BIO:

CEO, YouAttest.com

Articles and Comments By Garret F. Grajek

Expert Commentary
97% Of Top Universities Can't Secure Email Domains – Expert Comments
August 04 , 2022 by Garret F. Grajek
Higher education isn't the only sector at risk from email attack. The US Cybersecurity & Infrastruct...
Expert Commentary
Neopets Data Breach Exposes Personal Data Of 69 Million Members
July 22 , 2022 by Garret F. Grajek
“The fact that NeoPets, a site on no one’s identity hit list, got attacked should be a warning t...
Expert Commentary
AiTM Phishing Campaign Targets +10,000 Orgs Since 2021 - Expert Comments
July 15 , 2022 by Garret F. Grajek
“Phishing is still the #1 attack vector with identities being their primary target. An identity i...
Expert Commentary
NFT Giant OpenSea Reports Major Email Data Breach
July 01 , 2022 by Garret F. Grajek
“The world of crypto is already know for massive fraud and theft. The practice and procedures enac...
Expert Commentary
Kubernetes API: Over 900,000 Exposures Found Across The Internet
June 29 , 2022 by Garret F. Grajek
Misconfigurations are the key attack vector in which hackers are penetrating and staying resident in...
Expert Commentary
Russian Botnet Disrupted In International Cyber Operation – Expert Comments
June 20 , 2022 by Garret F. Grajek
Botnets are a major international concern - and one of the major problems facing internet availabili...
Expert Commentary
24 Billion Usernames And Passwords Found On The Dark Web
June 17 , 2022 by Garret F. Grajek
Identities are the true hackers objective. A username/password tuple can be attempted at not just th...
Expert Commentary
API Calls Expose 770M Logs With GitHub, AWS, Docker Tokens In Travis CI Logs
June 16 , 2022 by Garret F. Grajek
It is a false assumption that code and agents we implement in our enterprises are safe from malware....
Expert Commentary
IRS "Dirty Dozen" Warns Tax Pros And Businesses Of Spear Phishing
June 14 , 2022 by Garret F. Grajek
Phishing has become the #1 way to penetrate both user and corporate devices. The ease with which the...
Expert Commentary
What Are Top Threats To The Cloud Computing?
June 13 , 2022 by Garret F. Grajek
There is no question there is a crisis in cloud administrative privileges. The Palo Alto Unit 42 sur...
Expert Commentary
Why Shields Health Care Group Suffers Data Breach? Expert Weighs In
June 08 , 2022 by Garret F. Grajek
The key to remember here is the collaboration and integration of hacking components and groups. One...
Expert Commentary
Evasive Bots Driving Online Fraud: 2022 Report
May 22 , 2022 by Garret F. Grajek
It should alarm anyone who is involved in IT that 28% of the global resources for handling web traff...
Expert Commentary
Tesla “Phone-as-a-Key” Passive Entry Vulnerable To Relay Attacks – Expert Comments
May 18 , 2022 by Garret F. Grajek
Software has as many holes controlling a h/w device as it does controlling a s/w appliance like a we...
Expert Commentary
Kaspersky: 9 Of 10 Orgs Previously Hit With Ransomware Would Pay If Targeted Again
May 17 , 2022 by Garret F. Grajek
The fact that 88% of businesses would choose to pay the ransomware shows that the IT security commun...
Expert Commentary
Google & Other RTB Companies Behind 'Biggest Data Breach Ever Recorded'
May 17 , 2022 by Garret F. Grajek
Data is the new coal - furnacing the most important world industry - commerce. How this data is coll...
Expert Commentary
FBI, CISA, And NSA Warn Of Hackers Increasingly Targeting MSPs
May 12 , 2022 by Garret F. Grajek
This should be no surprise to those who follow CyberSecurity. The hackers go where the gold is. The...
Expert Commentary
Lincoln College To Close Permanently After Cyberattack – 5 Cyber Experts Comment
May 12 , 2022 by Garret F. Grajek
Identities are the \"gift that keeps on giving\" to hackers. And schools (like hospitals, government...
