Protect yourself from Krack Attack: A WPA2 Wi-Fi flaw

WPA2 (Wi-Fi Protected Access 2) is a security protocol; A popular authentication scheme used to protect personal and enterprise Wi-Fi networks. But, on Monday morning (10/16/2017), a serious weakness was discovered. The security protocol used to protect the majority of Wi-Fi connections was broken, potentially exposing wireless Internet traffic to malicious eavesdroppers and attacks. An attacker within range of a victim can exploit these weaknesses using Key Reinstallation Attacks (KRACKs). Continue reading Protect yourself from Krack Attack: A WPA2 Wi-Fi flaw

Backups becoming more desirable for Ransomware hackers

With all the ransomware attacks that have occurred, like CryptoWall, WannaCry, Petya, there’s a lot of chatter on the Internet about precautionary measures and solutions. One popular solution that’s being talked about is having a good backup for your data. But can having a good back up keep the ransomware attacks at bay? Continue reading Backups becoming more desirable for Ransomware hackers

It’s time to test your employees’ phishing awareness.

On a given day, you tend to get anywhere from less than 10 emails to about a few hundred. Out of these emails, there’s a good chance you will get at least one or two phishing emails, which somehow bypassed your spam filter and other security rules that you have in place. If your spam filter is not currently active, turn it ON as soon as possible. Continue reading It’s time to test your employees’ phishing awareness.

How Multi-Factor Authentication protects against Phishing attacks

The phishing threat is indeed real and is of concern to those in the financial services industry, e-business, and ISPs where their businesses are directly affected. Phishing has evolved rapidly. Initially, users were lured to a phishing site where passwords were harvested or captured by blending phishing with spyware. Now, because more companies are deploying one-time password tokens, phishers are using different techniques to attack the organizations.

Continue reading How Multi-Factor Authentication protects against Phishing attacks

Protect yourself and your company from Vishing Attacks

You would think, being vigilant of cyber criminals that are trying to exploit us via phishing emails were enough, now we have to protect ourselves from Vishing attacks. Vishing, is just a new take on the old scam of phishing.

In one version of vishing, you will receive the typical phishing email, but instead of giving you instructions to click on a link or directing you to a fake/malicious Internet site, you’re given a “Customer Service” phone number with instructions to call the number and provide the requested information over the phone. Those who call the phone number, which is a Voice over Internet Protocol (VoIP) account and not an actual, legitimate business or financial institution, are led through a series of voice-prompted menus that ask for your personal data, such as your account number, password, and other critical confidential information. Continue reading Protect yourself and your company from Vishing Attacks

Spam vs. Phishing… what’s the difference?

Just as the internet makes it easier to accomplish many things, such as banking, research, planning travel, shopping, and much more, it also makes it easier for scammers to carry out their virtual crimes. Thus, impacting our real-life finances, security, and peace of mind. Cyber criminals now have become quite savvy in their attempt to lure people in and get you to click on a link or open an attachment. Continue reading Spam vs. Phishing… what’s the difference?

DocuSign Data Breach Led to Targeted Email Malware Campaign

By Sushma Chowta

While everyone seems to be busy in WannaCry ransomware, there were two other breaches which took place, one in Docusign which is a major provider of electronic signature technology and another one was Bell Canada which is Canada’s largest telecommunications company. Continue reading DocuSign Data Breach Led to Targeted Email Malware Campaign

Data Breach Leads to Malicious Spam

By Sandy Bobhate

Cyber-attack is becoming the biggest threat in today’s world. Cyber-attackers can target any individuals, organizations or groups and they can steal or destroy personal/company data. Recently, a San Francisco-based electronic signature vendor became a victim of a cyber-attack. Just as the world was trying to cope with the Ransomware attack that shook every IT/NON-IT organization throughout the globe, DocuSign encountered another form of data breach attack. Such attacks are just an example of how critical users’ awareness is and should be a top priority for every organization. Users should be attentive and watchful of any suspicious email or activity from a forged source and refrain from any activity that could trigger the attack (clicking on the email, downloading an attachment, opening a link, etc.) Continue reading Data Breach Leads to Malicious Spam