The holiday shopping season presents a target-rich environment for cybercriminals. In fact, as per the 2020 Trustwave Global Security Report , the retail industry is the most targeted sector for cyber attacks for the third year running. An increasing shift to a digital environment—a change due in no small part to the COVID-19 pandemic—isn’t making data protection easier for retailers either...

How to Protect Against Ryuk Ransomware As countries worldwide struggle to come to grips with the Covid-19 pandemic, attackers have attempted to capitalize by launching a wave of ransomware attacks on hospitals across the U.S. and Canada. These attacks have taken place in locations ranging from New York, Nebraska, Ohio, Missouri, and Michigan, to Montreal, by using Ryuk ransomware. But what is...

Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and security leaders need...

Robust, engaging security awareness training is an essential part of strong cyber security practices, especially given the accelerated digital transformation and shift by many organizations to remote workforces. It can also be a crucial value-added product for resellers, distributors, MSSPs, OEMs partners and technology partners, who are looking to expand their portfolio, drive business growth...

To create a truly effective security awareness training program, your organization must also build a clear, engaging internal communication structure to match. This process involves more than just sending out one or two mass emails to let employees know such a program exists. It’s about establishing a consistent drumbeat of content distribution that grows participation numbers, boosts subject...

In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB). In response to the attack, a statement released by the Office of the Chief Information Officer...

Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a significant threat to...

Less than a week ago, Twitter fell victim to a monumental security breach that saw hackers successfully orchestrate a social engineering attack and take over high-profile Twitter user accounts, including world-renowned companies like Apple and business magnates like Bill Gates and Elon Musk. The cybercriminals used that access to launch a bitcoin scam that generated over $120,000. The attack is...

(7 min read) Hint: It has everything to do with effective mobile learning. The past decade’s explosion of smartphone and tablet usage has magnified the importance of well-designed mobile responsive content as a vital part of any training program. Recent studies echo clear mobile learning preference statistics, including how: 70% of learners feel more motivated when training on a mobile device...

Security awareness training is indispensable to ensure that your users have the knowledge they need to protect your organization’s sensitive data from cyber threats. These training initiatives also help create a strong cyber-secure organizational culture that emphasizes engaged, aware employees. On July 7 th , Terranova Security will host the 2020 edition of the Security Awareness Virtual Summit...

(7 min read) Using online security awareness training to lower your click rate Recognizing a potential phishing email is the first step in avoiding falling victim to a cyber attack. The next and most important step is knowing what to do with this email. Ideally, you want your employees to report the phishing email to you and then delete the message. However, curiosity is extremely powerful. People...

Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical elements that make up a...

(3 min read) Laval, QC, May 21, 2020 – Today Terranova Security, a global leader in security awareness training, announced a new set of enhanced accessibility features across its entire library of security awareness training content . To coincide with Global Accessibility Awareness Day (GAAD), this release boasts an enriched learning experience that’s inclusive for all users, with plans to make...

COVID-19 is rapidly changing how we work, communicate, and interact with one another. Some private companies, public institutions, and government departments are mandating that all employees who can, must work from home. For many users this is the first time they have worked from home. Not only is there the stress of the uncertainties around COVID-19 but also an adjustment period for people...

Adult Learners Need Relevant and Relatable Training Using intelligent social engineering techniques, cybercriminals know how to tailor their cyber attacks to their recipients. An employee in HR receives a very different phishing email than the customer service representative in a call center or the salesperson who is traveling and accessing the network remotely. And this is exactly why...

Bringing the Best in Security Awareness Content to Microsoft Customers Terranova Security has announced that it has partnered with Microsoft Microsoft is leveraging our phishing , security awareness, social engineering , and cyber security content in Microsoft Office 365 Advanced Threat Capabilities (Office 365 ATP). “ Microsoft’s technology and platform enriches us with intelligent insights to...

Cyber Monday is right around the corner and this means employees will be shopping online at work. To prepare for the busiest online shopping day of the year, companies need to remind employees of how to be safe online . It’s very easy for even the most cyber-aware employees to get caught up in the rush of online holiday sales and promotions. Retailers know that shoppers want deals and start their...

The lessons learned from cyber security training for employees must extend beyond the office doors. It’s important that employees understand that cyber security awareness matters at the office and at home. We know that many people relax their cyber security practices when they’re using their home computers, laptops, and personal mobile devices. You want to give your staff, your users actionable...

Leveraging a spirit of competition to drive engagement and create a security culture Gamification is a popular concept these days, and for good reason. With gamification, you can develop a game for learning more about a serious topic while also getting the learner to approach winning that game with the same fervor they would when playing for entertainment. So what happens when you integrate...

The MINDSPACE framework: What factors influence human behavior? Even when your company has the best technology and the most efficient security controls, it still has to invest in the human factor. Regardless of the methods a company adopts, nothing can be accomplished unless users of the technology are motivated and able to apply the methods effectively. According to a recent study , a...