What is a “zero-day,” exactly? In information security, occasionally there is a brand new cybersecurity vulnerability or exploit in the news, and the reporter calls it a “zero-day” exploit. What are they talking about. This is a concept similar to “patient zero” in medical epidemiology. This is where the bad thing started to happen.
A zero-day vulnerability is a flaw ...
Continue Reading →
Your Personally Identifiable Information (PII) is one of the top targets of cyber-criminals. This information is valuable because it can be used for identity, fraud, tax refund fraud, loans and credit card applications, money transfers, phishing and spam campaigns, blackmail and extortion, fraudulent medical insurance claims, online shopping, and so much more. This information is packaged and sold on the Dark Web, and ...
Phishing continues to be the number one method that over 90% of cybersecurity incidents and breaches happen. Cybersecurity Awareness Training and Phishing Simulation company KnowBe4 recently posted an article on their blog about the Top-Clicked Phishing Email Subjects. Sharing this information with your staff is one way to limit the impact of these email exploits.
Here are the top subject lines used in emails by actual cyber-attackers.
Most Common ...
Continue Reading →
Never in human history has there been a platform for tracking, eavesdropping, reconnaissance, and surveillance like the smartphone. With the right malware or phone store app, a marketing company, suspicious spouse, parent, nation-state cyber-spy, or your own government or law enforcement agency can easily spy on anyone carrying a smartphone. Mobile devices often provide a bridge between a target’s personal life and professional ...
A quick Saturday digest of cybersecurity news articles from other sources.The idea of hacking back against those who hack you has been called a lot of things. The terms “goofy idea” and “illegal” are some we’ve heard. But for a ransomware victim in Germany, you can add the words “sweet revenge.” And not just ...
Continue Reading →
A guest post from From Siege Media
Data breaches are more or less becoming commonplace. In the last several years, companies the likes of Under Armour, Home Depot, Equifax, and even Target have fallen victim to ruthless cyber-attacks, resulting in the loss of profit, reputation, and customers.
This obviously has a huge affect on ...
Continue Reading →
As cybersecurity professionals, we spend a lot of time and effort keeping outsiders off our network, and out of our servers and information repositories. The good news is that today’s defensive solutions work pretty well, and we are largely successful defending threats from outsider the network perimeter.
Insider threats are a bigger concern. There have been several high profile insider breaches, ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Firewalls crashing, communications lost, and the realization that this was not a technology failure of the U.S. power grid. It was a first-of-its-kind cyber-attack that reveals the risks of our increasingly connected infrastructure. The North American Electric Reliability Corporation (NERC) revealed details of the new type ...
Continue Reading →
I hate robocalls. I got rid on my land line phone because the ONLY people who called me on it were robocallers, fraudsters, and political campaigns (more fraudsters?). Now up to 80% of my cellular phone calls are robocalls. If it seems that there are more robocalls then ever, this is not an illusion. Robocalls have increased 46% from 2017 to 2018, and ...
The first week of October was the start of National Cyber Security Awareness Month (NCSAM) but brought us news of new crypto-ransomware attacks against hospital systems in Alabama (USA), and Victoria, Austrailia. It appears that in both cases the hospital systems are wotking with federal cyber incident response teams to mitigate and recover, and no ...