Blog
What You Need to Know About the Kaseya Ransomware Outbreak
Thu, 07/22/2021
In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients.
The Kaseya ransomware outbreak is one of the latest high-profile ransomware attacks targeting...
Blog
7 Important Takeaways from the 2021 Security Awareness Virtual Summit
Fri, 06/25/2021
On June 22nd, Terranova Security hosted the 2021 edition of the Security Awareness Virtual Summit. Sponsored by Microsoft, the virtual event boasted sessions featuring speakers from some of the cyber security industry’s most recognized entities, including the National Cyber Security Alliance (NCSA) and Gartner.
The event’s lineup also featured a panel discussion featuring security awareness...
Blog
What You Need to Know About The Office-365 Phishing Campaign Targeting C-Suite Executives
Fri, 02/12/2021
During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their credentials to sell...
Blog
How To Build a Strong Security Awareness Program in 2021
Mon, 12/28/2020
Discover security awareness trends and best practices for 2021
Your employees are your first line of defense against cyber security attacks. The strength of your security awareness program depends on every employee in your organization.
As part of your organizational goals and plans for 2021, you need to prioritize building a cyber secure and aware culture. This requires an ongoing commitment...
Blog
Data Breaches in 2020: The Year in Review
Wed, 12/23/2020
The disruption caused by the Covid-19 pandemic saw enterprises across the globe rapidly adopt remote working to support social distancing and comply with quarantine restrictions implemented by national governments. Amid this chaos, many cyber criminals created new phishing scams and other online threats, leading to many high profile data breaches.
One of the most alarming trends that emerged this...
Blog
Defining an Information Security Program
Tue, 12/15/2020
Every organization, regardless of size or revenue generated, needs an information security program (ISP), a collection of initiatives that form the basis for any cyber security plan involving confidential data.
A well-developed information security program enables your organization to take an inclusive approach to protecting data such as protected health information (PHI), personally identifiable...
Blog
Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization
Tue, 12/08/2020
Actionable security awareness tips on how employees can prevent insider threats
A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization.
Insider threats unfortunately are not simply the stuff of movies and crime...
Blog
How to Stop Your Employees Falling Victim to Shipping Notification Scams this Holiday Season
Tue, 11/24/2020
With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud.
As many employees will be shopping online during working hours, cyber security leaders need to educate employees on phishing threats and teach...
Blog
How To Protect Remote Financial Services Employees from Cyber Attacks
Thu, 10/29/2020
Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and security leaders need...
Blog
The 2020 Security Awareness Virtual Summit for Partners: Here’s What You Need to Know
Mon, 10/26/2020
Robust, engaging security awareness training is an essential part of strong cyber security practices, especially given the accelerated digital transformation and shift by many organizations to remote workforces.
It can also be a crucial value-added product for resellers, distributors, MSSPs, OEMs partners and technology partners, who are looking to expand their portfolio, drive business growth...
Video
How Security Awareness Training Targets and Changes User Phishing Behaviors
Thu, 10/08/2020
Learn the secrets behind effectively managing the human element of cyber security -- watching the Terranova Security presentation from the 2020 Forrester Security and Risk Virtual Forum on-demand!
This presentation, from author and Terranova Security's Lise Lapointe, includes expert insight into:
Why high-quality content that’s available in multiple formats, accessible to all users, and...
Blog
3 Ways Communication Tools Can Improve Security Awareness Training
Fri, 09/04/2020
To create a truly effective security awareness training program, your organization must also build a clear, engaging internal communication structure to match.
This process involves more than just sending out one or two mass emails to let employees know such a program exists. It’s about establishing a consistent drumbeat of content distribution that grows participation numbers, boosts subject...
Blog
The CRA Cyber Attack: Here’s What You Need to Know
Fri, 08/21/2020
In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB).
In response to the attack, a statement released by the Office of the Chief Information Officer...
Guide
Phishing Awareness Training Kit
Use these free phishing awareness resources to promote a security-aware workforce. The kit includes phishing infographics, end-user training videos and tips on how to recognize phishing emails.
Blog
How to Protect Your Data from the Microsoft Office 365 Phishing Scam
Fri, 07/31/2020
Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries.
According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a significant threat...