Ransomware Prevention: DEF CON 29 Takeaways
Recent Posts
0 Comments Click here to read/write comments
Topics: Information Security, Incident Rsponse, security incident handling, security incident response, DEF CON
Technology is essential to modern business operations, but cybersecurity risks and data exposure threats come with that. Thankfully, a virtual chief information security officer (vCISO) can bring comprehensive strategic and operational leadership to security for companies that can only afford a part-time person in an executive cybersecurity role. Amid today’s industry-wide shortage of skilled security workers, vCISO could be the best option for finding and retaining critical security leadership.
0 Comments Click here to read/write comments
Topics: Cybersecurity, vCISO
Phishing Attacks
During a
phishing
attack
, attackers use
social engineering
and
malicious emails to
steal valid credentials
from users.
Attackers can use these credentials to begin more complicated attacks, or they can
bundle
and sell them
to other
cybercriminals
.
The
attacker
s
lie about their identity and objectives to
collect
login information from unassuming
victims
or to get them
to download malicious content
. These
emails might ask you to enter your password into a
spoofed
login page or send
that
information directly
back to the sender
.
Although these scams are well
-
known, they are occasionally hard to spot, and they
have a
high rate of success
.
If you
don’t
encounter many of these emails, they may be caught in your
junk folder. If this is the case, your email filtering is working effectively and
removing potentially harmful
phishing attempts.
There is no reason to recover
phishing emails from a junk folder.
Extortion Attacks
Extortion emails work a little differently
.
In this
increasingly popular
type of attack, the hackers claim to
already have access to some sensitive information. That information could include
anything from login
credentials to embarrass
ing photo
s. Whatever they choose is something designed to prompt an
urgent
and desperate reaction from the recipient.
In the email, they lay out what they have against
their target,
then threaten to blackmail them for money.
These types of emails are des
igned to be scary. They are supposed to make the victim feel
so
frantic
that
they
act without thinking.
If you ever
receive a
threatening extortion email, remain calm and report it
t
hrough
the proper
channels. In this post,
we’ll break
down a poorly writte
n extortion email
that was
sent to my junk folder.
0 Comments Click here to read/write comments
Topics: Information Security, Data Protection, Personal Data Protection
Security information and event management, or “SIEM,” is a tool that assimilates all of your log data to give you an all-encompassing overview of the activity on your network. SIEM tools watch over your network and help you stop trouble in its tracks. Whether your organization has 200 or 20,000 employees, SIEM software can be a vital part of any company’s cybersecurity posture.
0 Comments Click here to read/write comments
Topics: Cybersecurity, Network Security, SIEM, Monitoring
Incident Response is a series of investigative and remedial steps that a company takes in the event of a breach or other security incident. These restoration efforts can include backtracking through log data, isolating affected machines, and even negotiating with cyberterrorists!
0 Comments Click here to read/write comments
Topics: Cybersecurity, Data Breach, Incident Response, security incident handling, security incident response