PROCIRCULAR BLOG

Educating your business on the importance of cybersecurity

How to Spot and Stop Today's Malicious Emails

Posted by Dawson Medin on May 3, 2021 9:35:29 AM
Phishing Attacks
During a phishing attack , attackers use social engineering and malicious emails to steal valid credentials from users. Attackers can use these credentials to begin more complicated attacks, or they can bundle and sell them to other cybercriminals . The attacker s lie about their identity and objectives to collect login information from unassuming victims or to get them to download malicious content . These emails might ask you to enter your password into a spoofed login page or send that information directly back to the sender . Although these scams are well - known, they are occasionally hard to spot, and they have a high rate of success . If you don’t encounter many of these emails, they may be caught in your junk folder. If this is the case, your email filtering is working effectively and removing potentially harmful phishing attempts. There is no reason to recover phishing emails from a junk folder.
 
Extortion Attacks
Extortion emails work a little differently . In this increasingly popular type of attack, the hackers claim to already have access to some sensitive information. That information could include anything from login credentials to embarrass ing photo s. Whatever they choose is something designed to prompt an urgent and desperate reaction from the recipient. In the email, they lay out what they have against their target, then threaten to blackmail them for money.
These types of emails are des igned to be scary. They are supposed to make the victim feel so frantic that they act without thinking. If you ever receive a threatening extortion email, remain calm and report it t hrough the proper channels. In this post, we’ll break down a poorly writte n extortion email that was sent to my junk folder.
Read More

Topics: Information Security, Data Protection, Personal Data Protection

6 Benefits of Conducting a Cybersecurity Risk Assessment

Posted by Ty Collins on Apr 22, 2021 1:49:00 PM

A cybersecurity risk assessment helps you expose and prioritize issues that could undermine your organization’s security. The risk assessment process starts with a series of interviews during which a cybersecurity consultant will meet with key members of your organization to analyze your policies, procedures, and controls. The consultant will tailor the assessment to your organization’s size, industry regulations, business operations, and other special considerations. You’ll work through scenarios to forecast the consequences of vulnerabilities that are common in businesses like yours. One of the main benefits of a cybersecurity risk assessment is an increased ability to identify and prevent cyber incidents from impacting your organization. 

Read More

Topics: Cybersecurity, Network Security, Risk Assessment

How to Choose the Best SIEM System: 5 Things to Consider

Posted by Jarrod Thompson on Mar 18, 2021 3:19:26 PM

Security information and event management, or “SIEM,” is a tool that assimilates all of your log data to give you an all-encompassing overview of the activity on your network. SIEM tools watch over your network and help you stop trouble in its tracks. Whether your organization has 200 or 20,000 employees, SIEM software can be a vital part of any company’s cybersecurity posture.

Read More

Topics: Cybersecurity, Network Security, SIEM, Monitoring

Using an Interactive Cross-site Scripting Backdoor

Posted by Bill Thomas on Feb 26, 2021 3:29:48 PM

As a cybersecurity engineer and an unapologetically enthusiastic “web guy,” I have both a personal and professional interest in finding new exploitation methods. Recently, I found an interesting and creative way to control a browser by exploiting a cross-site scripting (XSS) vulnerability. I learn by doing, so as soon as I had the idea, I tried executing the concept to see if it would work in practice. Without spoiling too much, I was very pleased with the results! This attack uses nothing more than Netcat and some clever XSS injection code. For those unfamiliar with Netcat, it’s a networking utility that reads and writes data across network connections.

Read More

Topics: Network Security, Data Protection, Penetration Testing, hacking

Secure Remote Connections with SSH

Posted by Mike Hedlund on Jan 11, 2021 11:36:23 AM

In today’s fast-paced and remote workforce, establishing a secure remote connection is critical to conduct safe and efficient remote work. Securing this connection can be as simple as creating a jump box to access a network or device. This method allows for secure external access to internal resources without using custom firewall rules. Although there are several ways to initiate this connection, the one we’ll discuss here uses a reverse SSH tunnel through a jump box. The reverse connection process is more secure than the standard connection process, and it is the preferred option for connecting to sensitive remote devices.

Read More

ProCircular is a Full-Service Information Security Firm

We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

  • Breached or hit with ransomware?
  • Don't know where to start? 
  • Looking to confirm your security with a third party?

Secure your future with ProCircular.

Recent Posts

Subscribe to Email Updates