Trending Security Topics
Cybersecurity Awareness Basics
How to avoid identity theft, frauds, scams and more. Click below for more information.
The fake email message tricks the recipients into visiting a phishing website where they will be asked to sign into their accounts, but any attempt to sign-in to the phishing website will result in their account credentials being sent to the cyber criminals behind the phishing email message.
From “Online Threat Alerts” (1/09/2018)
The Federal Trade Commission (FTC) has released an alert on phishing attacks related to the Equifax data breach. Phishing attacks try to trick message recipients into sharing sensitive information with cyber criminals. FTC warns consumers to be wary of calls or emails purporting to be from Equifax agents. Legitimate Equifax representatives will not contact consumers to ask for verification of their information.
From “US-CERT” (9/14/2017)
SplashData’s chart of most commonly-chosen passwords (which thus makes them some of the very *worst* passwords you can choose) is based upon its examination of over five million passwords leaked by hackers.
From “We Live Security” Graham Cluley (12/27/2017)
Senior executives are among the favorite targets of malicious hackers and other bad actors, in part because they are more likely to hold valuable information — or have a high level of access to such data.
From “IT World” Bob Violino (1/15/2018)
The security awareness gap is wide and deep, but that’s to be expected in any highly technical discipline. Security professionals have both an opportunity and a responsibility to bridge that gap and convey confidence to board members and top management.
From “Security Intelligence” Scott Koegler (1/17/2018)
Several years ago, creating a cybersecure home was simple; most homes consisted of nothing more than a wireless network and several computers. Today, technology has become far more complex and is integrated into every part of our lives, from mobile devices and gaming consoles to your home thermostat and your refrigerator.
From “SANS OUCH!” Matt Bromiley (1/10/2018)
A study conducted online by Harris Poll, on behalf of Tenable Inc., the Cyber Exposure company, has found that many consumers fail to practice basic security cyber hygiene. A popular inroad for hackers to compromise devices and steal data is when apps have security vulnerabilities, yet few people patch promptly. Fourteen percent of smartphone users wait more than a week to update apps on their smartphone after receiving a prompt, including 5 percent confessing they never get around to it. Meanwhile, 13 percent of computer users wait more than a week to update the apps on their computer, with 3 percent who wait longer than a month after receiving a prompt, and 5 percent who never update apps on their computer.
From “Bank News” (12/22/2018)
Absent a crystal ball, those remain surefire cybersecurity predictions, driven by the outsize profits available to online attackers, the relatively low risk of launching remote attacks, the explosion of digitization and the connection of more types of devices to the internet - but not necessarily in a secure manner. Here's more about what to expect in 2018.
From “Bank Info Security” Mathew J. Schwartz (1/02/2018)
Security researchers have discovered a mobile malware strain that can intercept users' sensitive SMS messages to steal their banking details and funds. According to Trend Micro researchers, the malware dubbed "FakeBank" has been spotted in several SMS/MMS management software apps.
From “International Business Times” Hyacinth Mascarenhas (1/11/2018)
While the firmware updates are effective at mitigating exposure to the security issues, customers have reported more frequent reboots on firmware updated systems.
From “Bank Info Security” Matthew J. Schwartz (1/18/2018)
The National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as Meltdown(link is external) and Spectre(link is external)— that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.
From “US-CERT” (1/04/2018)
Tax Identity Theft Awareness Week is January 29 to February 2, and many federal agencies are offering information and resources to help consumers learn to protect themselves from tax related identity theft and Internal Revenue Service (IRS) imposter scams.
From “US-CERT” (1/29/2018)
Data Privacy Day Reminds Everyone About The Value Of Their Personal Information And How To Manage Online Privacy
Technology makes it easy to connect to the virtual world around you. While an invaluable part of our lifestyle, our connected devices contain enormous amounts of personal data about us, our friends and family. This information – which includes contacts, photos, videos, location, health and financial data – is being collected by advertisers, tech companies and others, and understanding how to protect it from bad actors or from being used in unexpected or malicious ways is vital.
From “National Cyber Security Alliance” (1/11/2018)
Your personal data can be used in a variety of ways – sometimes in ways you wouldn’t expect or even approve. That’s why it’s important to understand its value and ways you can manage it, when possible. NCSA recommends taking the following STOP. THINK. CONNECT.™ steps to better manage your privacy in a growing Internet of Me:
• Personal information is like money. Value it. Protect it.: Be thoughtful about who gets that information and how it is collected.
• Own your online presence: Set the privacy and security settings to your comfort level for information sharing. It’s OK to limit how and with whom you share information.
• Lock down your login: Choose at least one account and turn on the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
• Keep a clean machine: Update your security software, web browser and operating system to have the best defense against viruses, malware and other online threats.
• Share with care: What you post can last a lifetime. Before posting something about yourself or others online, think about how it might be perceived now and in the future and who might see it.
• Secure your devices: Every device should be secured by a password or strong authentication ‒ finger swipe, facial recognition etc. These security measures limit access to authorized users only and protect your information if devices are lost or stolen.
• Think before you app: Information about you, such as the games you like to play, your contacts list, where you shop and your location, has tremendous value. Be thoughtful about who gets that information and understand how it’s collected through apps.