Most skilled cyber attackers don't need exploits to access an enterprise network. In many examples of Business Email Compromise (BEC) attacks, all it takes is a simple phishing scam to trick the user into handing over their login credentials. In these attacks, a hacker will send an employee a phishing email posing as a trusted individual to trick the victim into handing over sensitive information...

Transportation plays a vital role in our daily lives, getting us to work, school, and social activities. In many regions, cars have become the primary mode of transportation, shaping the urban landscape and influencing how we interact with our environment. For many people, owning a car is not only a convenience but a necessity in navigating the modern world. Over the years, cars have dramatically...

An urgent voicemail message from the tax department. A text message from Microsoft tech support warning you about a problem with your computer. A caller asking you to confirm your mailing address and credit card number so you can collect your free prize. A text message requesting your confirmation of an Amazon shipment. These are all examples of smishing and vishing cyber attacks. They have one...

Users often just assume that the software tools they're using are in top working condition, and that's generally true. However, every change and every piece of new code introduces new potential for gaps, problems, and bugs. Sometimes cyber security is a race against time. What happens when a cyber attacker finds a hole before a security team does? What is a Zero-Day Attack? As soon as a malicious...

To prevent ransomware, companies need to focus on giving their employees actionable security awareness training that educates, empowers, and motivates. For this to happen, employees must understand the facts around ransomware and the profound, long-term impact it can have on the company. Once a ransomware attack is successfully executed, there are very few options for the affected company apart...

Many employees are celebrating the recent shift to remote and hybrid work. However, some security specialists and compliance experts are not as thrilled. Digitalization, cloud computing, and Software as a Service (SaaS) bring new freedom and flexibility to organizations and workers. At the same time, they send data out into the wild beyond traditional security perimeters. There is a lot of freedom...

Information systems are not equally safe or vulnerable to cyber attacks. Cyber criminals look for entry points that make it easier to break in, steal data, or do damage to systems. To illustrate, think of a burglary attempt. If an intruder has several houses to choose from, the one with an unlocked door and no security cameras is the easiest and most likely target. The process is similar to cyber...

Don’t you just love the portability of modern-day remote work? Any café, airport, or city promenade can magically become your office for the day. However, one downside is that the public Wi-Fi networks you need to get your work done are prime places for risks such as the Man-in-the-Middle (MITM) cyber attacks. They happen just like they sound. A cyber attacker inserts themselves between you and...

Whether you’re just starting out in the workforce or making a career change, knowing what skills make up an excellent cyber security professional and how to work towards them is essential. The good news is that the industry as a whole is in dire need of qualified professionals, with the cyber skills gap totaling 3.4 million workers as of this year, a 26.2% increase since 2021. However, you still...

Social media has completely redefined our lives. From how we communicate to the type of information we broadcast, people worldwide have used these platforms to make new friends, share information, start and promote businesses, and so much more. These platforms have become amazingly convenient and powerful to the point where they have become a centerpiece of most people’s lives. The ubiquity of...

All examples of social engineering take advantage of human nature, such as the willingness to trust others, to trick individuals into divulging sensitive information. Despite its prevalence, social engineering can be challenging to distill into a single formula. It’s one of the reasons 82% of data breaches involve the human element. Social engineering has become the backbone of many cyber threats...

Let’s be honest: cyber security employee training has a reputation for being dull. Most employees dread it. They expect dry training talks, lackluster presentations, and examples they can’t relate to. In any training, people must come first. You should create a model that focuses on the people you’re trying to reach: your own employees. A people-centric approach lets you focus your cyber security...

Cyber security is one of the fastest-growing fields in technology, and with the number of cyber attacks increasing every year, it’s no wonder why it’s also one of the fields hiring the most. Nowadays, almost every company needs a cyber security department to protect its data from hackers and scammers. Cybercrime magazine estimates there will be over 3.5 million cyber security job openings in the...

New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers more control over their...

A lot of ink over the years has gone into comparing the most common generations within the workplace—and for a good reason. Generations are a great way to compare and study variations in broad subjects like the importance of job security, working habits, and technology usage. These generalizations have been crucial data for many important workplace improvements, including cyber security awareness...

Employees come and go for a variety of reasons. If you’re lucky, they’ll be very cooperative with the offboarding process, but this isn’t always the case. And even if they are, you still have to take it with a grain of salt. Some say that calm and cooperative offboarding is often the most dangerous because people aren’t as diligent when the situation seems lax. If these moments have any...

It’s upsetting when bad actors turn the good things in life against us. We use social media daily to celebrate, learn, keep in touch, fall in love, and buy things that satisfy our needs and wants. Unfortunately, hackers exploit that information to execute phishing attacks. Social media platforms did not only experience more attacks in 2022, but it’s also become the fastest-growing attack surface...

March is Fraud Prevention Month, and Terranova Security wants to take this opportunity to emphasize the importance of raising awareness on information security best practices. Let’s stop online fraud in its tracks. As security professionals focused on Information Security Awareness (ISA), much of what we do is fraud prevention. Our aims and actions have a direct link to Fraud Prevention Month...