COVID-19 – Social distancing, remote working, telecommuting, staying-at-home – changes to our working environment can expose security vulnerabilities, especially social engineering. Bad actors view our increased digital activities as an opportunity to attack. Remind your teams of your cyber security policies and procedures.
Popular Cyber Attacks and Due Care for Reasonable Security. As children, we enjoyed reading the many fairytales that began with, “Once upon a time.” As adults in the workplace, we regrettably read the stories of so many recent cyber attacks that start with, “Someone opened a phishing email.”
Even with advanced technology and security, your data is still at risk. Studies indicate that hackers are focusing on your teams to gain access to your networks and information. Social engineering is on the rise. This is a method of manipulating your teams into performing actions in order for an unauthorized person to get access […]
by Glenn A. Stout, Ph.D., CISM, GSEC, PMP, Managing Consultant, Governance & Compliance Services As families prepare to take to the beaches, resorts and other vacation spots all over the world, bad actors area also preparing their various cyber attacks on the unsuspecting.
Two things are inherently true when it comes to cyber criminals. The first is that they follow the money. This is why ransomware grew to a billion dollar business overnight. The second is that like water, their efforts flow towards the path of least resistance. Cyber criminals are like many people, they go for the […]
Social media seems harmless enough especially when your employees stick to using it for personal reasons, but it can indirectly be responsible for critical security breaches. With some social engineering and patience, an attacker can use personal social media profile information to gain access to your corporate network. The attack is completely outside of your […]
By Todd Hacke Tax season is a hectic time of year for not only organizations but their employees. This year attackers are looking to take advantage of this turbulence with a simple social engineering inquiry that could land them a gold mine of personal and financial information. It turns out all they have to do […]
Social engineering is the art of manipulating people into performing actions or exposing confidential information in order to gather information for fraudulent purposes or gain unlawful access to computer systems – this deals with data and assets of a dead person and the struggle ‘over my dead body.’
Avoid Becoming a Human Hack. I’ve become a fan of the show Impractical Jokers. If you haven’t seen it, three friends play jokes on the fourth, and he has to repeat whatever line is fed to him. The goal is to successfully convince random strangers to say or do a certain thing that they would […]
I recently wrote about Security Awareness Training, and mentioned that a well-trained staff and general employee population can be a good deterrent against Social Engineering practitioners. Social Engineering is a service offering of Halock Security Labs, and it’s probably one of our team’s favorite exercises. Social engineering is basically a test of the security awareness […]