Making Sense of Security 5 Cyber Safety Tips

5 Cyber Safety Tips

With October being Cyber Awareness Month, there s much that people need to know to stay safe online. Especially on social media. It’s more than not sharing any financial information. You need to protect your private data! Here are 5 simple Cyber Safety tips to help you stay secure. Get your copy of these tips to share now. NEVER Share Your Password! Keep your passwords secure. Change passwords often. 2. Post Carefully to Social Media Remember: Internet posts stay there forever. Especially with screenshots. 3. Be Careful Browsing the Internet One careless click can expose your sensitive information. Think before you click! 4. Use Caution Downloading Avoid downloading suspicious apps or software. It may result in malware. 5. Use...

Making Sense of Security Online Safety Tips

7 Best Online Safety Tips

Best 7 Online Safety Tips Video for Cybersecurity Awareness Month October is National Cybersecurity Awareness Month. Here are some basic online tips from Making Sense of Security to keep your digital activity safe. Don’t Give Out Personal Information Avoid online phishing attempts by keeping your personal information private. Don’t give out your phone number, social security information, or banking info to someone you don’t know. Create Complex Passwords Create passwords with a combination of letters, numbers, and symbols. Consider using password managers to create and keep track of your passwords. Check Website Reliability Before purchasing anything on a website ensure that it’s safe. You can do this by checking if it has a small lock icon or “https” before...

National Cybersecurity Awareness Month October - Making Sense of Security

National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month October is National Cybersecurity Awareness Month. Cybersecurity applies to the measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack.  Here we at Making Sense of Security provide a few simple measures to help you stay safe in the digital world.  BASIC CYBERSECURITY BEST PRACTICES: MAKE A UNIQUE AND LONG PASSWORDThe Longer your password, the more complex it can become for hackers to crack. A strong password is at least 12 characters long. Focus on multiple characters that you like to think about and are easy to remember. Make sure you use more letters than numbers. Also include symbols [email protected]#$%^&*?>. BE CAUTIOUS OF WIFI HOTSPOTS  Public...

email phishing scams

5 ways businesses can avoid phishing scams online

The concept of phishing is gaining immense popularity during the Covid-19 pandemic. People, by and large, are becoming victims of such fraudulent activities. Therefore, we have come up with 5 ways businesses can avoid getting trapped with emails that are meant to deteriorate their online identity. Based on recent Phishing records, almost 90 percent of companies have encountered spear phishing attacks...

...

how to tell if its a fake website or hack

Website or hacker trap? Here’s how to tell

How to know if the website is a hack According to defectors, North Korea’s cyber army has about 7,000 hackers. Their job is to wreak havoc on the country’s enemies. Recently, North Korean hackers targeted cybersecurity researchers in the U.S. North Korean hackers set up a fake cybersecurity company called SecuriElite. They also created fake social media accounts on Twitter and LinkedIn. Their goal was to trick cybersecurity experts into visiting the fake company website. The website was booby-trapped with malware that exploited the victim’s browser. The website claims the company is an offensive security company located in Turkey. The hackers created a blog and profiles on websites to build trust with their targets. Their goal was to attack...

how to protect against ransomware

5 Great Tips To Learn How To Protect From Ransomware

5 Great Tips To Learn How To Protect From Ransomware Every business owner and worker needs to learn how to protect from ransomware attacks. Ransomware is malicious software used by hackers to access and encrypt computers and computer networks. As the owner of the device or computer network, the encryption locks you out until you pay the demanded ransom. Only after you have paid are you allowed access to your device or network. Ransomware gets into your device or network in many different ways. However, social engineering is the most common. This means that the hackers study their targets and send them ransomware as genuine links or information. In businesses, which are the most common targets of ransomware attacks, hackers...

