Phishing scams are a topic we frequently discuss on this blog. In their simplest form, they are emails or messages sent that are designed to steal from you or gain access to computers or networks. One such scam uses the moniker of the popular IT support company Geek Squad, a subsidiary of Best Buy, to steal from its victims. Here’s how you can avoid falling for these tricks.
A data breach is no joke, and it can take many forms. Whether it’s a case of confidential data being viewed, copied, stolen, or destroyed, a data breach cannot be ignored. Let’s take a look at some of the various causes of business data breaches and what you can do to prevent them from sinking your organization.
There are all kinds of threats out there that can make things difficult for your business, but one of the biggest threats from this past year was ransomware. Ransomware encrypts data on the victim’s device so that it is inaccessible without the decryption key. Hackers have been successful with these extortion methods, as well as many others, yet ransomware continues to be a serious source of anxiety for businesses of all sizes and industries.
While considering cybercrime, it’s very easy to slip into a dichotomy: hackers are bad, while not-hackers are good. Like most things in life, however, the truth is that there is a spectrum to cybercrime. Let’s take a few moments to consider a few different types of hackers, and the hats that their roles determine they wear.
It’s the holiday season, and with it comes a multitude of hackers trying to cash in on everyone’s online purchases. These phishing scams always increase when the holiday season comes around, so it’s best to stay vigilant so that you don’t give yourself the gift of sadness this year. One such threat is already here, and it’s voice spoofing of Amazon orders.
There are many different types of hacking attacks, but those targeting your computer can either be incredibly intrusive or so low-profile that you don’t even know you’ve been infected until it’s too late to do anything about it. Let’s discuss some of the telltale signs of a hack and what you should look for to prevent or identify them.
The attack on SolarWinds earlier this year caused a lot of challenges, and now that time has passed and the dust has settled somewhat, Microsoft has uncovered another type of malware associated with the attack. This one is called FoggyWeb. What does this threat do and what can we learn about it?
Hackers are a crafty bunch. They will use any and all means to infiltrate businesses, including some that are downright shameful. One of the most devastating ways that hackers make these attempts is through the use of phishing attacks, or attacks where they essentially trick users to click on links in emails or hand over confidential information.
This past May, Ireland’s Health Service Executive—the organization responsible for providing healthcare and social services to the country’s residents—was successfully targeted by a major ransomware attack. Unfortunately, we are still talking about it now because the entire situation has forced us to acknowledge the aftereffects of such an event.
Once again, ransomware strikes, this time targeting the world’s largest meat processor and distributor, JBS S.A. This disruptive cyberattack forced the company to suspend operations in both North America and Australia, a move which had devastating consequences to the supply chain. What can we learn from this situation?
Hackers are always taking advantage of others’ misfortunes, and they have even gone so far as to leverage the COVID-19 pandemic in efforts to launch phishing attacks. How have hackers utilized this worldwide disaster to their benefit, and what can we do to keep our organizations secure in this troubling time? Let’s find out.
Anyone who uses a computer regularly knows that software can be finicky. Developers continuously update their software to account for changes in security threats and to add new features. For the small business, integrating and developing software can be useful, but it can also be one of the most problematic issues you can face; and, oftentimes it can often go under the radar. Let’s look at a few ways that old software bugs can cause problems for your business.
In what sounds like a positive shift, cybersecurity experts have announced their research has found that cyberattacks are spending less time on the networks they infiltrate. Unfortunately, this isn’t such a clear-cut positive. Today, we’ll discuss “dwell time” and how less of it is a problem.
We will never pass up the opportunity to draw attention to the importance of cybersecurity awareness, as it is a crucial element for any business to consider. One serious issue that has caused significant stress amongst businesses is phishing. Let’s consider some recent statistics to evaluate where we stand right now, specifically in terms of the prevalence of phishing attacks.
Cyberattacks have been carried out by nations for decades, but for whatever reason, our minds still build the hoodie-wearing cyberpunk sitting at a laptop in a dimly-lit room. This often isn’t the case. Today, we thought we would shine a light on state-sponsored hacking, starting with the attack carried out recently against the U.S.-based cybersecurity company FireEye.
During the COVID-19 pandemic there have been quite a few different types of scams. At first, most of the scams centered around economic relief money that was doled out to people to help prop up the fledgling economy. More recently however, scammers have focused on vaccines. Today, we will take a closer look at some of these scams, as they are growing in sophistication.
Business success is often tied to the quality of your business relationships. There are a lot of people you need to trust: your vendors to get you whatever supplies you need, your team to complete their responsibilities without letting in threats, and your customers to turn to you for what they need. Unfortunately, cybercriminals are willing to take advantage of such trust to accomplish their own ends.
