We've all become familiar with QR codes — those square bar codes that seem to be everywhere. You scan them with your phone camera and they take you directly to a website. QR codes are an incredibly convenient way to access information, but scammers are clever and already use them as part of their scam arsenal. Fortunately, everyone can protect themselves from QR scams by learning how they work and remaining vigilant.
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.
What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?
Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering
Any time we log in to socials, we should be cognizant of the information we're willing to reveal and how for-profit actors could use that personal data. Sharing our time, tastes, and feedback with online communities is what draws us to the apps, but it’s easy to “overspend” your seemingly limitless personal data in exchange for entertainment. The TikTok application is unlike its contemporaries because its information-gathering technology is steps ahead and much more powerful. That information is primarily used to tailor the user’s feed and promote engagement with targeted advertisements.
Topics: Cybersecurity, Data Security, risk, Social Media
Phishing via employment-focused social media is on the rise. While performing incident response over the last few months, ProCircular encountered multiple incidents where LinkedIn was used in employee phishing attacks. Several news articles raised awareness of this phishing vector over the last year, and the trend continues with a new wave of attacks by sophisticated threat actors.
Topics: Incident Rsponse, hacking, risk
How do you know if you have a solid cybersecurity program? You may have anti-virus installed and you change your computer password quarterly, but how do you know if your security program is truly effective? When you can’t see your gaps, it’s hard to make improvements and even harder to pick up the pieces after a security breach. That’s why Cybersecurity Consultants, like ProCircular’s Andrew Chipman, collect all the information they can, then measure your active security controls against their library of applicable standards.
Topics: HIPAA, Information Security, Data Protection, it risk assessment, DFARS, Manufacturing, risk