Phishing: Pause Before You Click

Although not a new phenomenon, phishing (attempting to obtain sensitive information or money by masquerading as a trustworthy entity via email) is more common than you might think. Phishing continues to be a pervasive cybersecurity issue in an online environment in which over 205 billion emails are sent daily.

This entry was posted in Phishing on December 05, 2016 by Kimberly Kane

End-of-Support Software Report List

10/1/2016 to 6/30/2017 

The importance of updating software before its End-of-Life (EOL) and End-of-Support (EOS) should not be taken lightly or ignored. EOL occurs when the software is retired, although the vendor/manufacture can (and generally does) continue to support the software until the EOS date. EOS occurs when software updates, patches, and other forms of support are no longer offered, resulting in software becoming prone to future security vulnerabilities. Vendors and manufacturers often use these terms interchangeably, although different vendors and manufacturers may have slightly different definitions for EOL and EOS. For this reason, it is important to check with the individual vendor/manufacturer. 

This entry was posted in End-of-Support / End-of-Life Report on November 30, 2016 by MS-ISAC

Cyber Extortion: An Industry Hot Topic

By Chris Cooley, Cyber Intelligence Analyst 

Some traditional cybercriminals have seemingly left the art of stealing credit cards and personally identifiable information (PII) for a simpler tactic – cyber extortion – where they use threats to demand victims’ money rather than steal it. While highly discussed, cyber extortion continues to gain traction as a multi-million dollar criminal industry. Over the last year state and local governments, along with law enforcement and health care organizations, have not evaded its path.

on November 23, 2016 by MS-ISAC

Cyber Monday Survival Guide

Cyber Monday is just aroud the corner and we want you to be safe while shopping online. Use our survival guide to make sure you're not putting your personal information at risk while taking advantage of great deals. 

This entry was posted in safety tip on November 18, 2016 by Kimberly Kane

4 Steps to Safer Shopping Online

Planning to get a head start on your holiday shopping this year? Here are four things you need to know to stay safe while shopping online.

on November 02, 2016 by Andrew Dolan

Understanding CIS Control 5

 

This week, we’re focusing on Critical Control 5: Controlled Use of Administrative Privileges. More specifically:

This entry was posted in CIS Controls on October 31, 2016 by Kimberly Kane

4 Mobile Security Tips to Keep Your Organization Safe

Week 4 of National Cyber Security Awareness Month focuses on our continuously connected lives in a rapidly developing digital world. Mobile security plays a big role in staying safe as more organizations than ever rely on cell phones, tablets, and laptops for business. Does your cybersecurity strategy keep mobile in mind? Here are four mobile security tips to help your organization stay secure in a connected and moving business environment.

This entry was posted in mobile device, national cyber security awareness month, mobile security on October 26, 2016 by Shannon McClain

Understanding CIS Control 4

 

To celebrate National Cyber Security Awareness Month, CIS is kicking off each week in October with a deep dive into one of the top 5 CIS Controls.

Understanding CIS Control 4

This week, we’re focusing on Critical Control 4: Continuous Vulnerability Assessment and Remediation. More specifically:

Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.” 

This entry was posted in CIS Controls on October 24, 2016 by Kimberly Kane

Evolving Tactics of Tech Support Scams

Written by: Emily Cranston, Senior Cyber Intelligence Analyst & Curt Beall, MS-ISAC Intel Unit Intern 

Tech support scams have been around for years: you answer the phone and the person on the other end claims to be working with a well-known tech company. They try to convince you that your computer is sending out error messages, attacking another computer, or infected with viruses. Malicious actors use this scam to cold-call victims, gain access to victims’ computers, install malware, steal information, or receive payment for fraudulent services. 

on October 18, 2016 by MS-ISAC

Understanding CIS Control 3

 

Understanding CIS Control 3

This week, we’re focusing on Control 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers. More specifically: 

This entry was posted in CIS Controls on October 17, 2016 by Kimberly Kane