With the 2020 U.S. Election under a month away, there has been a lot of concern that outside interests would try to influence the results. Microsoft has recently disrupted a huge coordinated hacking effort that had designs of altering the election infrastructure needed for a fair and secure election. Let’s take a look at the effort and Microsoft’s response in today’s blog.
Phishing attacks are a very common threat nowadays. Between the classic message from a supposed Nigerian Prince to a sudden and urgent email from the bank with attachment in tow, we’ve all seen our share of them. That’s the trick to stopping them—being able to spot them. Let’s go over five signals that a message may be a phishing attempt.
“Hello sir/ma’am, I am a member of royal [sic] family and I am in grave danger in my country. If you send me money to get out safely, I will share my great riches with you as reward.”
Scams like this one have become a punchline for many, which makes you wonder why they are still commonly used by cybercriminals. As it turns out, there’s a very compelling reason that they do so, one that’s been known for years.
The World Health Organization has been busy dealing with one of the biggest calamities in contemporary times, the COVID-19 pandemic that has had much of the world on pause for the past few months. Unfortunately, they’ve been dealing with an increase in cyberattacks. Today, we’ll take a look at some of the issues the WHO is having with cybercriminals.
Millions of people are still using the Microsoft Windows 7 operating system despite it being completely unsupported. When Microsoft pulled the plug on support for the OS in January, most industry professionals expected there to be some exploits found pretty rapidly. It turns out that the very first exploit was actually Microsoft’s fault, and that Windows 7 support had a little life in it after all.
Cybercriminals aren’t exactly holding back when it comes to attacking businesses, which means that businesses can’t rest on their haunches as the new year rolls in. Let’s take a few moments to look toward the near future, and the issues that cybersecurity professionals are warning us about.
Cybersecurity needs to be a priority to any business that wants to continue their operations in the long-term. One threat that is very common today is the phishing attack.
The man in the middle has a lot of power and influence over the end result, and this is true even in the technological world. In fact, there are attacks dedicated to this vector, twisting and turning something that your organization needs into what amounts to a threat. We’ll discuss what a Man-in-the-Middle (MitM) attack is, as well as what you can do to combat these threats.
Let’s face it; the office isn’t the most engaging place at all times. Repetitive tasks can make attention to detail difficult to maintain. While this might throw a wrench into operational plans, it’s not the end of the world. A major threat like ransomware, on the other hand, could be a business-ender. When a lack of engagement meets security issues, you create a whole other monster that could strike your business when you least expect it.
It’s nice to get away every now and then, but if you have stayed at any property under the Marriott umbrella, including St. Regis, Westin, Sheraton, or W hotel since 2014, there is a good chance that your personal information has been leaked, a spokesperson from parent company Marriott has said. They said the multinational hotel corporation will begin emailing users impacted by the leak in the coming days.
When discussing the practice of monitoring solutions to prevent threats, it isn’t uncommon for many businesses to put these concerns on the back burner. However, every so often, an example comes around to help inspire businesses to take their monitoring seriously. This time, the example was the arrest of 24 spammers in October for scamming American citizens by impersonating Microsoft support staff members.
Ransomware has been far from low-profile since its inception several years ago. Everyone knows what the file-encrypting malware does, and they all know that paying the ransom can make the nightmare go away by decrypting the files located on their computer. As if the threat of losing data forever wasn’t enough, you’re staring down a ticking clock while this is going on. Nowadays, ransomware is becoming more difficult to manage through various tactics.
It’s fair to say that today's organizations are faced with more online threats than ever before. To properly manage the information systems that they depend on for productivity, redundancy, and operational management, they need to ensure that they are doing what they need to do to mitigate problems stemming from the continuous flow of threats.
Sports are a very popular thing around the world, which means that these athletic contests gather many fans to them. In turn, this means that these events are chock full of potential targets for a hacking attack. Today, we’ll examine the assortment of hacks that have taken place around sporting events.
The Internal Revenue Service has declared to tax professionals that they must take extra steps toward protecting the information of taxpayers. Certified Public Accountant (CPA) firms, whether they are large organizations or small businesses, hold much information that could be used by hackers and identity thieves, which makes them major targets during tax season.
If you were a cybercriminal, what would be your preferred method of launching a ransomware attack? Would you rather create a catch-all threat that could capture as many potential victims as possible, or a calculated approach to land a big one? Despite the proven results of larger ransomware initiatives, most cybercriminals have made the shift to smaller, more targeted attacks against specific companies, and in some cases, individuals.
