Cybersecurity

Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks. A cybercriminal may want to steal employee login credentials. Or wish to launch a ransomware attack for a payout. Or possibly plant spyware to steal sensitive info. Sending a phishing email can do them all 80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic. Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams. Many employees are now working from home….

Few things invoke instant panic like a missing smartphone or laptop. These devices hold a good part of our lives. This includes files, personal financials, apps, passwords, pictures, videos, and so much more. The information they hold is more personal than even that which is in your wallet. It’s because of all your digital footprints. This makes a lost or stolen device a cause for alarm. It’s often not the device that is the biggest concern. It’s the data on the device and access the device has to cloud accounts and websites. The thought of that being in the hands…

There is a reason why phishing is usually at the top of the list for security awareness training. For the last decade or two, it has been the main delivery method for all types of attacks. Ransomware, credential theft, database breaches, and more launch via a phishing email. Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example. If phishing didn’t continue working, then scammers would move on to another type of attack. But that…

How many text messages from companies do you receive today as compared to about two years ago? If you’re like many people, it’s quite a few more. This is because retailers have begun bypassing bloated email inboxes. They are urging consumers to sign up for SMS alerts for shipment tracking and sale notices. The medical industry has also joined the trend. Pharmacies send automated refill notices and doctor’s offices send SMS appointment reminders. These kinds of texts can be convenient. But retail stores and medical practices aren’t the only ones grabbing your attention by text. Cybercriminal groups are also using…

You’ve completed your annual phishing training. This includes teaching employees how to spot phishing emails. You’re feeling good about it. That is until about 5-6 months later. Your company suffers a costly ransomware infection due to a click on a phishing link. You wonder why you seem to need to train on the same information every year. But you still suffer from security incidents. The problem is that you’re not training your employees often enough. People can’t change behaviors if training isn’t reinforced. They can also easily forget what they’ve learned after several months go by. So, how often is…

The number of internet-connected devices in homes has been growing. It’s increased exponentially over the last decade. A typical home now has 10.37 devices connected to the internet. PCs and mobile devices make up a little over half of those and the rest are IoT devices. IoT stands for Internet of Things. It means any other type of “smart device” that connects online. IoT devices in a home can be everything from your streaming stick to your smart refrigerator. Smart baby monitors and Alexa voice assistants are also IoT. There’s also been another change that has happened over the last…

Credential theft is now at an all-time high and is responsible for more data breaches than any other type of attack. With data and business processes now largely cloud-based, a user’s password is the quickest and easiest way to conduct many different types of dangerous activities. Being logged in as a user (especially if they have admin privileges) can allow a criminal to send out phishing emails from your company account to your staff and customers. The hacker can also infect your cloud data with ransomware and demand thousands of dollars to give it back. How do you protect your…

Smartphones and tablets are often the preferred device for communications, web searching, and accessing many types of apps. They’re more portable and can be used from anywhere. We’re seeing the takeover of many activities that used to be performed on traditional computers. Now, people are using mobile devices instead. For example, Microsoft estimates that up to 80% of the workload in many enterprise organizations is now done via mobile devices. Over half of all web searches are also now conducted from a mobile device rather than a desktop PC. This has caused mobile devices to become more targeted over the…

Approximately 34% of businesses take a week or longer to regain access to their data and systems once hit with a malware attack. Malware is an umbrella term that encompasses many different types of malicious code. It can include: Viruses Ransomware Spyware Trojans Adware Key loggers And more The longer that malware sits on your system unchecked, the more damage it can do. Most forms of malware have a directive built in to spread to as many systems as possible. So, if not caught and removed right away, one computer could end up infecting 10 more on the same network…

Any cyberattack is dangerous, but the particularly devastating ones are those on supply chain companies. These can be any supplier – digital or non-digital – of goods and services. We’ve seen several attacks on the supply chain occur in 2021 that had wide-reaching consequences. These are “one-to-many” attacks where victims can go far beyond the company that was initially breached. Some recent high-profile examples of supply chain attacks include: Colonial Pipeline: A ransomware attack caused this major gas pipeline to be shut down for nearly a week. JBS: The world’s largest supplier of beef and pork products was hit with…