Protect yourself from Pegasus, the most advanced spyware ever identified in the wild There can be a fine line between malware and dubious applications, but NSO's spyware Pegasus is so far past that line that you can't even see it anymore. We often hear of strains of distributed malware in third-party app stores, and sometimes they even make it past the gates and find them coming from official sources. What separates Pegasus from the rest is that it's likely the most advanced spyware ever...
Security
Why fraudsters create fake accounts?
Fraudsters are everywhere on the Internet. If you run a website that allows users to create an account in order to access goods or services then you will definitely encounter your fair share of them. For the purpose of this article, we’ll cover 2 types of such fraudsters.
Credit card fraudsters & Spamming fraudsters
Google to start enforcing two-step verification enrollment
Google will soon start pushing more Gmail users and Google Account holders to enable two-step verification — the extra layer of security that can protect people when their credentials have been phished or exposed through a data breach. May 6 is "World Password Day" which is largely about making people less reliant on them for securing online accounts. Google's contribution this year is to nudge more people into enabling two-step verification, otherwise known as two-factor...
Understanding GDPR Data Controller in 5 easy steps
By now most of have heard of the General Data Protection Regulation (GDPR). But in case you’ve been carefully avoiding the news since 2017, it’s a law put in place by the EU which strengthens the protection of citizens’ data. GDPR has brought with it some very stringent penalties for non-compliance. And if your business isn’t yet compliant, you could be at risk of an astronomical fine, as well as lasting brand damage. The UK’s Information Commissioner’s Office (ICO) collected...
Worm phishing campaign is a game-changer in password theft & account takeovers
A phishing attack taking place against an organization has revealed a crafty method to bounce between victims in a way deemed "ingenious" by a researcher. On September 29, cybersecurity architect and bug bounty hunter Craig Hays outlined a recent phishing attempt which went far beyond the usual spray-and-pray tactics and basic attempts to compromise a network, to become "the greatest password theft he had ever seen." In a Medium blog post, Hays detailed how a response team...
Does using SSL make my website secure?
The short answer to this question NO, using SSL does not make your website secure, but it is important to understand why and what SSL actually does, so read on. The biggest misconception by website owners is that an SSL certificate will magically make their website secure from hackers and malware, which is not true. This stems from a lack of understanding about what makes a website secure versus not secure. For example, since July 24th 2018, websites that do not use SSL certificates have been...
Beware National Crime Agency Scam
National Crime Agency scam Just got another new scam call today, this time claiming to be from the NCA. This one is a recorded message claiming to be from the national crime agency (NCA) and stating that they have detected some illegal activity on my name and national insurance number and need to cancel my national insurance number, press 1 to speak to an agent. This national crime agency scam aka National Insurance Scam is just one of many scams where fraudsters are posing as National Crime...
Your security questions/answers are not secure
We all know we should create secure passwords. But, for all the time we spend worrying about our passwords, there’s a backdoor you never think about. The security questions/answers that you provide to get back into your account if you lose your password are usually easy to guess or find out in order to bypass your passwords. Thankfully, many services are realizing security questions are very insecure and axing them. Google and Microsoft no longer offer security questions for their accounts —...
What is spear phishing and how to avoid it.
We have all heard by now of the term phishing and how it works, where a generic email is sent with an encrypted URL or attachment and when it’s clicked “BOOM”… you have been caught. But, over the last few years we have seen a significant rise in spear phishing. Spear phishing is technically the same but with a more direct and targeted approach. The hackers will spend time looking into an individual or a small group of people’s own lives, interests and job role and create an email...
10 tips for securely working from home
10 tips for securely working from home Working from home has now become a requirement for most office workers due to the corona virus pandemic, which has required companies to close their offices to keep their staff isolated. Many companies are also making the decision to maintain this working environment even after the pandemic. Unfortunately those unscrupulous cyber criminals are also taking advantage of this situation and are actively targeting home workers, knowing full well that their...
Recent Comments