Essential Tips for Securing Your Remote Workspace
More people than ever are working remotely. While this offers unprecedented levels of freedom and flexibility, however, it also comes with increased risks in the form of cyber threats.
Read more...
mfa
Insider Threats: How to Detect and Mitigate Risks from Within
This post will look at how insider threats can be identified, dealt with, flagged, and avoided to reduce the overall threat of internal threats with effectively managed third party risk.
Read more...
Do corporations really care about your security?
“Your security is important to us,” is a common phrase on corporate websites and emails, usually after some data breach that affects customers. To prove that statement, corporations invest billions of dollars in the cybersecurity industry. Most market projections say the industry is worth about $180 billion. About 15 percent of that market goes to data security. But all the indications are that we are losing the war in personal identity security That leaves is with the question: Do corporations really care about customer security?
Probably not
US Department of Health and Human Services reported recently that. in the US, there have been 2,213 breaches since 2020, with 152.1M affected individuals. That is almost half of the American population. But that is just breaches involving medical data.
The FBI reports, in the same period, more than 350 million stolen personal information records, exceeding the known population of the country. Worldwide, the number of personal identity information (PII) records exceeds one billion people.
So how bad is it? “I always tell people assume your social security number has been breached. Just assume that,” said John Meyer, senior director for Cornerstone Advisors, an organization providing security consultation to financial organizations.
So we are spending tens of billions of dollars to protect data from exfiltratation on almost a weekly basis from attacks bypassing current defenses. Is it worth the investment? Does protecting that data even matter?
Well, yes… sort of
Data security professionals say it is and it does. Communications, industry intellectual property, state secrets, and control of crucial systems must still be protected. Most professionals we talked to cite ransomware attacks as the primary reason for investing in security precuts and services.
Read more...
Elder fraud festers out of control
As legislatures around the world try to get a handle on the growth of ransomware, another category of cybercrime is festering out of control: Elder fraud.
The FBI’s Internet Crime Complaint Center (IC3) reported more than 100,000 people in the US, 60 years and older, lost $3.4 billion total to digital scams. The IC3 pointed out that the elderly are half as likely to report a loss. So the actual crimes and losses are probably much higher.
In contrast, the total ransomware payouts last year from reporting companies was $1.1 billion according to Chainanalysis. While the total number of fraud reports to the IC3 appears to have leveled off after years of growth, elder fraud increased by 14 percent year on year.
“Combatting the financial exploitation of those over 60 years of age continues to be a priority of the FBI,” wrote FBI Assistant Director Michael D. Nordwall, who leads the Bureau’s Criminal Investigative Division, in the report. “Along with our partners, we continually work to aid victims and to identify and investigate the individuals and criminal organizations that perpetrate these schemes and target the elderly.”
Who is vulnerable?
Read more...
Reinforcing Multi Factor Authentication
As the password slowly abdicates to a new heir, which specific alternatives are shaping up to take its place? Multi-factor authentication (MFA) has been rapidly adopted by organizations to help reduce the opportunities for breaches. But MFA brings its own considerations that must be addressed.
Read more...
Passwordless Instead of Password Security
In 2013, Intel launched World Password Day to raise awareness of the relevance of secure passwords – with limited success. Today we might be at the brink of finally saying goodbye to password.
Read more...
Scam Bucket: Credit card fraud is inevitable
You can do everything right, but credit card fraud is inevitable.
In recent weeks, Cyber Protection Magazine has fielded calls and emails from people who have followed all the best-known techniques for securing banking, debit, and credit card information. That includes bank notifications every time the card is used, multi-factor authentication (MFA), biometrics, and limiting the use of a card for specific transactions. These readers still experienced unauthorized use of their payment cards
How does that happen?
The market for criminal use of legitimate credit cards is a well-known “secret.” The most common sites are found on the DarkWeb, but occasionally they pop up on Meta sites, where they can reap thousands of dollars before Meta gets around to kicking them off, generally without prosecution.
The criminals collect most of this information through phishing attacks using email, but also on Facebook and Instagram, and falling for a phishing scam may negate victims’ claims they “did everything right.” Criminals, however, are getting more sophisticated. Enterprises selling the card information gather it by sending fraudulent emails or text messages, posing as legitimate entities, and tricking individuals into providing their credit card information. Then there is basic social engineering, manipulating victims into revealing their credit card information through phone calls, and QR codes.
Even more sophisticated, criminals will install skimming devices on ATMs, gas pumps, or point-of-sale terminals to capture credit card information when cards are swiped or inserted. While it may not be obvious that the skimmers have been added to the terminal, it is fairly easy to determine if it is legitimate. Legitimate card readers cannot be easily removed, while skimmers may be held on with a simple adhesive. Some locations, like Costco fueling stations, place tape over the reader and, if broken, can alert users and the vendor that there may have been a breach.
No one is completely safe
But by and large, data breaches are the most common source of stolen credit card information, and that is something most victims cannot do anything about.
By hacking into databases of companies or financial institutions criminals steal terabytes of credit card information. Employees of companies or financial institutions may access and sell credit card information, posting the information of those above, carding forums. Criminals exchange...
Purchase Required
This content requires that you purchase additional access. The price is $1.00 or free for our Premium members.
Already a member? Log in here
Breach affects half of France
French regulators recently warned that a January 2024 cyber-attack on two major healthcare sector companies caused over 33 million people’s………more...
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
Cyber Security in 2024
In an environment where the variety of cyber security attack strategies continues to cause major concerns, understanding what might be in store for security leaders and their teams next year is a complex challenge.
Premium Membership Required
You must be a Premium member to access this content.
Already a member? Log in here
Safer Internet Day: Cybersecurity Best Practices
Safer Internet Day aims to raise awareness among young people of online issues. But they’re not the only ones who need to be aware of online safety. Businesses are just as vulnerable to cyber threats if they don’t protect themselves appropriately.
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here