Making Sense of Security

New Release: 2021 Remote Workforce Security Report

Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Key findings include: Almost three-quarters of organizations are concerned about the...

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International Development (DfID), and was responsible for international programs in Africa and APAC. In her upcoming speech to Queen’s University...

prevent malware

A Discussion on How to Prevent Ransomware Attacks

Is your PC shielded against ransomware assaults? Ransomware is a kind of malware (vindictive programming) which crooks use to extract money. It holds info to payoff with encoding or by keeping clients locked from their gadgets. This article shows you everything to know on how to prevent ransomware attacks. We investigate the various approaches to shield your PC and your information from ransomware assaults. Pernicious programming that utilizes encoding to hold information for delivery...

phishbait-surveys-rule-changes-boss

A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well written, this email, apparently from the human resources department at the target company, actually came from phishers located in...

Spoofing Tailored to Financial Departments

Spoofing Tailored to Financial Departments

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers say that in some cases the attackers “specifically targeted newly-selected CEOs during critical transitionary periods.” Additionally, the attackers went after executives’ assistants. “Beyond financial departments, the attackers also targeted C-suite and executive assistants,” Area 1 says. “Targeting high-level assistants is an often overlooked method of initial entry,...

Billions of Spoofed Emails

Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday

In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday. Even though email is still the oldest form of online communication, it is still the go-to platform for cybercriminals to attempt to infiltrate. According to the report by Vailmail, “80% of all email inbox providers do DMARC check on inbound emails”. And with the pandemic, COVID-19 has been...

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn. An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author. Updated on 07/04: We updated our personal data leak checker database with more than 780,000 email addresses associated with this leak. Use...

Android mobile phone monitoring tracking spy

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices. “Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT,” the researchers write. “This Dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the evaluation period successfully and changes the payload...

Ransomware Attacks Are Growing More Costly and Effective by the Day

Ransomware Attacks Are Growing More Costly and Effective by the Day

The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game. We love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report from threat intelligence firm Group-IB entitled Ransomware Uncovered 2020-2021 sheds some much needed light on the current state of...

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem

Cybercrime Officially Has Its Own Global Ecosystem. From Services to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships to cybercrime and connections really are. It’s worrisome when your organization comes under cyberattack in the first place. ...

Vehicles Most Likely To Survive An EMP Attack

The 3 Vehicles Most Likely To Survive An EMP Attack

When it comes to disasters we all hope that our vehicle will get us out of dodge if needed… But, what would you do if there was an EMP attack? An electromagnetic pulse attack (EMP) is a burst of electromagnetic energy, it can be a natural occurrence or man-made. The problem is, there is no guarantee what will or won’t be damaged from an EMP. Our electric grid would likely be heavily damaged, if...

survive brutal cold

Military Tips To Survive The Brutal Cold

“A man in the cold is not necessarily a cold man.”– Mike Tipton. Knowing how to survive is key. Tyson S. was a 30-year-old man from Utah who moved to a remote part of Alaska. He had been living alone after purchasing his cabin. His nearest neighbor was over 20 miles away. Beautiful mountains, rivers, and lakes separated Tyson from civilization. Yet, one mistake almost cost him his life. Tyson told police that his...

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities? On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange....

Android phone ransomware

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users

Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users To live our digital lives to the fullest, we rely on a variety of technologies to support our online activities. And while some apps and devices are meant to make certain tasks more convenient or provide us with greater security, others simply offer a false sense of security and could potentially lead to online misfortune. One such platform is SuperVPN. While users...

How Does Ransomware Spread Globally? Through Malware.

How Does Ransomware Spread Globally? Through Malware.

Ransomware is a type of malware that involves encrypting a company’s or individual’s useful data or blocking users from accessing their computer systems in exchange for a given amount of money. Cybercriminals are always on the look-out for creatives means for getting a hold of your data so that they can have them at ransom. Every day you hear of someone’s account being hacked. But, how does ransomware spread? You ask yourself. It is...

Cyber Insurance is might not Cover that $6 Million in Cyber Fraud

Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.

The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout.  In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that took the company for $6 million. RealPage processed their credit card transactions through a third-party processor, Stripe. Stripe fell...

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of...

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, Vendor Email Compromise has been around for some time and now seems to be going mainstream. We first mentioned Vendor Email Compromise (VEC) back in late 2019. This method of compromising an email account at one company purposely to use it to attack a second company has been quietly evolving over the last 14 months. New data from Abnormal Security’s report,...

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its distribution medium and its’ credential target. Last month, victim LinkedIn users received a message from one of their connections...

88% Of Data Breaches Are Caused By Human Error

88% Of Data Breaches Are Caused By Human Error

A brand new report confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. The study was done by  Stanford University Professor Jeff Hancock...

Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters than emails with malicious attachments or download links. Likewise, conversational phishing attacks, like business email compromise (BEC), have grown more...

commit to protect privacy

Let’s Commit To Protect Our Privacy This Year

  Let’s Commit To Protect Our Privacy This Year How our new identity & privacy app can help By this point in the year you may have already broken some of your New Year’s resolutions, but here’s one to commit to keep: better protecting your online privacy. After all, we are likely to continue to spend more time online in 2021, whether it be for working, learning, or shopping. This makes taking some preventative steps to shield our identity information more important than...

tax scams that target seniors

How to Spot, and Prevent, the Tax Scams That Target Seniors

How to Spot, and Prevent, the Tax Scams That Target Seniors Elderly scams cost seniors in the U.S. some $3 billion annually. And tax season adds a healthy sum to that appalling figure. What makes seniors such a prime target for tax scams? The Federal Bureau of Investigation (FBI) states several factors. For one, seniors are typically trusting and polite. Additionally, many own their own home, have some manner of savings, and enjoy the...

Cybersecurity: Hacking Proprietary Protocols with Sharks and Pandas

Cybersecurity: Hacking Proprietary Protocols with Sharks and Pandas

There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world all around us is a battle between good and evil.  In cybersecurity if the “evil” side understands or pays more attention to a technology than the “good” side, we see a spike in cyber-attacks. The human race commonly fears what it doesn’t understand.  In a time of war, this fear is even greater if one side understands...

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year prior. Types of attacks that have been reported are centered around phishing or malware. It’s very concerning that cybercriminals...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime in quite a while. This method of tricking a carrier and anyone using a phone number as a form...

Scroll to top