Thinking Skeptically About Smishing
Organizations need to train their employees to be on the lookout for SMS phishing (smishing), according to Jennifer Bosavage at Dark Reading. Bosavage explains that attackers exploit normal human behavior to gain access or information from employees. “Cyberattackers leverage the way people typically respond to certain social situations to trick them into disclosing sensitive information about themselves, […]
Posted: December 3, 2020 | View More »20 Ways to Build Your Security Fortress From Anywhere
At Home Have separate devices for work and personal use Connect to Ethernet (wired) or at least WPA2 (Wi-Fi Protected Access 2) for a secure wireless connection Use a VPN (Virtual Private Network) whenever possible to access employer systems/data Keep router and modem firmware up-to-date Secure IoT devices (smart speakers, appliances, etc.) – use strong, […]
Posted: November 2, 2020 | View More »National Security Awareness Podcasts
Tune into our podcasts each week! Week 1: October 9Introduction to IT360 & Cybersecurity in 2020 Week 2: October 16Cybersecurity Training for Employees Week 3: October 23Cyber Insurance Week 4: October 30Remote Working
Posted: October 8, 2020 | View More »[Heads Up] DarkSide: Sophisticated New Customized Ransomware Strain Demands Millions Of Dollars
Breaking News: A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts. But here is the clincher: When performing attacks, DarkSide will create a customized ransomware executable for the specific company they are attacking. Our friends at Bleepingcomputer said: “Starting around August 10th, […]
Posted: October 8, 2020 | View More »Australian Financial Services Company is Sued for Repeatedly Being Hacked… and Doing Zero About It
The Australian Securities and Investments Commission (ASIC) is suing RI Advice Group for being hacked multiple times over a year’s time that includes 155 hours of undetected hacker activity. If you are the victim of ransomware once, it’s probably inevitable. But if you’re a ransomware victim again, and then hacked on a third occasion, you’re probably not […]
Posted: October 8, 2020 | View More »‘New VPN Configuration’ Email Tricks Microsoft 365 Users Out of Credentials
Scammers are taking advantage of the prominent use of VPNs by remote workforces to send out this very topically relevant phishing email that just wants to steal your credentials. Nearly one-third of users utilize a VPN to access work-related sites and services. From a cybercriminal’s perspective, that’s a significant chunk of people they can target. The shift to remote […]
Posted: August 6, 2020 | View More »BEC Isn’t Back; It Never Left
Business email compromise (BEC) attacks aren’t new, but they’re growing increasingly effective, according to Zeljka Zorz at Help Net Security. Zorz cites an article from BakerHostetler, in which two attorneys describe how BEC attacks work and why they’re so effective. The lawyers explain that BEC attacks involve targeted phishing attempts coming from spoofed or compromised email […]
Posted: August 6, 2020 | View More »COVID-19 Related Phishing Scams Target Passport Details
The Coronavirus phishing scams have only gotten more aggressive and targeted now than ever before, InfoSecurity Magazine reports. Now researchers at Griffin Law are tracking self-employed people being targeted with established COVID-19 related phishing emails. According to Griffin Law, the scam begins with a text message purporting to be from HMRC informing the recipient they are due […]
Posted: August 6, 2020 | View More »Coronavirus Phishing Attacks Skyrocket to 30% Increase
Scammers riding the COVID-19 wave are adapting to new scenarios as the pandemic evolves. Checkpoint recently discovered that over 192,000 coronavirus-related phishing attacks per week over the past three weeks, a 30% increase compared to previous weeks. In the past three weeks, almost 20,000 new coronavirus-related domains were registered: 17% of these are malicious or […]
Posted: June 30, 2020 | View More »Fake Zoom Downloader is the Latest Method of Attack on Remote Workers
Riding on the coattails of the massive rise in popularity in the video conference solution, remote workers new to Zoom need to be wary of where they download the installer. We’ve written before about the various types of Zoom-related attacks that have sprouted up over the last two months. The latest chapter in this saga […]
Posted: June 30, 2020 | View More »