Expert Commentary
31,000 FTSE 100 Logins Found On Dark Web
May 11 , 2022 by Garret F. Grajek
This is a serious breach. There are most likely identities that include users w/ privileged access -...
Expert Commentary
HHS Information Security Program 'Not Effective'
May 06 , 2022 by Garret F. Grajek
The negative report on the state of security for the HHS is indicative of a larger problem and belie...
Expert Commentary
Grindr User Data For Sale, Expert Reaction
May 02 , 2022 by Garret F. Grajek
In America we haven\'t even touched the level of data privacy and data governance that the Europeans...
Expert Commentary
Q1 Reported Data Compromises Up 14% Over 2021
April 15 , 2022 by Garret F. Grajek
The report confirms what everyone already knew - cyberattacks have become one of the major concerns...
Expert Commentary
CISA Alert - ICS Best Practices Against Known Russian Cyber Actors
March 28 , 2022 by Garret F. Grajek
CI (Critical Infrastructure) is under attack by the Russians and other concerns. The new recommendat...
Expert Commentary
Mobile App Data Found Exposing API’s & Data In 1,000’s Of Cloud Databases
March 18 , 2022 by Garret F. Grajek
APIs are everything in modern software. Processes talking to process is how most new software is con...
Expert Commentary
QNAP Warns Severe Linux Bug Affects Most Of Its NAS Devices
March 16 , 2022 by Garret F. Grajek
The vulnerability \"Dirty Pipe\" is all about gaining local access for the purpose of privilege esca...
Expert Commentary
What Caused The Ransomware Attack On Toyota? Experts Insight
March 15 , 2022 by Garret F. Grajek
Supplier attacks are real - and effect not just the supplier but the full chain of customers. Attack...
Expert Commentary
“noVNC” Allows MFA Bypass. Expert Reaction
February 24 , 2022 by Garret F. Grajek
The key takeaway is the 2FA is not the cure all. There is no question that 2FA helps in securing aga...
Expert Commentary
"LinkedIn" Phishing Attacks Up 232% In Feb
February 17 , 2022 by Garret F. Grajek
Hackers have been using social engineering to hack systems since the first hackers guessed at user\'...
Expert Commentary
$100K Bounty To Hack ExpressVPN – YouAttest Comments
February 10 , 2022 by Garret F. Grajek
Impressive pro-active \"bug bounty\" policy by ExprssVPN to insure security of their product. Given...
Expert Commentary
Vodafone Portugal Mobile & TV Brought Down By Cyberattack
February 09 , 2022 by Garret F. Grajek
Communications are one of the 16 components of the US CISA Critical Infrastructure component - secto...
Expert Commentary
Cybersecurity Experts React To DHS Launches Cyber Safety Review Board
February 07 , 2022 by Garret F. Grajek
I am positive the CSRB will have many references to identities and the unfortunate sloppy way they a...
Expert Commentary
Iranian Charming Kitten Adds PowerShell Back Door
February 03 , 2022 by Garret F. Grajek
The fact that this Irananian-based hack has previously attacked US and allies medical facilities is...
Expert Commentary
Red Cross Hack Leaks Data Of 515,000 Vulnerable People
January 21 , 2022 by Garret F. Grajek
There is no honor amongst thieves - and that phrase is more than apt to the modern hackers.  Identi...
Expert Commentary
Europol Seizes Black Market VPN
January 19 , 2022 by Garret F. Grajek
The alarming progression in hacking has been the specialization and federation of duties of the hack...
Expert Commentary
Belarusian Intelligence Behind Ukrainian Government Website Cyber Attacks
January 17 , 2022 by Garret F. Grajek
If there is any proof needed that cyberwarfare is now as much part of warfare as bullets and tanks -...
Expert Commentary
Windows RDP Bug Opens Users To Data Theft
January 14 , 2022 by Garret F. Grajek
This windows pipe service attack (TSVCPIPE) is conducting the standard attack sequence hackers take...
Expert Commentary
New RAT Targeting AWS, Azure
January 13 , 2022 by Garret F. Grajek
The fact that the hackers are constantly modifying their C2 (command-and-control) centers with DuckD...
Expert Commentary
Google Drive Top App For Malware Downloads
January 12 , 2022 by Garret F. Grajek
The fact that more than half of the managed cloud attacks are still password/credential hacks shows...
Expert Commentary
Ransomware Shuts Down Albuquerque Government
January 07 , 2022 by Garret F. Grajek
No company, county or organization is too obscure or too off-the-beaten path for the attackers. To t...
Expert Commentary
What Experts Say On Critical Log4j Vulnerability?
December 15 , 2021 by Garret F. Grajek
The industry should applaud CyberReason for their mitigation gift to the community. Flaws like Log4S...
Expert Commentary
Planned Parenthood LA breached, Experts Weigh In
December 06 , 2021 by Garret F. Grajek
There is not honor amongst thieves. This has been shown by Tardigrade malware released upon the vacc...
Expert Commentary
IKEA Suffering Ongoing "Reply-Chain" Email Attack
December 01 , 2021 by Garret F. Grajek
Another example of the constant scanning and probing of our enterprises. Every vulnerability will be...
Expert Commentary
Commentary On The Return Of Emotet
November 17 , 2021 by Garret F. Grajek
Device attacks are the most common way into an enterprise. By compromising an end user’s device, m...
Expert Commentary
90% Of IT Execs Are Embracing SASE Migrations
November 17 , 2021 by Garret F. Grajek
SASE solutions along with CASB and ZTNA are gaining popularity as they offer better security and per...
Expert Commentary
New BotenaGo Botnet With 30+ Exploits Targets Millions Of IoT Devices
November 15 , 2021 by Garret F. Grajek
The  malware, BotenaGo, is a unfortunate example of why enterprises must be practicing zero trust i...
Expert Commentary
State Hackers Breach Nine After CISA Alert Warns Of Exploits
November 09 , 2021 by Garret F. Grajek
The ADSelfService attack is another example of hackers using zero-day vulnerabilities to insert malw...
Expert Commentary
Robinhood Data Breach - Expert Comments
November 09 , 2021 by Garret F. Grajek
Data breaches are the outcome of the constant scanning, exploring and probing that are being done on...
Expert Commentary
3 Experts- CISA Requires Agencies To Patch Known Exploited Vulnerabilities
November 04 , 2021 by Garret F. Grajek
CISA\'s  Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploite...
Expert Commentary
FBI Warns Ransomware Actors Using Financial Events, Stock Valuation To Target Companies, Experts Weigh In
November 03 , 2021 by Garret F. Grajek
Reconnaissance is a key part of any malware attack - be it a data exfiltration attack on an enterpri...
Expert Commentary
Sinclair TV Confirms Cyber Attack – Expert Comments
October 19 , 2021 by Garret F. Grajek
Penetration of all our key systems, water, energy, transportation and media is a grave concern for w...
Expert Commentary
MysterySnail RAT Uses MSoft Zero-day – 3 Experts Comment
October 13 , 2021 by Garret F. Grajek
Zero-day privilege escalation penetration attacks should be a primary concern to all security person...
Expert Commentary
Compromised Identities Deliver Malware Into AWS - Shared Assessments & YouAttest Comment
October 12 , 2021 by Garret F. Grajek
Identities are the source most hacks. Though clearly stated in every security guidance that enterpri...
Expert Commentary
Ransomware Hits US Grain Supply Again – 5 Cyber Experts Comment
October 08 , 2021 by Garret F. Grajek
The world\'s infrastructure and supply chains are at risk. The state actors have been probing each o...