How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.
Social engineering is one of the trickiest parts of protecting your organization. It might sound like something out of a science fiction flick, but it’s one of the most dangerous attacks that a hacker can use against your business. Social engineering attempts to manipulate the target into giving away sensitive credentials or personal information for the purpose of stealing identities and other malicious intentions.
There are times that hackers can’t interfere with data, and then there are times that hackers really can’t interfere with data. CERN, the Conseil Européen pour la Recherche Nucléaire (European Council for Nuclear Research) maintains far too powerful of a computer grid to risk it falling into the control of hackers. To protect it, CERN leverages the cutting edge of security to protect its European Laboratory for Particle Physics: artificial intelligence.
As much as we personify the items in our life, we should remember that they are just that: items. However, technology has made it so that these items seem to be getting smarter through artificial intelligence. The first computer to play chess against a human opponent was introduced in 1956, and ever since, humanity has strived to make progress in the field of AI. In fact, AI is so valuable that even hackers are trying to take advantage of it.
In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.
As we hear news about large-scale hacks and data breaches, there’s a temptation to picture attacks like those in television shows and films like Mr. Robot, Live Free or Die Hard and other works of fiction. These attacks are often carried out by criminal geniuses or nefarious nation-states, utilizing of a crippling zero-day vulnerability or superbug to bring society to its knees.
Hackers are known to go after data of all kinds, but sometimes they have other goals in mind. With one of the biggest events in world politics fast approaching--the 2016 United States presidential election--it’s thought that this event could potentially be influenced by hackers.
Halloween is a great time for people of all ages to let loose and embrace their spookier, darker side--even though they aren’t. For hackers, however, every day is like Halloween, but with ill intentions. Hackers will pretend to be someone they’re not in order to scam you out of sensitive data or personal information. By identifying their tricks, you can keep hackers from getting their treats.
Botnets are a growing concern for businesses all over the world. Between massive DDoS attacks that can knock out servers, and hordes of remote-controlled zombie computers that are subject to a controllers’ whims, businesses have a lot to worry about. Has your business fallen victim to a botnet in the past, and what can you do to keep it safe in the future?
Not long ago, a group referring to itself as the Shadow Brokers distributed hacking tools utilized by the United States National Security Agency (NSA), on various publically-accessible websites. While the motives of the Shadow Brokers are a story for another time, an investigation seems to have locked in on a particular theory of how the Shadow Brokers came into possession of the tools in the first place.
There are countless threats out there that can mean danger for your business, but one of the most innovative to date utilizes a malicious Twitter account to administer commands to a botnet made up of infected Android devices. In fact, this is widely considered the first threat to actively use a social network in this manner, making it a wake-up call for security professionals and social media users alike.
Throughout your journey through the business world, you may have heard rumors, hushed whispers of a deep, dark world beneath the surface of the Internet. Well, it’s real, and it’s known as a hotbed of corruption, where hackers can sell stolen credentials and personal records. However, contrary to popular belief, the Dark Web isn’t as mysterious as it’s made out to be.
You might recall getting a notice from your bank that you’ve been issued a new debit and credit card, one with a chip built into it for enhanced security. There are ATMs out there created specifically for use with these chips, but the same technology created to protect user credentials is now being used to steal them for fraudulent withdrawals.
Healthcare organizations are a hot topic when it comes to cybersecurity, as even a small data breach could turn into a goldmine for hackers. Recently, IBM’s 2016 Cyber Security Intelligence Index has reported a data breach that exposed more than 10 million medical records, which shows us just how scary a breach of this kind can be. The secret weapon, in many cases, is a threat called ransomware.
If you made use of Acer’s online store to purchase a device between May 12, of 2015 and April 28, 2016, we have some bad news for you: There’s a chance you received a letter from Acer to inform you that your card’s credentials were stolen.
While it’s not particularly common for hackers to attack physical infrastructure, the few that have occurred have been known to be quite catastrophic. For example, the Ukrainian power infrastructure was taken out by hackers just last year, leaving hundreds of thousands of citizens without power for several hours. In fact, now western countries are believed to be threatened by similar attacks.
Unfortunately, stories of major data breaches are the norm in today’s news cycle. However, what often gets left out of the story is how the hacker profits from the stolen data. In the case of a recent major hack in Russia of more than one billion credentials, what the hacker did with all of this data has us scratching our heads.