REvil Ransomware call victim

REvil Ransomware Now Helps with Extortion by Offering to Call the Victim’s Contractors and the Media

The bad guys are going to great lengths to ensure they make their money. As part of its Ransomware-as-a-Service, REvil is now expanding its services to aid in the extortion phase. REvil/Sodinkibi has been a major player in the RWaaS market, providing its’ affiliate bad guys with functional ransomware malware and a payment site. They are relying on the affiliate to attack, infiltrate, and compromise the victim networks in order to deploy the ransomware. This split of duties brings REvil somewhere between 20-30% of the ransom, with the affiliate taking the remainder home. So, it’s mutually beneficial to both parties that the ransom first, be paid and second, be as much as possible. The exfiltrating of data and extorting...

New Release: 2021 Remote Workforce Security Report

Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Key findings include: Almost three-quarters of organizations are concerned about the security risks introduced by users working from home; despite these challenges, 86% are likely to continue supporting remote work in the future. Key security challenges cited include user awareness and training (57%),home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%). The applications...

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International Development (DfID), and was responsible for international programs in Africa and APAC. In her upcoming speech to Queen’s University Belfast, she will highlight the recent SolarWinds hack on US government agencies, and the Microsoft Exchange zero-day vulnerability as current real-world examples. In a highlight from her speech, she talks about the growing threat of ransomware and how it is affecting public schools/universities. She will...

prevent malware

A Discussion on How to Prevent Ransomware Attacks

Is your PC shielded against ransomware assaults? Ransomware is a kind of malware (vindictive programming) which crooks use to extract money. It holds info to payoff with encoding or by keeping clients locked from their gadgets. This article shows you everything to know on how to prevent ransomware attacks. We investigate the various approaches to shield your PC and your information from ransomware assaults. Pernicious programming that utilizes encoding to hold information for delivery has gotten fiercely effective in the most recent couple of years. The reason for this product is to blackmail cash from the casualties with guarantees of re-establishing encoded information. Like other PC infections, it finds its way onto a gadget by exploiting a security opening...

Billions of Spoofed Emails

Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday

In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday. Even though email is still the oldest form of online communication, it is still the go-to platform for cybercriminals to attempt to infiltrate. According to the report by Vailmail, “80% of all email inbox providers do DMARC check on inbound emails”. And with the pandemic, COVID-19 has been the key target for recent malicious email activity. Especially since your organization is still working remote. Since the increase enforcing of Domain-based Message Authentication, Reporting and Conformance (DMARC), a report from Vailmail found that there is still an influx of spoofed email messages. Despite this...

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn. An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author. Updated on 07/04: We updated our personal data leak checker database with more than 780,000 email addresses associated with this leak. Use it to find out if your LinkedIn profile has been scraped by the threat actors. The four leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor, including their full names, email addresses, phone numbers, workplace information,...

Android mobile phone monitoring tracking spy

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices. “Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT,” the researchers write. “This Dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the evaluation period successfully and changes the payload dropped from a non-malicious payload to the AlienBot Banker and MRAT.” The malicious apps posed as VPNs or audio apps. Once the malware was installed, it would gain access to the device’s banking apps. “The AlienBot malware family is a Malware-as-a-Service (MaaS) for Android devices...

Ransomware Attacks Are Growing More Costly and Effective by the Day

Ransomware Attacks Are Growing More Costly and Effective by the Day

The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game. We love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report from threat intelligence firm Group-IB entitled Ransomware Uncovered 2020-2021 sheds some much needed light on the current state of not just attacks, but the specific methods and techniques used in today’s ransomware attacks. According to the report: The average ransom in 2020 was $170,000; up from $80,000 in 2019 The average dwell time on a victim network was 13 days The average downtime resulting...

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem. From Services to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships to cybercrime and connections really are. It’s worrisome when your organization comes under cyberattack in the first place. ...

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities? On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange....

Android phone ransomware

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users To live our digital lives to the fullest, we rely on a variety of technologies to support our online activities. And while some apps and devices are meant to make certain tasks more convenient or provide us with greater security, others simply offer a false sense of security and could potentially lead to online misfortune. One such platform is SuperVPN. While users may applaud themselves for using a VPN to protect their privacy, this Android app is unfortunately spilling their secrets without their knowledge. ...

How Does Ransomware Spread Globally? Through Malware.

How Does Ransomware Spread Globally? Through Malware.