Expert Commentary
4 Experts - Atom Silo grp Attacks Confluence Servers
October 06 , 2021 by Garret F. Grajek
The key point in this attack is that there is no novelty in the actions of the attacker once the sit...
Expert Commentary
Senate Bill Requires Critical Infrastructure Organisations To Report Cyberattacks - Security Expert Comments
September 30 , 2021 by Garret F. Grajek
The CISA is in information gathering mode. By requiring all most organizations to report incidents o...
Expert Commentary
4 Experts Comment - Deloitte Calls For Integration Of Cybersec And ERM Functions At Federal Agencies
September 27 , 2021 by Garret F. Grajek
Nothing has been more in the news of late than cyber security and the attacks on all domains, especi...
Expert Commentary
Malicious URLS Slipping Past Security Vendors, Experts Weigh In
September 23 , 2021 by Garret F. Grajek
VirusTotal is the industry method of validating the efficacy of the various vendors who work to dete...
Expert Commentary
MoD Shares Afghanistan Interpreter’s Emails & PII
September 22 , 2021 by Garret F. Grajek
No better story that exemplifies that data is life - and lives are at stake. Like the Colonial pipel...
Expert Commentary
Marketron Suffers BlackMatter Attack, Shuts Down All svcs. – 5 Experts Comment
September 21 , 2021 by Garret F. Grajek
It\'s not just the health care and financial sectors that are at risk from cyberattacks. The scannin...
Expert Commentary
Deloitte Poll: C-suite Expects Ransomware Uptick But Orgs. Aren’t Trained – 5 Cyber Experts Respond
September 15 , 2021 by Garret F. Grajek
There is no board that is NOT aware of the cyber threats and attacks on enterprises.  Where they mi...
Expert Commentary
New SOVA Android Trojan Promises the Moon, Experts Insight
September 14 , 2021 by Garret F. Grajek
With the growth of mobile banking and 69.3% of millennials doing most of their banking on mobile - t...
Expert Commentary
WFH Is A Cybersecurity "Ticking Time Bomb", Expert Weighs In
September 10 , 2021 by Garret F. Grajek
Every new access method, user pool and technology adds attack vectors and vulnerabilities to hackers...
Expert Commentary
TeamTNT Hacking For Crypto - Using Open Source Attacks, Experts Weigh In
September 09 , 2021 by Garret F. Grajek
XMR (Monero) is a hot coin - and hackers will be wanting to mine this coin. Monero is THE choice of...
Expert Commentary
Chase Bank Leaks Web & Mobile User Data
August 19 , 2021 by Garret F. Grajek
The key to identity and data security is proper practices and procedures. These are outlined in the...
Expert Commentary
100 Million User T-Mobile Breach? – Multiple Comments
August 17 , 2021 by Garret F. Grajek
Enterprise needs to be aware that hackers are constantly scanning our sites and resources for weakne...
Expert Commentary
MITRE Releases List of Top 25 Bugs, Experts Weigh In
July 23 , 2021 by Garret F. Grajek
At a quick glance, 9 of the top 25 current software security weaknesses involved identities in some...
Expert Commentary
1,000 GB of Resident’s Data Exposed and Experts Reaction
July 22 , 2021 by Garret F. Grajek
Enterprises that store PII (Personal Identifiable Information) and PHI (Personal Health Information)...
Expert Commentary
Expert Comment on Joint Advisory Around Russian Military Hackers Compromising Passwords
July 05 , 2021 by Garret F. Grajek
It\'s heartening to know that the officials at the top of the western nations are finally taking thi...
Expert Commentary
South Korean Nuclear Institute Attacked By North Korea Hacking Group
June 22 , 2021 by Garret F. Grajek
Colonial Pipelines was the \"canary in the coal mine\" for the rest of the world to understand how v...
Expert Commentary
NATO to Consider Military Response to Cyberattacks – 3 Defense & Cyber Experts Comment
June 16 , 2021 by Garret F. Grajek
The Brussels Communique is logical statement because cyber-attacks are similar to armed attacks in t...
