WPA2 (Wi-Fi Protected Access 2) is a security protocol; A popular authentication scheme used to protect personal and enterprise Wi-Fi networks. But, on Monday morning (10/16/2017), a serious weakness was discovered. The security protocol used to protect the majority of Wi-Fi connections was broken, potentially exposing wireless Internet traffic to malicious eavesdroppers and attacks. An attacker within range of a victim can exploit these weaknesses using Key Reinstallation Attacks (KRACKs). Continue reading Protect yourself from Krack Attack: A WPA2 Wi-Fi flaw
With all the ransomware attacks that have occurred, like CryptoWall, WannaCry, Petya, there’s a lot of chatter on the Internet about precautionary measures and solutions. One popular solution that’s being talked about is having a good backup for your data. But can having a good back up keep the ransomware attacks at bay? Continue reading Backups becoming more desirable for Ransomware hackers
On a given day, you tend to get anywhere from less than 10 emails to about a few hundred. Out of these emails, there’s a good chance you will get at least one or two phishing emails, which somehow bypassed your spam filter and other security rules that you have in place. If your spam filter is not currently active, turn it ON as soon as possible. Continue reading It’s time to test your employees’ phishing awareness.
The phishing threat is indeed real and is of concern to those in the financial services industry, e-business, and ISPs where their businesses are directly affected. Phishing has evolved rapidly. Initially, users were lured to a phishing site where passwords were harvested or captured by blending phishing with spyware. Now, because more companies are deploying one-time password tokens, phishers are using different techniques to attack the organizations.
Smishing is another “phishing” scam; the only difference is in Phishing, users receive a genuine-looking email that appears to be either from their bank, Internet Service Provider (ISP), favorite store, or other organization. Where as in “Smishing” messages are sent to you via SMS (text message) on your mobile phone.
You would think, being vigilant of cyber criminals that are trying to exploit us via phishing emails were enough, now we have to protect ourselves from Vishing attacks. Vishing, is just a new take on the old scam of phishing.
In one version of vishing, you will receive the typical phishing email, but instead of giving you instructions to click on a link or directing you to a fake/malicious Internet site, you’re given a “Customer Service” phone number with instructions to call the number and provide the requested information over the phone. Those who call the phone number, which is a Voice over Internet Protocol (VoIP) account and not an actual, legitimate business or financial institution, are led through a series of voice-prompted menus that ask for your personal data, such as your account number, password, and other critical confidential information. Continue reading Protect yourself and your company from Vishing Attacks
Just as the internet makes it easier to accomplish many things, such as banking, research, planning travel, shopping, and much more, it also makes it easier for scammers to carry out their virtual crimes. Thus, impacting our real-life finances, security, and peace of mind. Cyber criminals now have become quite savvy in their attempt to lure people in and get you to click on a link or open an attachment. Continue reading Spam vs. Phishing… what’s the difference?
Throughout the last week, we have heard about the Ransomware attack that took place globally and many organizations became victims of the malicious “WannaCrypt,” “Wannacry” software. Ransomware is the type of malicious software designed to block/encrypt access to a computer system until a sum of money is paid. Continue reading How to Prevent Ransomware Attacks?
By Sushma Chowta
While everyone seems to be busy in WannaCry ransomware, there were two other breaches which took place, one in Docusign which is a major provider of electronic signature technology and another one was Bell Canada which is Canada’s largest telecommunications company. Continue reading DocuSign Data Breach Led to Targeted Email Malware Campaign
By Sandy Bobhate
Cyber-attack is becoming the biggest threat in today’s world. Cyber-attackers can target any individuals, organizations or groups and they can steal or destroy personal/company data. Recently, a San Francisco-based electronic signature vendor became a victim of a cyber-attack. Just as the world was trying to cope with the Ransomware attack that shook every IT/NON-IT organization throughout the globe, DocuSign encountered another form of data breach attack. Such attacks are just an example of how critical users’ awareness is and should be a top priority for every organization. Users should be attentive and watchful of any suspicious email or activity from a forged source and refrain from any activity that could trigger the attack (clicking on the email, downloading an attachment, opening a link, etc.) Continue reading Data Breach Leads to Malicious Spam