Today’s various versions of ransomware are dangerous. By forcibly locking down important files on a victim’s computer, threats like CryptoLocker and CryptoWall are posing significant threats to both businesses and ordinary computer users. However, a new type of ransomware has appeared called CryptoJoker; and we assure you, there’s nothing funny at all about this one.
Businesses that have online dealings should always be aware of how much danger their operations are in, especially with the omnipresent threat of hackers. Depending on the severity of the hacking attack, some organizations might not even know they’ve been hacked until it’s far too late. It’s critical that your business is able to identify potential threats before they’ve caused irreparable damage to your infrastructure.
Businesses utilize a ton of data in order to keep operations running smoothly, but what happens to data that’s unused? Are they files that are potentially sensitive in nature? If your dark data isn’t being stored securely, it could be at risk of data compromisation, or worse. Therefore, it becomes critical to address your business’s dark data issue before it becomes an even bigger problem.
Cyber security continues to be a major pain point for small and medium-sized businesses, even if they’re taking the fight to the latest threats with solutions like antivirus and firewalls. Significant progress has been made, yet new threats are born every day. In fact, you might be surprised to find out that a monstrous 27.3 percent of all malware in the world was created just last year.
Have you ever been the target of an email spoofer? This can be a difficult question to answer, especially if you don’t know what you’re looking for. Email spoofing can appear to be from legitimate sources, but the most important indicator is if the message looks like spam or fishy in general. If you ever receive a message like this, you might wonder why your spam filter didn’t catch such an obvious trap.
In 2015, we saw countless hacking attacks against major corporations, from health insurance providers like Blue Cross Blue Shield and Anthem, to government offices, like the United States Office of Personnel. Due to the stigma associated with hacking, we often forget that there are a lot of hackers out there who try to use their skills for good--or, at least, less awful purposes.
Computer users, beware; there’s an intrusive malware spreading across the Internet that’s capable of locking users out of their web browsers and redirecting them to fake IT support phone numbers. The hacker’s goal is likely to steal sensitive information from users, so it’s especially important that you don’t call this fake phone number.
Phishing attacks grow more common every day, particularly because it’s so challenging to know who’s for real and who’s a fake on the Internet. The anonymity of the Internet has fostered an environment where hackers can extort money with little fear of getting caught, under the right circumstances. How can you protect yourself and your business from being targeted by phishing attacks?
Here’s a surprising fact for October’s Cyber Security Month: small businesses are at a greater risk of a hacking attack. Many small organizations feel that they’re not a target for hackers due to their size, but this is what hackers want you to think so you’ll focus less on securing your network.
October is Cybersecurity Awareness Month! With the number of data breaches growing every day, one has to wonder what hackers do with all of the information they steal. In some cases, the hackers go public with the information, as seen by the recent Ashley Madison and Sony hacks. Other times, however, hackers just want to use the information as a bargaining chip on the black market. The theft of passwords, usernames, Social Security numbers, and other sensitive information is a very lucrative market for hackers.
In the wake of a ransomware takeover, it seems like the world can’t go a few months without some sort of data loss disaster occurring. The antics of hackers grow more dangerous and difficult to dodge, and IT departments have their hands full dealing with the fallout. What’s keeping you from contracting this ransomware, and how can you keep your business from suffering its consequences?
When you see the results of a major hacking campaign on the news, you might tend to sympathize with the victim. While most hacks target individuals or high-profile businesses, hackers have, for the first time, intentionally targeted each other. The attack in question occurred between Naikon, a cyberespionage group, and another group called Hellsing.
You should never assume that your data is safe from a hacking attack. Just like how the technology industry is working toward new ways to protect the public from hacks, those who lurk in the gutters of the Internet are trying to undermine these developments by any means possible. Some security professionals believe that even radio signals can undermine network security.
Normally, you can trust the software that comes preinstalled on a new computer. Unfortunately, this isn’t the case with the shopping-search app Superfish, which came installed on every Lenovo device sold between September and December 2014. If you’ve got the Superfish app on your computer, then you need to remove it before it does some superbad damages. Here’s how you do it.
Believe it or not, there are horror stories told of innocent people being abandoned by 911 dispatchers when they need help the most. This mainly isn’t due to incompetence on the dispatchers’ part, but because there are malicious forces that aren’t taken into consideration. Often, victims of 911 mishaps are misled by the odd hacker.
It’s the holiday season… for everyone but Sony, at least. The tech/entertainment supergiant has been experiencing a ton of security issues lately. Last month, someone hacked into Sony’s databases and stole a lot of information (including unreleased movies, which were later released to the world). This December, it was revealed that Sony stored their passwords in a folder on their server titled “Passwords.”
