A to Z

Cyber Security

Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.

So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.

It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.

Image of Manila skyline representing the Philippines National Privacy Commission on the Comeleak data breach

Cyber Security News

‘Comeleak’ Allows Philippine National Privacy Commission to Show Teeth

January 25, 2017

Privacy issues in the Philippines have become headline news as 2017 gets underway. In January, the National Privacy Commission (NPC) in that country issued a statement placing the blame for a data breach that put the personal information of millions of voters at risk squarely at the feet of the Commission on Elections (COMELEC) and its Chairman Andres Bautista. Read More

Cyber Security News

‘Dramatic Rise’ in Scam Websites Mimicking Online Streaming Services

May 4, 2020

700 scam websites pretending to offer online streaming services are taking advantage of the recent pandemic lockdowns to steal personal data and credit card information. Read More

Police’s evidence boxes showing the data dump of police files from hundreds of U.S. law enforcement agencies

Cyber Security News

“BlueLeaks” Data Dump Contains Police Files of Hundreds of Law Enforcement Agencies, Tied Back to a Third-Party Services Provider

July 6, 2020

Data dump containing 269 GB of police files from hundreds of U.S. law enforcement agencies and the FBI is found to be tied to a breach at a shared third-party vendor. Read More

Toy robot in front of a monitor showing the security concerns over the chrome extensions used by checkout bots to snap up delivery time slots.

Cyber Security News

“Checkout Bots” Use Chrome Extensions to Automatically Snap up Delivery Time Slots, But Are They Safe?

May 19, 2020

Checkout bots are gaining popularity in coronavirus pandemic to snap up delivery time slots through Chrome extensions including those that may contain security vulnerabilities. Read More

Hacker with cellphone showing threat of "juice jacking" at public USB charging stations

Cyber Security News

“Juice Jacking” at Public USB Charging Stations? Los Angeles County DA’s Office Issues Warning, but How Real Is the Threat?

November 28, 2019

While there is no evidence at present of a rash of "juice jacking attacks on public USB charging stations, or even any novel exploits of this nature, appropriate precautions should still be taken. Read More

CPU processor socket on a computer motherboard showing the Intel chip vulnerability that impacts five years worth of computers

Cyber Security News

“Unfixable” Intel Chip Vulnerability Could Undermine Encryption on Five Years Worth of Computers, But Is a Difficult Attack to Pull Off

March 16, 2020

Attacker exploiting new Intel chip vulnerability will need to go through multiple complex steps and have physical access to the device to gain full access to the system. Read More

Image of confused man sitting in front of computer about to type signifying insider threats within the organization

Cyber Security Insights

“Real” Insider Threats Already Lurking Within Your Organization

February 28, 2018

While we often think about malicious users when we speak of insider threats, the "real" problem lies with users that may unintentionally be putting their organizations at risk. This includes users that get phished, bypass controls for convenience or efficiency, and connect their own devices to the corporate networks. Read More

Cyber Security News

2015 Ashley Madison Data Breach Leads to New Cyber Extortion Scams

February 21, 2020

Hackers used data from 2015 Ashley Madison data breach to conduct cyber extortion scams, asking users to pay more than $1,000 worth of Bitcoin. Read More

Chain locks over cloud showing the top threats for cloud security

Cyber Security News

2019 Sans Institute Cloud Security Survey Reveals Top Threats, Which Surprisingly Are Not DDoS Attacks

May 28, 2019

Recent cloud security survey shows that even though businesses have increased their awareness on security threats, 19% still experienced a data breach, with account hijacking being the top attack method. Read More

Picture of Microsoft building showing a Microsoft data breach which exposed 250 million customer service records

Cyber Security News

250 Million Microsoft Customer Service Records Exposed; Exactly How Bad Was It?

February 3, 2020

Microsoft announced a breach where they uncovered misconfigured security rules in one internal database that exposed 250 million customer service records for almost whole of December. Read More