Exabeam News Wrap-up – Week of August 29, 2022

We’ll be regularly bringing you a summary of Exabeam’s key topics and headlines. Stay up to date with the Exabeam News Wrap-up!

A DoorDash Data Breach Exposes Personal Customer Data — Linked to Phishing Attacks on Twilio, Signal, Others

DoorDash is the latest victim of the hacking group dubbed “0ktapus,” which has stolen 10K employee credentials from about 130 organizations — including Twilio and Signal — this year via phishing attacks. “This is a storybook case of the damage credentials in the wrong hands can cause,” says Jeannie Warner, director of product marketing at Exabeam. “Compromised credentials are often derived from a URL in a phishing message. A carefully crafted message containing the malicious link is sent to an unsuspecting employee. As soon as it’s clicked, the cycle of information loss and damage begins. Any company should aim to nip this problem early on by identifying and alerting these malicious links.”

Women’s Equality Day: Empowering Women In Cybersecurity

Women’s Equality Day honors the pinnacle accomplishment of the women’s suffrage movement: the adoption of the 19th Amendment, giving women the right to vote. However, true equality for women still has yet to be achieved, and one area where that is highly apparent is in the tech industry. Only 26.7% of the tech workforce is female.

“In recent years, the tech industry has made substantial progress toward creating more inclusive, equitable and diverse environments,” says Gianna Driver, CHRO at Exabeam. “Representation of women has improved, but work remains to address persistent gaps within the talent pipeline: promotion rates are not equitable and women continue to lose representation at all levels of the career ladder.”

10 Tips To Empower Employee Productivity Through Flexible Work Opportunities

In this Forbes article, Exabeam CHRO Gianna Driver discusses how employers can empower employees to be more productive through flexible work opportunities. “It’s hard to find a perfect approach,” she says, “but organizations that craft inclusive policies that embrace a diverse culture and allow for flexibility while also holding employees accountable will be key to success.”

Stay tuned for the next issue of the Exabeam News Wrap-up!

Stolen credentials are a persistent problem that many organizations have yet to effectively solve. Frequently, credential-stuffing attacks occur wherein a threat actor successfully steals credentials, logs in to the environment, and moves laterally to gain higher-level access. All activities have a singular focus: to access private data or high-value assets. The MITRE ATT&CK knowledge base provides information about tactics, techniques, and procedures (TTPs) used by threat actors that can help security teams build stronger security processes.

This guide will show you five ways to leverage Exabeam’s machine learning-powered solution to detect these activities through analytics, including mapping the activities to the MITRE ATT&CK framework.