Automated spam on eBay is spreading tailored phishing messages offering to promote users’ products, and the links the spammers share can lead to dangerous websites, according to Paul Ducklin at Naked Security. The messages themselves contain text customized to a product the target has just posted, and they include an image of a shortened, easy-to-read […]
Chinese Hackers Infiltrate Global Telecom Networks With Spear Phishing
The WSJ revealed a brazen hack by Chinese state-sponsored bad actors who totally owned more than 10 global telecom networks, and had full admin access to their networks. They were able to swipe users’ whereabouts, text-messaging records and call logs. They reported: “The multiyear campaign, which is continuing, targeted 20 military officials, dissidents, spies and […]
New KnowBe4 Benchmarking Report Unveils That Untrained Users Pose The Greatest Risk To Your Organization
KnowBe4, has released the new Phishing by Industry Benchmarking Report to measure an organization’s average Phish-prone percentage, which indicates how many of their employees are likely to fall for a phishing or social engineering scam. The 2019 study analyzed a data set of nearly nine million users across 18,000 organizations with over 20 million simulated […]
Why Do Organizations Still Under-report Cybercrime?
It’s estimated that organizations aren’t engaging with Law Enforcement when becoming a victim of a cybercrime in large numbers. We cover 5 reasons why organizations don’t. After a confirmed cyberattack, there are a number of tasks that need to be done; figure out what happened, assess the scope of any damage done, figure out where […]
Reminder: That Padlock Doesn’t Mean It’s Secure
We’ve mentioned this before, but the misconception has surfaced again, and it’s worth mentioning again. Looking for the padlock as a sign of a secure legitimate website isn’t an accurate indication that a site is malware free. Recent research indicates that nearly half of all phishing sites display the padlock and a web address that […]
Shadow IT is Alive and Well: One-Third of Employees Deploy Their Own Software
Employees see IT as an “inconvenience” and look for ways to get around security measures, putting the organization at risk, according to SailPoint’s 2018 Market Pulse Survey. IT can’t make the organization secure if the user is working in the exact opposite direction. IT puts security controls on file sharing, and users open a personal […]
Reduce the Risk of Data Breach by Focusing on Compromised Credentials
The bad guys can’t do anything on your network without access. That’s why they focus their efforts on gathering as many sets of credentials as possible. You should focus there too. The cybercriminals don’t just want to get onto a user’s endpoint and simply stop there; their goal is most commonly to monetize the attack […]