In the response to the news that Tumblr breach that now has 65 million passwords for sale on the DarkWeb, Leo Taddeo, CSO, Cryptzone commented below.
Leo Taddeo, CSO, Cryptzone:
The sale of large sets of stolen social media credentials should concern all cybersecurity professionals because the data is often used to mount highly effective spearphishing campaigns. As we know from the Verizon Data Breach Survey and other reports, spearphishing is one of the most common vectors for stealing valid credentials and injecting malware into hosts.
For network defenders, one of the most effective countermeasures to malware and malicious use of valid credentials is segmentation. AppGate is a highly effective and efficient tools to isolate internet-facing portions of a network, such as workstations, from highly sensitive internal network resources, such as databases and servers.