (in my house). If you’ve ever purchased a historic 100-year building or watched This Old House, you may have some idea what I’m going through. The room where I plan to be making videos has a cracking beam and is adjacent to a different room with a separate issue causing a sinking floor.

Upon review by multiple foundation companies, HVAC, electricians, structural engineers, contractors, and plumbers on the way, I’m starting to formulate a plan to address all…

Each week I compile the data breaches from the past week and try to determine sources of attack. This week, 2nd Sight Lab is changing the schedule of the updates to come out on Monday for the week prior. Looking at the past week’s news and compiling a list of the data breaches reported from many sources, the information is still not helpful in many cases from a defensive perspective. Simply stating that a company had a breach and attackers got in does not tell us much.

Most of the reports do not help other companies prevent similar attacks because…

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches & Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab News

_____________________________________________

Someone read Cybersecurity for Executives in the Age of Cloud and asked me to prepare a presentation for a university on getting into security. I agreed! I get too many requests to present and perform work for free but I try to give back when I can. So many universities have new cybersecurity programs that didn’t exist when I got my masters degree so I’ll make a video that can be…

A news organization that wanted to know if any of our clients were affected by the Kaseya breach contacted me recently. I had to explain that although I have helped a few companies determine the cause of a security incident in the past and that is how I got into security, 2nd Sight Lab focuses on defending against data breaches and attacks rather than incident response. We most often perform preventative security services.

I am certified in malware analysis and reverse engineering. Those skills help me analyze malware analysis reports and devise prevention strategies. But as I’ve written about before…

2nd Sight Lab | Cybersecurity | Vulnerabilities | Malware | Threat Reports | Breaches & Attacks | Cost of a Data Breach | Laws & Legal | Investments

2nd Sight Lab News

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

If you like this blog, please give some claps, follow, or pass it on. Thanks! 👏

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Catch a few blog posts from 2nd Sight Lab this week. First up is a story about trying to report a system problem and the resulting rabbit hole.

A related post explains problems with mortgage and real estate industry portals and how that leads to increased cybersecurity risk.

AWS asked…

Modern mortgage applications typically require potential customers to log into a portal, create a username and password, and submit information online. Typically the first part of the application is brief, followed up with supporting documentation. As explained in part 2 of this series on mortgage industry security, the amount of paperwork if you run a small business can be monumental. But in any case, applications typically require personal financial and tax information.

Having a secure portal is much better than sending documents by email, as I will explain. However, throughout the process of attempting to get a mortgage and buy…