Security Awareness is the Key to Cybersecurity Behavior Change
Security Awareness is the Key to Cybersecurity Behavior Change...
Securing your Digital World
Security Awareness is the Key to Cybersecurity Behavior Change...
Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Key findings include: Almost three-quarters of organizations are concerned about the...
Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International Development (DfID), and was responsible for international programs in Africa and APAC. In her upcoming speech to Queen’s University...
Is your PC shielded against ransomware assaults? Ransomware is a kind of malware (vindictive programming) which crooks use to extract money. It holds info to payoff with encoding or by keeping clients locked from their gadgets. This article shows you everything to know on how to prevent ransomware attacks. We investigate the various approaches to shield your PC and your information from ransomware assaults. Pernicious programming that utilizes encoding to hold information for delivery...
Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well written, this email, apparently from the human resources department at the target company, actually came from phishers located in...
Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers say that in some cases the attackers “specifically targeted newly-selected CEOs during critical transitionary periods.” Additionally, the attackers went after executives’ assistants. “Beyond financial departments, the attackers also targeted C-suite and executive assistants,” Area 1 says. “Targeting high-level assistants is an often overlooked method of initial entry,...
In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday. Even though email is still the oldest form of online communication, it is still the go-to platform for cybercriminals to attempt to infiltrate. According to the report by Vailmail, “80% of all email inbox providers do DMARC check on inbound emails”. And with the pandemic, COVID-19 has been...
Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn. An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author. Updated on 07/04: We updated our personal data leak checker database with more than 780,000 email addresses associated with this leak. Use...
Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices. “Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT,” the researchers write. “This Dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the evaluation period successfully and changes the payload...
The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game. We love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report from threat intelligence firm Group-IB entitled Ransomware Uncovered 2020-2021 sheds some much needed light on the current state of...
Cybercrime Officially Has Its Own Global Ecosystem. From Services to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships to cybercrime and connections really are. It’s worrisome when your organization comes under cyberattack in the first place. ...
When it comes to disasters we all hope that our vehicle will get us out of dodge if needed… But, what would you do if there was an EMP attack? An electromagnetic pulse attack (EMP) is a burst of electromagnetic energy, it can be a natural occurrence or man-made. The problem is, there is no guarantee what will or won’t be damaged from an EMP. Our electric grid would likely be heavily damaged, if...
“A man in the cold is not necessarily a cold man.”– Mike Tipton. Knowing how to survive is key. Tyson S. was a 30-year-old man from Utah who moved to a remote part of Alaska. He had been living alone after purchasing his cabin. His nearest neighbor was over 20 miles away. Beautiful mountains, rivers, and lakes separated Tyson from civilization. Yet, one mistake almost cost him his life. Tyson told police that his...
THE GOOD, THE BAD, AND THE UGLY ABOUT MFA...
Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities? On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange....
Attention Android Users: This Free VPN App Leaked the Data of 21 Million Users To live our digital lives to the fullest, we rely on a variety of technologies to support our online activities. And while some apps and devices are meant to make certain tasks more convenient or provide us with greater security, others simply offer a false sense of security and could potentially lead to online misfortune. One such platform is SuperVPN. While users...
Ransomware is a type of malware that involves encrypting a company’s or individual’s useful data or blocking users from accessing their computer systems in exchange for a given amount of money. Cybercriminals are always on the look-out for creatives means for getting a hold of your data so that they can have them at ransom. Every day you hear of someone’s account being hacked. But, how does ransomware spread? You ask yourself. It is...
The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout. In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that took the company for $6 million. RealPage processed their credit card transactions through a third-party processor, Stripe. Stripe fell...
The latest Data on BEC scams shows how the bad guys are using a mix of Gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money from email attacks....
The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of...
While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, Vendor Email Compromise has been around for some time and now seems to be going mainstream. We first mentioned Vendor Email Compromise (VEC) back in late 2019. This method of compromising an email account at one company purposely to use it to attack a second company has been quietly evolving over the last 14 months. New data from Abnormal Security’s report,...
A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its distribution medium and its’ credential target. Last month, victim LinkedIn users received a message from one of their connections...
A brand new report confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. The study was done by Stanford University Professor Jeff Hancock...
Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters than emails with malicious attachments or download links. Likewise, conversational phishing attacks, like business email compromise (BEC), have grown more...
Let’s Commit To Protect Our Privacy This Year How our new identity & privacy app can help By this point in the year you may have already broken some of your New Year’s resolutions, but here’s one to commit to keep: better protecting your online privacy. After all, we are likely to continue to spend more time online in 2021, whether it be for working, learning, or shopping. This makes taking some preventative steps to shield our identity information more important than...
How to Spot, and Prevent, the Tax Scams That Target Seniors Elderly scams cost seniors in the U.S. some $3 billion annually. And tax season adds a healthy sum to that appalling figure. What makes seniors such a prime target for tax scams? The Federal Bureau of Investigation (FBI) states several factors. For one, seniors are typically trusting and polite. Additionally, many own their own home, have some manner of savings, and enjoy the...
There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world all around us is a battle between good and evil. In cybersecurity if the “evil” side understands or pays more attention to a technology than the “good” side, we see a spike in cyber-attacks. The human race commonly fears what it doesn’t understand. In a time of war, this fear is even greater if one side understands...
New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year prior. Types of attacks that have been reported are centered around phishing or malware. It’s very concerning that cybercriminals...
UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime in quite a while. This method of tricking a carrier and anyone using a phone number as a form...
Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks...