Since its inception in February 2018, the Notifiable Data Breaches scheme (NDB scheme) in Australia has delivered some very interesting results, which we can all learn from. The NDB is a legal requirement imposed by the OAIC (Office of the Australian Information Commissioner) on organizations of all sizes to notify individuals of eligible data breaches. In her 12 … [Read more...]
Search Results for: mfa
MSPs Beware: Attackers Targeting MSP Infrastructure to Install Ransomware
In the past two weeks, sophisticated threat actors have targeted managed service providers (MSPs) and Cloud service providers (CSPs), intending to install ransomware within their infrastructure and customer base. Often, these attacks specifically target products and services MSPs use, such as ConnectWise/Kaseya software, the Webroot Management Console, RDP services and more. … [Read more...]
$98 Million Spent Just To Replace Credit Cards in 2018
How much should you spend on cyber defense, recovery, and insurance? A recent research study from WEIS [PDF]—a collection of cyber security researchers—analyzes the costs of cyber crime and how it has changed over the years. While the report mostly covers world e-commerce losses and how governments can combat them, it also reports cyber security trends, and their findings match … [Read more...]
How to Prevent Employees From Falling For Phishing Attacks
According to the 2019 Verizon Data Breach Investigation Report, a full third of cyber attacks involve phishing tactics. While there is evidence that employee education and phishing prevention solutions are effective in stopping basic phishing attempts, attackers have responded by making phishing emails more sophisticated and convincing. Examples include targeted spear phishing … [Read more...]
Chinese Hackers Infect 50k Servers
What a headline, huh? That’s quite the number of infected servers found during a recently discovered and tracked malware campaign. At a very high level, this campaign focused on mass-scanning servers for specific services, cataloguing servers that responded, then feeding that list into a password brute force tool. Once infiltrated, malicious payloads were used to perform … [Read more...]