Cyber security is a constant battle against evolving threats. While most of the themes are the same, it is crucial to remain informed and up to date on the latest forms of every cyber threat. After all, 31% of executives said in a recent survey their main cyber security challenge was improper identification of key risks. Most companies around the globe have a cyber security awareness plan in place...

All examples of social engineering take advantage of human nature, such as the willingness to trust others, to trick individuals into divulging sensitive information. Despite its prevalence, social engineering can be challenging to distill into a single formula. It’s one of the reasons 82% of data breaches involve the human element. Social engineering has become the backbone of many cyber threats...

Let’s be honest: cyber security employee training has a reputation for being dull. Most employees dread it. They expect dry training talks, lackluster presentations, and examples they can’t relate to. In any training, people must come first. You should create a model that focuses on the people you’re trying to reach: your own employees. A people-centric approach lets you focus your cyber security...

Cyber security is one of the fastest-growing fields in technology, and with the number of cyber attacks increasing every year, it’s no wonder why it’s also one of the fields hiring the most. Nowadays, almost every company needs a cyber security department to protect its data from hackers and scammers. Cybercrime magazine estimates there will be over 3.5 million cyber security job openings in the...

A lot of ink over the years has gone into comparing the most common generations within the workplace—and for a good reason. Generations are a great way to compare and study variations in broad subjects like the importance of job security, working habits, and technology usage. These generalizations have been crucial data for many important workplace improvements, including cyber security awareness...

There’s no way to measure your security awareness program’s success unless you identify the behaviors you want to address and develop a clear, actionable strategy. However, many cyber security leaders struggle to create a framework to quantify the success of their security awareness training . As a result, their organizations rely on intuition rather than clearly defined objectives and supporting...

Employees come and go for a variety of reasons. If you’re lucky, they’ll be very cooperative with the offboarding process, but this isn’t always the case. And even if they are, you still have to take it with a grain of salt. Some say that calm and cooperative offboarding is often the most dangerous because people aren’t as diligent when the situation seems lax. If these moments have any...

It’s upsetting when bad actors turn the good things in life against us. We use social media daily to celebrate, learn, keep in touch, fall in love, and buy things that satisfy our needs and wants. Unfortunately, hackers exploit that information to execute phishing attacks. Social media platforms did not only experience more attacks in 2022, but it’s also become the fastest-growing attack surface...

March is Fraud Prevention Month, and Terranova Security wants to take this opportunity to emphasize the importance of raising awareness on information security best practices. Let’s stop online fraud in its tracks. As security professionals focused on Information Security Awareness (ISA), much of what we do is fraud prevention. Our aims and actions have a direct link to Fraud Prevention Month...

Everyone wants to look good in front of their boss. Which is exactly why an urgent email from the CEO of your company is guaranteed to catch your attention. You’re more likely to act on the request immediately without questioning the details. But what if that email didn’t come from your boss? All it takes is one savvy email that encourages an employee to act on behalf of their team leader. For...

Phishing attacks work because people don’t know what phishing looks like. These examples of phishing emails emphasize how easy it is to be tricked.

The education sector experienced a "record-breaking" year of cyber attacks in 2020. In case you'd been sleeping under a rock, there was a global pandemic that drove up the need for virtual setups. According to Microsoft , education is globally the sector most vulnerable to threats like malware, accounting for more than 6.8 million (over 63%) of total reported encounters in early 2022. It's not one...

Hackers are targeting hundreds of thousands of Google users with fake Google Drive notifications and emails to try and trick them into visiting malicious websites.

Everyone wants to impress their boss, which is exactly what scammers rely on nowadays to carry out sophisticated phishing attacks called CEO fraud. Examples of CEO fraud are becoming increasingly common, with attackers regularly sending out phishing emails to an organization's employees and impersonating the top executive. This often comes with a demand at the end of the day that must be completed...

As much as we can say that cyber security measures are advancing, we can say the same about cyber criminals and their strategies. In 2022, ransomware attacks occurred every 11 seconds on average, at a global annual cost to businesses and governments of $20 billion US. Costs are rising in part due to the growing ransoms demanded from victims. While estimates of the average ransomware payout in 2020...

KrebsOnSecurity blog recently reported on a popular, low-cost Common Access Card (CAC) reader available on Amazon that came with drivers infected by malware . A compromised smart ID card reader can bring severe consequences to both government and private organizations. It gives hackers an easy backdoor means of infiltrating networks and systems, which can leave sensitive information vulnerable to...

This financial sector’s reliance on computer systems and network has made it an attractive target for cyber attacks, now the biggest risk to the UK financial system. In its latest Financial Stability Report , the Bank of England (BoE) agrees that cyber threats may be prevalent in 2023. The BoE said that it is working to strengthen defenses against cyber attacks. The report identified three...

The way we think about data protection is changing. Cyber culture is emerging as the new norm, and organizations must adapt their strategies to stay ahead of the curve. Data protection has traditionally focused on preventing breaches and protecting sensitive information. However, cyber culture goes beyond this by encompassing all aspects of online life. It includes everything from how we interact...

If you’re a company that uses email scanning technology as the first line of cyber defense, you should know about a recent slate of malicious Word document-based attacks. These attacks are designed to deliver malware and ransomware to targeted systems. Security researchers at Cisco Talos recently identified an attack where Word document files attached to emails were used to deliver Cobalt Strike...