Ransomware is a type of malware that involves encrypting a company’s or individual’s useful data or blocking users from accessing their computer systems in exchange for a given amount of money. Cybercriminals are always on the look-out for creatives means for getting a hold of your data so that they can have them at ransom. Every day you hear of someone’s account being hacked. But, how does ransomware spread? You ask yourself. It is a common question that most people ask and wonder, especially when the attack strikes. This article delves into seven common ways through which Ransomware has and still manages to spread globally. They include the following. Email Attachments Email is a common avenue for ransomware transmission....

Cyber Insurance is might not Cover that $6 Million in Cyber Fraud

Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.

The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout.  In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that took the company for $6 million. RealPage processed their credit card transactions through a third-party processor, Stripe. Stripe fell victim to an impersonation attack where cybercriminals gained control over a RealPage user’s credentials and convinced Stripe to modify the disbursement instructions to point to a bad guy-controlled bank account. In total, $10 million was sent to the fraudulent account, with $4 million recovered. In...

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of phishing emails impersonate trusted brands (with Microsoft continuing to top the list). This breaks down in the following manner: Brand display impersonation (62.6%)– where the display name looks to be UPS, Microsoft, Amazon, etc. Individual display name impersonation (22.1%) – where the display name represents...

88% Of Data Breaches Are Caused By Human Error

88% Of Data Breaches Are Caused By Human Error

A brand new report confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. The study was done by  Stanford University Professor Jeff Hancock and security firm Tessian. The study “Psychology of Human Error” highlighted that employees are unwilling to admit to their mistakes if organizations judge them severely. Understanding the psychology behind human errors helps organizations to know how to prevent mistakes before they turn into data leaks. According...

Cybersecurity: Hacking Proprietary Protocols with Sharks and Pandas

Cybersecurity: Hacking Proprietary Protocols with Sharks and Pandas

There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world all around us is a battle between good and evil.  In cybersecurity if the “evil” side understands or pays more attention to a technology than the “good” side, we see a spike in cyber-attacks. The human race commonly fears what it doesn’t understand.  In a time of war, this fear is even greater if one side understands a weapon or technology that the other side does not. This course of events demands that both offensively and defensively minded “good guys” band together to remove the unknown from as much technology as possible. One of the most common unknown pieces of technology in...

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year prior. Types of attacks that have been reported are centered around phishing or malware. It’s very concerning that cybercriminals are attempting to steal personal data. If successful, it can be very costly to you and your organization. The report also detailed specifics, including 1,173 reports of data leaks which tactics are used to steal personal data. 2019 compared to the previous year alone was...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime in quite a while. This method of tricking a carrier and anyone using a phone number as a form of authentication is accomplished by swapping out the legitimate SIM of the victim with one controlled by the criminal to take over the mobile number of their target. Once in control of the mobile phone number, it becomes far easier to reset passwords, gain access...

SolarWinds security fiasco may have started with simple password blunders

SolarWinds Security Fiasco may have Started with Simple Password Blunders

SolarWinds security fiasco may have started with simple password blunders UPDATED: Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password. A SolarWinds third-party, public relations spokesperson, however, claims that the password incident had nothing to do with the major security breach. Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password. We still don’t know just how bad the SolarWinds security breach is. We do know over a hundred US government agencies and companies were cracked. Microsoft president Brad Smith said, with no exaggeration, that it’s “the largest and most sophisticated attack the world...

how to make sense of security: Ransomware: The Types of and How to Make Ransomware?

Ransomware: The Types of and How to Make Ransomware?

How to Make Ransomware? Ransomware is a type of malware that operates by either locking you out of your computer or mobile device or by manipulating your files in such a way that you cannot access nor utilize them. Ransomware attacks have been on the rise in the recent past, which can be explained by the increasing rates of cybercrimes. The creators of malware have made it easy for individuals to make ransomware that they use to demand money from the victims. Cybercrime has risen as many have learned how to make ransomware, which they use on the most unsuspecting companies or individuals. Types of Ransomware Ransomware is classified into two. They include Crypto ransomware Locker ransomware Crypto ransomware...

Scroll to top