Trending Security Topics

Cybersecurity Awareness Basics

How to avoid identity theft, frauds, scams and more. Click below for more information.

Cybersecurity Basics


Lateral Phishing Used To Attack Organizations On Global Scale

Account takeover continues to be one of the fastest-growing email security threats, but attackers are starting to adapt, introducing new ways to exploit compromised accounts, such as lateral phishing, which uses hijacked accounts to send phishing emails to an array of recipients in the account’s contact list, ranging from close contacts in the company to partners at other organizations.

From “Computer Weekly” Warwick Ashford (7/18/2019)


The Dangers Of Social Engineering (+ How To Protect Yourself)

Hackers who specialize in social engineering are professionals at manipulating human feelings, like curiosity and fear, in order to carry out cyber attacks. These hackers use psychological manipulation to trick others into making security mistakes or giving up their sensitive and personal information.

From “G2” Mara Calvello (7/15/2019)


What Are The Risks Associated With Mobile Device Apps?

Applications (apps) on your smartphone or other mobile devices can be convenient tools to access the news, get directions, pick up a ride share, or play games. But these tools can also put your privacy at risk. When you download an app, it may ask for permission to access personal information—such as email contacts, calendar inputs, call logs, and location data—from your device. Apps may gather this information for legitimate purposes—for example, a ride-share app will need your location data in order to pick you up. However, you should be aware that app developers will have access to this information and may share it with third parties, such as companies who develop targeted ads based on your location and interests.

From “U.S. Department of Homeland Security CISA” (7/09/2019)


Bad USBs Are The Reason Why You Shouldn’t Plug Just About Anything Into Your PC

To understand what a bad USB is, it is first important to understand how USB devices work. Each USB device has a USB-compliant microcontroller in it, from a mouse and keyboard to plug-in webcams and, most important, flash drives.

From “Analytics India Magazine” Anirudh Vk (7/05/2019)


Wipro Attack Tied To Larger Phishing Campaign: Analysis

The attackers' phishing campaign, RiskIQ says, is designed to target retailers, employee rewards programs and other organizations dealing in gift cards. Once they had access, the attackers used money transfer services, clearinghouses and other payment processing services to monetize the data they stole, according to the analysis.

From “Bank Info Security” Scott Ferguson (6/27/2019)

 

Five Ways CEOs Can Take A More Personal Approach To Cybersecurity

Making security a personal issue requires a mindset change -- from viewing security as a cost to an investment to protect your company. No reasonable executive would ever consider the locks on the front doors of their office to be overhead. Protecting your brand is worth the investment. It’s your reputation; make it personal.

From “Forbes” Don Scales (7/10/2019)

 

These Are The Biggest Digital Threats Facing Your Business Today – How To Protect Your Competitive Advantage

As a leader of your organization, you’re no doubt keep up at night by a routine of risks and threats, both known and unknown. If you’re like most executives, it’s the latter that grind your gears. All the SWOT analyses in the world can’t prepare you for what you don’t know — that is, the “unknown unknowns.” These are the threats you suspect are out there, but can’t see directly, much less understand.

From “CEO World Magazine” Ana Papadopoulos (7/08/2019)

 

How Organizations Can Better Protect Themselves Against Supply Chain Security Threats

Running regular anti-malware scans and blocking malicious IP addresses are two strategies. But organizations need to do more to defend themselves against security risks from supply chain partners, according to (ISC)2.

From “Tech Republic” Lance Whitney (7/02/2019)

 

How Businesses Could Be Exposed To Security Risks From Employees Using FaceApp

Any app that asks you to provide any data, biometric or otherwise, is going to use it for some reason. Companies and individuals should guard their privacy and data in all forms, including biometrics.

From “Tech Republic” Teena Maddox (7/18/2019)

 

Are You Able To Beat Ransomware Scammers?

Check out these free online tests and see if you can beat the ransomware scammers. Since most ransomware attacks start with bogus emails, have a look at these "phishing" tests.

From “The Norman Transcript” Dave Moore (7/14/2019)

 

FTC Shuts Down Student Loan Debt Relief Scheme

In a new case announced today, the FTC alleges the operators of Mission Hills Federal and Federal Direct Group bilked borrowers out of more than $23 million. The FTC says these companies lured people with false promises to pay down student loans and lower monthly payments.

From “Federal Trade Commission” Colleen Tressler (7/11/2019)

 

Who’s Pretending To Be The Government Now?

You’ve gotten the calls: from Social Security. Or the IRS. Or Medicare. Or any number of other agencies. Except: as soon as the caller threatens you or demands that you pay them with a gift card or by wiring money, you know. It’s a scam. Even if caller ID tells you otherwise – that’s not the government calling.

From “Federal Trade Commission” Paul Witt (7/01/2019)

 

Are You Getting Unwanted Calls? It Could Be Scammers Calling

Why are you getting so many calls? Often, it’s scammers calling. Here’s what you need to know about unwanted calls and how to stop them. Share these articles, infographics, and videos with your friends, family, and followers.

From “Federal Trade Commission” (6/25/2019)

 

The Capital One Data Breach: Time To Check Your Credit Report

If you needed yet another nudge to start keeping an eye on your credit report to protect against identity theft, Capital One has delivered it with its announcement that a data breach has exposed the personal information of 106 million of its credit card customers and credit card applicants in the United States and Canada.

From “Federal Trade Commission” Seena Gressin (7/30/2019)

 

Canadian Center For Cyber Security Releases Advisory On Fileless Malware

The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data.

From “U.S. Department of Homeland Security CISA” (7/18/2019)

 

Payment Fraud: Criminals Enroll Stolen Cards On Apple Pay

Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via look-alike but fake e-commerce sites that never fulfill orders…Security experts say that over the past two years, ATM malware has evolved from being a tool largely only used by organized crime gangs, into a low-cost, commodity offering. That has greatly reduced the barriers to entry for any criminal that is willing to try to crack open an ATM enclosure and plug in a homemade black box.

From “Bank Info Security” Mathew J. Schwartz (7/15/2019)

 

5 Top Tech Travel Tips

No matter how you get to your destination or where you choose to stay, you will still be connected when you’re on vacation. When traveling, you rely on technology even more to enhance your experience. Simple practices like exercising care when using public Wi-Fi and enabling security features to protect and find your devices can make all the difference in the world.

From “National Cyber Security Alliance” (7/02/2019)

 

10 Tips For Dealing With An Online Impersonator

When someone impersonates you online it can be a frightening and stressful experience. Learn how to safeguard your identity and accounts. Online impersonation isn't the same thing as having your social media account hacked and commandeered; it involves a malicious individual setting up a wholly different account similar to your name and with your existing profile picture.

From “Tech Republic” Scott Matteson (7/01/2019)

 

OUCH! Newsletter: Virtual Private Networks (Click link to see full article.)

You may find yourself needing to use public Wi-Fi for Internet access when you are away from home, such as when you are at your local restaurant or coffee shop, or when you are traveling at a hotel or airport. But how secure are these public networks and who is watching or recording what you are doing online? Perhaps you do not even trust your ISP (Internet Service Provider) at home and want to be sure they can’t monitor what you do online. Protect your online activities and privacy with something called a VPN (Virtual Private Network). A VPN is a technology that creates a private, encrypted tunnel for your online activity making it much more difficult for anyone to watch or monitor what you are doing online. In addition, a VPN helps hide your location, making it much harder for websites you visit to determine where you are located.

From “SANS OUCH Newsletter” Phil Johnsey (7/03/2019)