There is an urgency in phishing-resistant MFA. This year, ransomware payments skyrocketed, with the average payment jumping by an astonishing 500%. According to Sophos’ State of Ransomware 2024, the average ransom surged from $400,000 to $2 million, underscoring the urgent need for stronger security practices. A major vulnerability is outdated multifactor authentication (MFA), which fails […]
Author: Kristine Luque
AI has the power to elevate our lives but also wreak havoc
AI has the power to elevate our lives yet also wreak havoc. Many are excited about AI’s capabilities yet concerned about its impact on the workforce. As Etay Maor, Chief Security Strategist at Cato Networks, says, “AI won’t replace humans, but those who know how to use AI will replace those who don’t.” Cybercriminals are […]
It’s Paramount to Take a Proactive Approach to Passwords
It’s paramount to take a proactive approach to passwords. Passwords are meant to protect your organization’s data, but with so many required, users often take shortcuts. Instead of creating strong, unique passwords, many use easy-to-remember ones or, worse, reuse passwords across multiple accounts. Studies show 65% of users reuse their passwords, and 64% of […]
Fake Trading Apps Target Victims Globally via Apple and Google Stores
Fake trading apps target victims globally. Recently, a large-scale fraud campaign was leveraging fake trading apps through Apple App and Google Play Store. This campaign takes advantage of a scheme known as pig butchering. Pig butchering is where prospective victims are lured into making investments often in cryptocurrency after they put trust in a […]
Expiring Passwords are an Organizational Frustration
Expiring passwords are an organizational frustration. The time to reset multiple passwords is often tedious, and then one has to remember new passwords. However, not resetting your passwords can lead to cybersecurity nightmares. Read on to learn the rationale behind password expires. Why do we have password expiries? The 90-day password reset rule was […]
Malicious Actors Target Construction Through Software Infiltration
Malicious actors target construction through software infiltration. These hackers are undergoing this attack through the infiltration of FOUNDATION accounting software. This is a common accounting tool in use by many contractors. The first signs of this malicious activity were September 14, 2024 by Huntress. The cybersecurity firm notes 35,000 brute-force login attempts before a […]
Microsoft Update Unveils Three Security Flaws
A recent Microsoft update unveils three security flaws. These emerged after the September 2024 patch update. The 3 security flaws are now in use by malicious actors. These flaws can lead to such faults as bypassing important security features that block Microsoft Macros from running. The target would be sent a specially crafted file […]
New WikiLoader Malware Attack Utilizing Fake GlobalProtect VPN Software
In recent malware news, there is a new WikiLoader malware attack utilizing fake GlobalProtect VPN software. This new campaign spoofs Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader loader through a search engine optimization (SEO) tactic. First observed in June 2024, this campaign marks a shift from traditional phishing […]
CMMC, your Necessity for Achieving Compliance
CMMC or Cybersecurity Maturity Model Certification is a necessity for achieving compliance for defense industrial base organizations. CMMC compliance provides a standardized framework for enhancing cybersecurity across the defense industrial base. Established by the Department of Defense, it manages and protects Controlled Unclassified Information (CUI) and Federal Contract Info (FCI). It does this in […]
Why Endpoint Detection and Response is Essential
Endpoint detection and response (EDR) has become the new cybersecurity buzzword. Why is endpoint detection and response essential? Hackers constantly evolve their tactics to bypass traditional security measures like antivirus software. That’s where Endpoint Detection and Response (EDR) steps in as a game-changer for modern cybersecurity. Here’s why EDR is essential: What is EDR? […]