History Matters: Cyber Attacks from the 1970s

History Matters: Cyber Attacks from the 1970s

It all began circa 1957, when a seven-year-old boy named Joe Engressia stumbled upon what would one day become a widespread threat to the phone system. When Engressia whistled into his telephone with perfect pitch at a frequency of 2600 Hz, the automatic switch disconnected the line from one end, leaving the other end wide open to call long-distance free of charge.

Read More

Why Cryptojacking Attacks Continue to Rise

Why Cryptojacking Attacks Continue to Rise

Cyber-attacks for profit are likely to stick around as long as the cybersphere exists, but the threatscape is always shifting and evolving. Phishing attacks, which have dominated the headlines for the past couple of years, are now sharing ink with cryptojacking, an attack method that is likely to continue to increase in popularity among hackers. According to a recent report by Adguard, more than 33,000 websites are currently running a cryptojack script, and the estimated monthly visits to these infected websites is more than 1 billion.

Read More

History Matters: Cyber Attacks from the 1960s

History Matters: Cyber Attacks from the 1960s

For some, the history of cyber-attacks might live in their minds as scenes from movies from as far back as Tron or Matthew Broderick in War Games. But in the real-world timeline of attacks in the digital sphere, these classics are preceded by cyber criminals who set the bar for future testers of cyber security. There are too many famous quotes about the need to and benefits of learning from history to include here, but the sentiment is worth repeating--looking back at the history of cyber-attacks helps develop a well-rounded security posture for today.

Read More

Will Nations Make an Effort to Establish Cyber Warfare Rules?

Will Nations Make an Effort to Establish Cyber Warfare Rules?

Years ago, most developed nations agreed to establish and follow a basic rule set when it comes to warfare: no chemical weapons, no torture, and no civilian targets. However, as tactics have turned from the battlefield to the digital plane, no such boundaries exist in cyber space. In February of this year, Antonio Guterres, Secretary of the United Nations, put out a call for the development of cyber warfare rules. But with many countries failing to even acknowledge their part in digital attacks, is the establishment of cyber warfare guidelines a pie-in-the-sky idea?

Read More

Blockchain Technology: Can It Rise to the Cybersecurity Challenge?

Blockchain Technology: Can It Rise to the Cybersecurity Challenge?

Old-school cybersecurity approaches are having a hard time keeping up with the complexity and reach of the vast networks of interconnected machines that make up our reality. As the line blurs between the physical and digital worlds, companies large and small are struggling to keep data secure and private. But all hope is not lost. Security professionals are looking to blockchain technology as a way to meet cybersecurity challenges.

Read More

What’s Your Policy: Does Your Company Need Cyber Risk Insurance?

What’s Your Policy: Does Your Company Need Cyber Risk Insurance?

The risk of a cybersecurity breach seems to increase daily, with companies large and small falling victim to hacks and attacks. In this threat landscape, many businesses have invested in cyber risk insurance to help mitigate the cost of a future attack. Also known as cyber insurance and cybersecurity insurance, these plans help organizations offset the expense of a breach or other security incident.

Read More

Why Breaches Are Becoming More Difficult to Defeat

Why Breaches Are Becoming More Difficult to Defeat

Survey after survey of cybersecurity and IT professionals echo the fact that breaches are becoming more difficult to defeat, digital risk management is ever-trickier, and the cyberthreat landscape is growing. Even just a couple of years ago, a strong security posture was easier to attain and maintain. Why is cybersecurity and breach protection so tough?

Read More

How Artificial Intelligence (AI) is Helping Cyber-criminals

How Artificial Intelligence (AI) is Helping Cyber-criminals

Artificial intelligence (AI) is already changing the digital world, with Internet of Things (IoT) and operational technology (OT) devices flooding homes, workplaces, and nearly every aspect of daily life. Along with many benefits, including greatly improved cybersecurity [link to the previous post about AI as a security tool], AI has a dark side. Cybercriminals are employing AI tactics and automation, machine learning, and agile software development to more quickly and effectively discover and exploit security vulnerabilities.

Read More

Will Biometrics Replace Passwords?

Will Biometrics Replace Passwords?

No longer the sole domain of futuristic movies and media, biometrics are already mainstream—does anyone think twice about an iPhone user employing Face ID? With the growing vulnerability of the username/password setup, organizations are turning to biometrics to replace passwords and shore up security. Far from a gimmick, biometric adoption is rapidly increasing.

