Most people working for organizations have been exposed at some point in their careers to security awareness programs. Some of these programs are well-executed and delivered, while others consist of a disinterested security person talking through slides for 45 minutes. I’ve seen many good security awareness programs over the years, and at the same time, […]
FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability
Your server could have been compromised and the FBI was trying to mitigate the issue without you even knowing it yet. Yesterday the Department of Justice revealed in a statement that the FBI was granted access to remove web shells that were installed on compromised web servers. These web servers are related to the Microsoft […]
Phishing Attacks Using PDF Files Have Skyrocketed
Phishing attacks using PDF files have spiked over the past year, according to researchers at Palo Alto Networks’ Unit 42. “From 2019-20, we noticed a dramatic 1,160% increase in malicious PDF files – from 411,800 malicious files to 5,224,056,” the researchers write. “PDF files are an enticing phishing vector as they are cross-platform and allow […]
KPMG: Cyber Security Risk Is Now No. 1 Threat To Growth
KPMG in the UK just released their CEO 2021 Outlook Pulse Survey where global leaders were asked about their 3-year outlook. CEOs of the world’s most influential companies are planning what a return to ‘normal’ will look like. Nearly half (45 percent) expect normality to resume in 2022, with only one-third (31 percent) anticipating a […]
Running Headfirst Into a Breach
The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call. However, its meteoric rise has not been without some hiccups along the way. There have been many cases of people not securing their meetings, leading to many […]
Microsoft Finds 80% of Organizations Encounter an Increase in Security Threats Due to Remote Workers
Learning from last year’s shift to a remote workforce can help dictate how operations should evolve. New data from Microsoft points at the need to better secure remote workers. Microsoft’s New Future of Work Report (subtitled Research from Microsoft into the Pandemic’s Impact on Work Practices) offers insight into how businesses have changed the way […]
Microsoft: SolarWinds attack took more than 1,000 engineers to create
You may have missed this extremely interesting bit of data that ZDNet just published. “Microsoft reckons that the huge attack on security vendors and more took the combined power of at least 1,000 engineers to create. “The months-long hacking campaign that affected US government agencies and cybersecurity vendors was “the largest and most sophisticated attack […]
Interpol Warns of Romance Scams
Interpol has issued a notice describing a scam tactic popular on dating applications. The scheme is a mixture of a romance scam and an investment fraud, taking advantage of victims’ loneliness and their desire to make money. “In the initial stages, an artificial romance is established via a dating app,” Interpol says. “Once communication becomes […]
World Economic Forum: COVID Makes Cybersecurity Problem No. 1
The WEF just published their recent survey over worldwide corporate leaders. When asked about technology objectives that have become a greater priority due to COVID, they elevated information security to the No. 1 position, with business continuity and resilience following right after. These days, that’s practically all in the IT domain. Here is a list […]
Vaccine Research Companies are the Target of New Ransomware Attacks
The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warns financial organizations to be aware of campaigns actively targeting vaccine companies. If you’re a ransomware gang and you want to maximize your ransom, who do you attack? An organization working feverishly to potentially make billions of dollars via a desperately needed vaccine, of course! Take […]