Credential Stuffing Attacks Generate Billions of Login Attempts

Credential stuffing is a type of cyber attack where stolen account credentials consisting of lists of usernames and email addresses with corresponding passwords are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application. Continue reading Credential Stuffing Attacks Generate Billions of Login Attempts

Email PDF Attachments to Control Stealthy Backdoor

Turla, a highly sophisticated Russian cyberespionage group, also known as Snake and Uroburos, for the past several years have been using PDFs in emails to control an especially stealthy Microsoft Outlook backdoor. The most recent victims of the backdoor include Germany’s Federal Foreign Office, a significant defense contractor, and the foreign offices of at least two other European countries. In the attack against the Germany’s Federal Foreign Office, Turla dropped the backdoor on several systems and used them to steal data. Continue reading Email PDF Attachments to Control Stealthy Backdoor

Phishing Attacks are on the Rise in 2018

Each quarter, the Anti-Phishing Working Group (APWG) prepares a report to keep all sectors aware of current cybercrime threats. The APWG recently released Phishing Activity Trends Report for Q1 2018 on July 31st, 2018. Phishing Activity Trends Report contains detailed data compiled from reported Phishing Campaigns. Phishing Campaigns are emails sent to multiple users with a familiar subject line to get the user to trust the email to open the email and a phishing website that uses safe and ethical phishing practices. Continue reading Phishing Attacks are on the Rise in 2018

Mobile Phishing Scams are on the Rise

Phishing is the practice of sending fraudulent messages or emails pretending to be a part of reputable companies and trying to get individuals to reveal personal information about themselves, whether it be social security numbers, bank account numbers, passwords, etc. In the past few years, the number of phishing scams  have been increasing at an immense rate. According to the security firm Lookout, the rate at which enterprise users are falling for phishing attacks on mobile has increased by 85% every year since 2011. Continue reading Mobile Phishing Scams are on the Rise

Atlanta Airport Wi-Fi finally operating after Cyberattack

According to abcnews, on March 22, 2018 the city of Atlanta computer network was hit by a Ransomware attack. The attack included the encryption of some city data and caused outages for numerous city applications. In order to prevent from Ransomware attack, on March 23, 2018 Atlanta airport shut down its Wi-Fi network and the systems that provide flight information and security checkpoint wait times on its website. Continue reading Atlanta Airport Wi-Fi finally operating after Cyberattack

Basic Security Awareness Training is no longer sufficient

There has been an alarming rise in phishing scams which has resulted in large volumes of data being accessed illegally by cyber criminals – phishing scams such as the Bell Canada Scam, KRACK Attack, Netflix Scam, Google Docs Phishing Scam, and many more.

Phishing scams are getting more sophisticated and harder to detect. It’s no wonder protecting an organization from cyber-attacks has become one of the most common security challenges that an organization faces today in keeping their data secure. Continue reading Basic Security Awareness Training is no longer sufficient

New Email Security Study Shows a Massive 10.5% Failure Rate

The aggregated results of a new email security analysis show over 10% average rate at which enterprise email security systems miss spam, phishing and malware attachments.
The summary of findings encompasses user mailboxes at companies tested in the Email Security Gap Analysis program during September and October 2017. Continue reading New Email Security Study Shows a Massive 10.5% Failure Rate

Protect yourself from Krack Attack: A WPA2 Wi-Fi flaw

WPA2 (Wi-Fi Protected Access 2) is a security protocol; A popular authentication scheme used to protect personal and enterprise Wi-Fi networks. But, on Monday morning (10/16/2017), a serious weakness was discovered. The security protocol used to protect the majority of Wi-Fi connections was broken, potentially exposing wireless Internet traffic to malicious eavesdroppers and attacks. An attacker within range of a victim can exploit these weaknesses using Key Reinstallation Attacks (KRACKs). Continue reading Protect yourself from Krack Attack: A WPA2 Wi-Fi flaw

Backups becoming more desirable for Ransomware hackers

With all the ransomware attacks that have occurred, like CryptoWall, WannaCry, Petya, there’s a lot of chatter on the Internet about precautionary measures and solutions. One popular solution that’s being talked about is having a good backup for your data. But can having a good back up keep the ransomware attacks at bay? Continue reading Backups becoming more desirable for Ransomware hackers

It’s time to test your employees’ phishing awareness.

On a given day, you tend to get anywhere from less than 10 emails to about a few hundred. Out of these emails, there’s a good chance you will get at least one or two phishing emails, which somehow bypassed your spam filter and other security rules that you have in place. If your spam filter is not currently active, turn it ON as soon as possible. Continue reading It’s time to test your employees’ phishing awareness.