Cyber-criminals around the world are increasingly focusing their attention on job seekers. According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information. Perhaps the biggest surprise is the fact that this is only now becoming a growing threat. After all, from the cyber-criminal's point of view, it's low hanging fruit. Job seekers expect that they'll be asked for all types of … Read more
Corporate Attacks On The Rise Through Vulnerable Printers
Few things are more ubiquitous in an office environment than printers. Of course, these days, most printers are much more than simply that. They can also scan, copy and even send emails. As such, they've become an increasingly attractive option to hack, according to the latest data released by Barracuda Networks. The reason is simple. Most printers aren't as well protected as PCs and other devices on your network. They're the weak point in your company's defensive armor. The upsurge in … Read more
USB Drives Could Be Huge Factor In Data Loss, Theft
Most people agree that the use of USB drives increases efficiency and boosts productivity, which goes a long way toward explaining their popularity, but these handy little drives can also be problematic. According to a recently published survey by Apricorn, 87 percent of employees surveyed report that they have lost or had a USB drive stolen and failed to notify their employer. Worse, 80 percent of employees surveyed reported using non-encrypted USB drives that they've often acquired for free … Read more
New “MailSploit” Allows Email Spoofing
Phishing attacks just got a whole lot easier. A German security researcher named Sabri Haddouche has recently discovered a set of email vulnerabilities that have been collectively dubbed "Mailsploit." At the root, these vulnerabilities stem from the way most email systems interpret addresses encoded with a 1992 standard called RFC-1342. The standard is that all information in an email header must be an ASCII character. If a non-ASCII character is encountered, it gets converted. … Read more
Former Employees Pose Serious Risk To Security
The Department of Health and Human Services' Office for Civil Rights (OCR) has reminded those who deal with PHI and PII of the dangers that terminated employees can pose to system security in their monthly cyber security newsletter. Their advice is as timely as it is excellent, and includes the following: "Making sure that user accounts are terminated so that former workforce members don't have access to data is one important way Identity and Access Management can help reduce risks posed by … Read more
Top Subject People Fall Victim To Is – Data Breach Notification
For hackers around the world, success breeds more success, it seems. A company called KnowBe4 has released a report entitled "Top Ten Global Phishing Email Subject Lines For Q3 2017." To prepare it, they analyzed email subject lines from simulated phishing tests to determine what the most effective approach was. Their findings were that "Official Data Breach Notification" was the hands-down winner, generating far more click-throughs than any other. Perry Carpenter, KnowBe4's Chief … Read more
