On Tuesday, November 12th, Velox Systems and TDS teamed up to host an interactive Cybersecurity/Resiliency Workshop at 10 Barrel Eastside. The event drew attendees from various industries and positions from across Central Oregon. The workshop offered a valuable hands-on learning about cybersecurity. We now provide some Velox Systems Cybersecurity workshop insights. Cybersecurity Workshop Format […]
Category: Cybersecurity
AI is transforming the landscape of Identity Access Management
AI is transforming the landscape of Identity Access Management (IAM). This is fundamentally changing how organizations manage digital identities and control access to data, systems, and resources. At its core, IAM ensures that access is granted only to those who need it—on a strictly need-to-know basis. AI leverages its advanced analytical capabilities to monitor access […]
Stolen session tokens can wreak havoc on your data
Stolen session tokens can wreak havoc on your data. The Chinese-linked threat actor Evasive Panda is targeting government entities and a religious organization in Taiwan using a previously undocumented toolset called CloudScout. What is CloudScout? According to ESET security researcher Anh Ho, CloudScout does this through the leveraging of stolen web session cookies to […]
The Urgency of Phishing-Resistant MFA
There is an urgency in phishing-resistant MFA. This year, ransomware payments skyrocketed, with the average payment jumping by an astonishing 500%. According to Sophos’ State of Ransomware 2024, the average ransom surged from $400,000 to $2 million, underscoring the urgent need for stronger security practices. A major vulnerability is outdated multifactor authentication (MFA), which fails […]
It’s Paramount to Take a Proactive Approach to Passwords
It’s paramount to take a proactive approach to passwords. Passwords are meant to protect your organization’s data, but with so many required, users often take shortcuts. Instead of creating strong, unique passwords, many use easy-to-remember ones or, worse, reuse passwords across multiple accounts. Studies show 65% of users reuse their passwords, and 64% of […]
Fake Trading Apps Target Victims Globally via Apple and Google Stores
Fake trading apps target victims globally. Recently, a large-scale fraud campaign was leveraging fake trading apps through Apple App and Google Play Store. This campaign takes advantage of a scheme known as pig butchering. Pig butchering is where prospective victims are lured into making investments often in cryptocurrency after they put trust in a […]
Expiring Passwords are an Organizational Frustration
Expiring passwords are an organizational frustration. The time to reset multiple passwords is often tedious, and then one has to remember new passwords. However, not resetting your passwords can lead to cybersecurity nightmares. Read on to learn the rationale behind password expires. Why do we have password expiries? The 90-day password reset rule was […]
Malicious Actors Target Construction Through Software Infiltration
Malicious actors target construction through software infiltration. These hackers are undergoing this attack through the infiltration of FOUNDATION accounting software. This is a common accounting tool in use by many contractors. The first signs of this malicious activity were September 14, 2024 by Huntress. The cybersecurity firm notes 35,000 brute-force login attempts before a […]
Microsoft Update Unveils Three Security Flaws
A recent Microsoft update unveils three security flaws. These emerged after the September 2024 patch update. The 3 security flaws are now in use by malicious actors. These flaws can lead to such faults as bypassing important security features that block Microsoft Macros from running. The target would be sent a specially crafted file […]
New WikiLoader Malware Attack Utilizing Fake GlobalProtect VPN Software
In recent malware news, there is a new WikiLoader malware attack utilizing fake GlobalProtect VPN software. This new campaign spoofs Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader loader through a search engine optimization (SEO) tactic. First observed in June 2024, this campaign marks a shift from traditional phishing […]