When it comes to cyber crime, hackers like to locate the most high-value targets, whether it’s a piece of infrastructure or an individual with access to privileged information, all while expending the least effort possible. In most examples of spear phishing attacks, a criminal will send out targeted attacks via email to multiple users. In these emails, the attacker will use...

Spoofing refers to an attack where hackers use various ways to disguise their identity so that their victims think they are talking to their coworker, boss, or business. The methods used to achieve this are the typical phishing tropes such as fake websites, links, and social engineering. When spoofing is involved, it’s often more helpful to focus on detecting the facade rather...

Malware is perhaps the most widely known out of all IT security threats. Since 1986, malware has become a significant concern for enterprise users, with recent examples including the Colonial Pipeline attack, Kaseya ransomware attack, and the SolarWinds Dark Halo breach. However, these attacks are just the tip of the iceberg, with many businesses falling victim to malware and...

In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients. The Kaseya ransomware outbreak is one of the latest high-profile...

Imagine waking up one day and the organizations you deal with – your bank, your workplace, the tax office, your educational institution – don’t recognize you as you. Sounds like science fiction, right? In its extreme version, it is. But versions of this story are playing out for people and organizations daily as incidences of identity theft occur more frequently around the...

During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their...

Spear phishing occurs when cyber criminals deploy targeted attacks against individuals and businesses alike via email. Using savvy tactics, hackers collect sensitive data about specific parties to construct messages that sound familiar and trustworthy. As its name implies, spear phishing falls under the larger umbrella category of phishing attacks that victimize end users and...

Discover security awareness trends and best practices for 2021 Your employees are your first line of defense against cyber security attacks. The strength of your security awareness program depends on every employee in your organization. As part of your organizational goals and plans for 2021, you need to prioritize building a cyber secure and aware culture. This requires an...

Actionable security awareness tips on how employees can prevent insider threats  A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff...

With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud. As many employees will be shopping online during working hours, cyber security leaders need to educate employees on...

The holiday shopping season presents a target-rich environment for cybercriminals. In fact, as per the 2020 Trustwave Global Security Report, the retail industry is the most targeted sector for cyber attacks for the third year running. An increasing shift to a digital environment—a change due in no small part to the COVID-19 pandemic—isn’t making data protection easier for...

How to Protect Against Ryuk Ransomware As countries worldwide struggle to come to grips with the Covid-19 pandemic, attackers have attempted to capitalize by launching a wave of ransomware attacks on hospitals across the U.S. and Canada. These attacks have taken place in locations ranging from New York, Nebraska, Ohio, Missouri, and Michigan, to Montreal, by using Ryuk...

Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and...