Expert Commentary
NY City Law Dept Computer Systems Hacked & Shut Down – Experts Comment
June 09 , 2021 by Garret F. Grajek
Enterprises have to understand all sites on the internet are constantly being scanned. Of course th...
Expert Commentary
Experts React: White House Open Letter To Companies Re Ransomware
June 04 , 2021 by Garret F. Grajek
The White House is calling for immediate actions enterprises should take to mediate the risk of ran...
Expert Commentary
Experts React: On JBS Foods Hack Must Prompt Supply Chain Cyber Protection
June 02 , 2021 by Garret F. Grajek
Though the details of the JBS attack are not out, it\'s a pretty safe bet that the method of intrusi...
Expert Commentary
Rapid7 Says Source Code Accessed In Codecov Supply Chain Breach
May 17 , 2021 by Garret F. Grajek
This hack of Codevoc shows us that the Supply Chain hack that affected SolarWinds and their customer...
Expert Commentary
CaptureRx US Healthcare Co. Attack Exposes Patient PHI
May 11 , 2021 by Garret F. Grajek
All PHI, Personal Health Care information falls under HIPAA guidance. There are stated rules of prac...
Expert Commentary
Experts Insight On US Pipeline Shut After Cyberattack
May 11 , 2021 by Garret F. Grajek
The effects of this attack are serious enough: stopping 2.5 million barrels per day of refined produ...
Expert Commentary
44% of Orgs. Report Breaches Due to 3rd Parties, 74% Cite Privileged Access
May 05 , 2021 by Garret F. Grajek
It’s important to remember that the attack mechanisms hackers are using are not all new. They succ...
Expert Commentary
Experian Leaked Consumer Credit Scores – Expert Commentary
April 30 , 2021 by Garret F. Grajek
Brian Krebs once again did a great service to the IT security industry by revealing the flaw in the...
Expert Commentary
77% of Q1 Ransomware Attacks Threaten Exfiltration – Experts Reaction
April 29 , 2021 by Garret F. Grajek
Ransomware is just the same distribution of malware as many other attack types, utilizing the same a...
Expert Commentary
Expert Insights: Dir Nat'l Intelligence Releases Annual Threat Assessment Thursday
April 16 , 2021 by Garret F. Grajek
The message is serious because the situation is serious. My fear as an identity professional for 30...
Expert Commentary
Experts Insight On Facebook Data Leak
April 06 , 2021 by Garret F. Grajek
What is easy to miss when we see a breach of this magnitude of a global corporation is that the hack...
Expert Commentary
Fake Icon Delivers NanoCore Trojan – Experts Perspectives
March 12 , 2021 by Garret F. Grajek
There is nothing new about hackers hiding payloads inside of images. Steganography, the practiced of...
Expert Commentary
CEOs Comments On Report: Rise In Healthcare Attacks
February 19 , 2021 by Garret F. Grajek
The attack on medical institutions for health care identity data has reached crisis proportions. The...
Expert Commentary
Experts Reaction On Kia Motors Suffers Ransomware Attack
February 19 , 2021 by Garret F. Grajek
The alert warns a \"HUGE\" amount of data was exfiltrated from Kia Motors America.   This is usual...
Expert Commentary
Malvertisers Redirecting To Scam Sites Via Browser Zero-day
February 17 , 2021 by Garret F. Grajek
It\'s important to note that the malware that is being implanted into these browsers can also contai...
Expert Commentary
Singtel Cyberattack Via 3rd Party Accellion File Sharing System – Experts Perspective
February 12 , 2021 by Garret F. Grajek
The key here is to note that hackers are usually INSIDE the enterprise, undetected for a long time....
Expert Commentary
Experts Reaction On 2021 Credential Stuffing Report Highlighting Poor Security Practices
February 11 , 2021 by Garret F. Grajek
The report states: ‘Organizations are also poor at detecting breach attempts: median time to disco...