Read More

How Artificial Intelligence (AI) Is Helping Cybersecurity Pros

How Artificial Intelligence (AI) Is Helping Cybersecurity Pros

Hackers and cybercriminals have already embraced the power of artificial intelligence (AI), employing scripted and automated tools to rapidly increase the scale and speed of attacks. So how are organizations using a buffet of legacy and current tools supposed to remain secure? To beat ‘em, you gotta join ‘em. Industry experts expect AI, combined with machine learning, to be the future of cybersecurity.

Read More

What is an Advanced Persistent Threat (APT)?

What is an Advanced Persistent Threat (APT)?

Although advanced persistent threats (APTs) are less common than other malicious cybersecurity dangers, they are critical to understand and are becoming widespread. APTs also have the potential to have a greater long-term detrimental impact on an organization. So what is an APT exactly? How does this particular type of threat surface? And, what can you do to protect your company?

Read More

5 Ways to Shield Executives from Whaling Attacks

5 Ways to Shield Executives from Whaling Attacks

In 2015, the CEO of an Austrian aircraft parts manufacturer was dismissed after he fell victim to a whaling attack that cost the company €40.9 (approx. $50 million at the time). Although whaling attacks aren’t new, they are becoming increasingly common, endangering not only the jobs of C-level employees but also the financial and brand security of the organizations they work for.

Read More

3 Foolproof Tips to Securely Complete Online Transactions

3 Foolproof Tips to Securely Complete Online Transactions

Most users think they’re savvy enough to shop securely online, but even the most security-minded and Internet-knowledgeable shoppers have been duped when making business purchases. Wise users need to overcome their over-confidence and brush up on online shopping best practices to avoid getting taken by a suave scammer.

Read More

How to Proactively Identify and Report “Vishing” Attempts

How to Proactively Identify and Report “Vishing” Attempts

A reformed cyber-criminal who popularized the term “social engineering attack” famously pointed out that “it is far easier to trick someone into handing over, say, their password than to go to the trouble of hacking them.” This approach has taken hold in the cyber-crime world, with social engineering and phishing attacks—when an attacker poses as an authority figure via email or a website to trick a victim into divulging sensitive data—costing businesses $676 million in 2017, according to the FBI. Now an even simpler attack is gaining traction.

Read More

5 Ways to Improve Your Cybersecurity Posture in 2019

5 Ways to Improve Your Cybersecurity Posture in 2019

On average, a ransomware attack costs a company $5 million, resulting in system downtime and productivity loss. There has also been a noticeable increase in the reach of compliance requirements. With the cost of cyber-attacks skyrocketing, it’s critical to re-examine how cybersecurity resources are being allocated. These 2019 trends build upon classic security best practices with a focus on next-generation implementation, adoption, and technologies.

Read More

Don't Be Fooled by Padlocks and SSL Certificates

Don't Be Fooled by Padlocks and SSL Certificates

If you check for the green padlock symbol in your browser to ensure you’re accessing a safe and legitimate site, you’re not alone. According to a 2018 PhishLabs survey, more than 80% of those surveyed thought the green padlock in the address bar guaranteed the legitimacy/safety of a website. The reality is the padlock doesn’t mean the site is legitimate and it doesn’t mean you’re safe from hackers.

Read More

Why Most Companies Don’t Have Control Over Password Security

Why Most Companies Don’t Have Control Over Password Security

Many people have developed a psychological picture of what a cyber-attack consists of. There’s a tendency to assume a complex, thrilling attack is executed by highly-technical individuals who have penetrated a network to access ironclad sensitive data. The reality, however, is much different.

Read More

7 Commonly Neglected Security Tasks: DMARC, DNS calls, and More

7 Commonly Neglected Security Tasks: DMARC, DNS calls, and More

In this age of digital transformation, IT staff are under incredible pressure to keep up with the breakneck speed of new technology adoption, implementation, and management while trying to maintain usability, productivity, and efficiency. With this reality, something has got to give, and oftentimes what falls off the radar are security tasks.

Read More

Why Users Should Never Auto-fill Forms: Browser Exploit Overview

Why Users Should Never Auto-fill Forms: Browser Exploit Overview

Life is hectic. As a result, we all look for ways to eliminate inconvenience, ease our stress levels, and save precious time. However, some comforts might come at too high of a price. Unfortunately, the auto-fill function on your browser might be a more of a risky convenience than most people realize. For years, security insiders have argued the dangers of the auto-fill function: the handy tool that automatically provides your name, address, phone number, and such for web page forms. It turns out, they are right.

Read More