Cybersecurity Awareness Basics
How to avoid identity theft, frauds, scams and more. Click below for more information.
Ransomware Attackers Are Growing Bolder And Using New Extortion Methods
Ransomware actors are growing bolder. They are targeting manufacturing and a range of critical infrastructure sectors—from financial, to energy, to food production worldwide—using high-pressure tactics to escalate infection consequences. Increasingly, they deploy multiple pressure points at once to extract ransom payments.
From “Tech Republic” Esther Shein (7/15/2021)
Tokyo 2020 Olympics Must Be Extra Secure To Avoid Cyberattacks And Ransomware
The Olympics come around and what's going to happen from a ransomware point of view is really just that the Olympics are a major cultural event that attackers will leverage to try to trick you into doing something, giving them access, installing software, some way that ends up infecting you with ransomware. We see this with any major cultural event.
From “Tech Republic” Karen Roby (7/14/2021)
LinkedIn Breach Reportedly Exposes Data Of 92% Of Users, Including Inferred Salaries
No passwords are included, but as the site notes, this is still valuable data that can be used for identity theft and convincing-looking phishing attempts that can themselves be used to obtain login credentials for LinkedIn and other sites.
From “9 To 5 Mac” Ben Lovejoy (6/29/2021)
The following materials are helpful tools for consumers and bankers to understand virtual currency.
From “Texas Department Of Banking” (6/10/2021)
Don’t Wanna Pay Ransom Gangs? Test Your Backups.
Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take.
From “Krebs on Security” Brian Krebs (7/19/2021)
Homoglyph Domains Use In BEC Scams Shut Down By Microsoft
The "homoglyph" domains impersonated domains used by legitimate businesses, and were used in attempts to defraud Microsoft Office 365 customers. Homoglyph domains exploit the fact that many different characters look identical or very similar. For instance, the capital letter "O" and the number "0" (e.g. MICROSOFT.COM vs MICR0S0FT.COM) or an uppercase ninth letter of the alphabet “I” and a lowercase 12th letter “l” (e.g. MICROSOFT.COM vs. MlCROSOFT.COM).
From “Bit Defender” Graham Cluley (7/22/2021)
Cybersecurity For Charities: How To Protect Your Non-profit From Cyber Attacks
Cyber-attacks targeted against charities are growing at an alarming rate as cybercriminals take advantage of the huge datasets many non-profits have on file. Charitable organizations often hold sensitive personal data about their supporters and staff, sometimes including financial information. Preventing cyber-attacks against charities isn’t always easy, though, due to constraints around time, money, or technical know-how. However, even the smallest of charitable organizations can help protect their digital assets free of charge, thanks to several free-to-use resources available online. But to understand what your charity needs, first you need to understand why the sector is being disproportionately targeted.
From “The Daily Swig” Jessica Haworth (6/11/2021)
Instagram Security Check Hopes To Make Life Harder For Account Hackers
Instagram has underlined to users that it will never send you a direct message (DM). Scammers often will use this technique to dupe unwary users into handing over their account passwords or luring them into visiting phishing sites.
From “Bit Defender” Graham Cluley (7/16/2021)
The Ultimate Security Guide For Cryptocurrency Investors
As the popularity of cryptocurrencies grows, so does the level of activity of cybercriminals who seek to steal crypto in any way possible, by launching phishing attacks, finding vulnerabilities in the source code, or impersonating people who work for companies to obtain confidential user information such as private keys, passwords, seed phrases, and more.
From “Hackernoon” Panos Mek (7/10/2021)
OUCH! Newsletter -Securing Your Mobile Devices
Mobile devices are an amazing and easy way to communicate with friends, shop or bank online, watch movies, play games, and perform a myriad of other activities. Since these devices are such an important part of your life, it is essential to keep you and your devices safe and secure.
From “SANS” Jeroen Beckers (7/06/2021)
Another 0-Day Looms For Many Western Digital Users
Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest operating system.
From “Krebs on Security” Brian Krebs (7/02/2021)
Don’t Lose Cash On Money Apps, Digital Wallets: How To Protect Yourself
Quick and easy isn't always painless when it comes to moving money via apps and digital wallets. Sometimes, you even can lose more money than you'd imagine. Several things can go haywire, based on a list of complaints from consumers, according to the latest U.S. PIRG Education Fund analysis. And the risks skyrocket if you're tricked into sending money to a scammer. “Customer service is sorely lacking with payment apps," said Ed Mierzwinski, PIRG Education Fund’s senior director of federal consumer programs. Consumers often complain, he said, that when they contact the company that they get no response.
From “Bakersfield News” Susan Tompor (6/28/2021)