Although not a new phenomenon, phishing (attempting to obtain sensitive information or money by masquerading as a trustworthy entity via email) is more common than you might think. Phishing continues to be a pervasive cybersecurity issue in an online environment in which over 205 billion emails are sent daily.
10/1/2016 to 6/30/2017
The importance of updating software before its End-of-Life (EOL) and End-of-Support (EOS) should not be taken lightly or ignored. EOL occurs when the software is retired, although the vendor/manufacture can (and generally does) continue to support the software until the EOS date. EOS occurs when software updates, patches, and other forms of support are no longer offered, resulting in software becoming prone to future security vulnerabilities. Vendors and manufacturers often use these terms interchangeably, although different vendors and manufacturers may have slightly different definitions for EOL and EOS. For this reason, it is important to check with the individual vendor/manufacturer.
By Chris Cooley, Cyber Intelligence Analyst
Some traditional cybercriminals have seemingly left the art of stealing credit cards and personally identifiable information (PII) for a simpler tactic – cyber extortion – where they use threats to demand victims’ money rather than steal it. While highly discussed, cyber extortion continues to gain traction as a multi-million dollar criminal industry. Over the last year state and local governments, along with law enforcement and health care organizations, have not evaded its path.
Week 4 of National Cyber Security Awareness Month focuses on our continuously connected lives in a rapidly developing digital world. Mobile security plays a big role in staying safe as more organizations than ever rely on cell phones, tablets, and laptops for business. Does your cybersecurity strategy keep mobile in mind? Here are four mobile security tips to help your organization stay secure in a connected and moving business environment.
To celebrate National Cyber Security Awareness Month, CIS is kicking off each week in October with a deep dive into one of the top 5 CIS Controls.
Understanding CIS Control 4
This week, we’re focusing on Critical Control 4: Continuous Vulnerability Assessment and Remediation. More specifically:
“Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.”
Written by: Emily Cranston, Senior Cyber Intelligence Analyst & Curt Beall, MS-ISAC Intel Unit Intern
Tech support scams have been around for years: you answer the phone and the person on the other end claims to be working with a well-known tech company. They try to convince you that your computer is sending out error messages, attacking another computer, or infected with viruses. Malicious actors use this scam to cold-call victims, gain access to victims’ computers, install malware, steal information, or receive payment for fraudulent services.