Threat Brief: Personal Device Awareness

Posted by Peter Dylan

Mon, Apr 03, 2017

 


What if your phone was hacked? Would you know?

Despite persistent rumors to the contrary, mobile devices are vulnerable to attacks in the same way any computer is. A smart phone is exactly that: a computer, and it should at least keep up with the same level of security. Traveling in your pocket, in and out of carefully designed security perimeters, your phones are always on, and always connected. In your portfolio of devices, the phone is both under protected and highly vulnerable. Hence, why it should be your most protected, but most can profess this is not the case.

An unsecured device becomes an easy entry point for hackers to eventually gain access to your organization’s security perimeter or worse, your personal, family affairs. This month's BrandProtect Executive Threat Brief offers a solid foundation for you to fully utilize the security features that come with your device, and to establish a groundwork for hardening the overall security of your most vulnerable companion—the device in your pocket.

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online.


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Threat Brief: Secure messaging -- Keeping your private messages private

Posted by Peter Dylan

Wed, Mar 01, 2017

 

Recently there has been news of White House staff using the messaging app Confide to carry out day-to-day communications, in order to mitigate the possibility of information leaks.  Confide is part of the world of Secure Messaging apps, which employ a combination of encryption and other functions to prevent unauthorized access to the messages they send.

Data leaks are becoming all-too-common news events. As a result, the threat of our own information being part of a nationally-publicised breach is a growing concern. Many of us are suspecting (and rightfully so) our most-used messaging apps, such as email, as being inherently insecure, which is leading to the pursuit of alternative platforms that will hold our private matters to a higher standard of security.

This month's BrandProtect Executive Threat Brief looks at secure messaging – what makes it secure, and what you should look for in choosing a messaging platform that will stand against even the most sophisticated of prying-eyes.

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online.


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Threat Brief: Fake News -- A Threat to You and Your Family

Posted by Greg Mancusi-Ungaro

Mon, Jan 02, 2017

 

One of the biggest cyber stories of 2016 was Fake News. There is no doubt that it impacted the 2016 presidential and congressional elections. But did you know that fake news directly threatens business, and worse, you and your family?

This month's BrandProtect Executive Threat Brief takes a long look at fake news -- how it is created, how it is distributed, the threats it can contain, how it impacts you, and how you can improve your defensive posture against it.

Most important, the January Brief provides you and your family with clear guidance on how to better assess the trustworthiness of an online news item. If you can spot the fake, you can eliminate the risk. Read the brief, so that you can have more confidence in your online actions. 

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online. Remember, the easiest threat to stop is the one that you are not exposed to. 

Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

December Threat Brief: Avoid a Bleak Midwinter! Stay Safe Through the End of 2016 (and in 2017!)

Posted by Greg Mancusi-Ungaro

Thu, Dec 01, 2016

 

There is no doubt that 2016 has been an epic cyber year. Fraudsters have become more sophisticated, and exploits have become more numerous, and more brazen.
But it isn't over yet.

Stay on track through the new year!
Don't slip off the road.

The December Executive Threat Brief provides you with ten actionable cyber tips that will help keep you and your family safe from on-line dangers in the remaining weeks of the year.

Put them into practice now, and keep them going in 2017. 

The December Threat Brief covers a lot of ground, but each of the tips is easy to implement. It's likely that you are already taking some of these precautions. But possibly not all of them. Take action to stay safe. 

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online. Remember, the easiest threat to stop is the one that you are not exposed to. 


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Reacting to Yahoo: How to play defense against Yahoo-inspired attacks

Posted by Greg Mancusi-Ungaro

Mon, Oct 03, 2016

Whether or not the Yahoo hack affected you directly, you can be sure that cyber criminals are using the news to propel a new wave of cyber attacks that probably will. 

The October BrandProtect Executive Threat Brief anticipates those attacks, and gives you and your family a quick primer on what you can do to stay safe during this new "phishing season". 

Read More

Topics: data breach, Phishing, cybercrime, ThreatBrief

How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro

Wed, Jul 27, 2016

 

 

Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

BEC Scams Affect Every Industry, Even the NBA. But CISOs are Not Helpless

Posted by Greg Mancusi-Ungaro

Fri, May 20, 2016

This morning the headlines shouted out about another Business
Email Compromise (BEC) attack
. It seems that an employee of the professional basketball team, the Milwaukee Bucks, received a seemingly legitimate email message from a spoofed email address.  The email requested W2 records for the teams players and staff, and the targeted employee fell for the scam and released the information. 

The fallout was immediate and intense. 

“The communication received on this major security breach is unacceptable,” an agent for a Bucks player told The Vertical. “The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player’s identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again.”

Read More

Topics: cybersquatting, Phishing, cybercrime, Spear Phishing, BEC Attacks

Marilee Philen, Senior Cyber Threat Analyst, To Speak At Atlanta Cyber Security Summit

Posted by Greg Mancusi-Ungaro

Thu, Mar 31, 2016

Marilee Philen, senior cyber threat analyst at BrandProtect, will be speaking at next week's Atlanta Cyber Security Summit .  She will join U.S. Assistant Attorney General, the Honorable John P. Carlin along with experts from the FBI, US Secret Service and other cyber security leaders in an all day exploration of emerging cyber threats related to new risks presented by Internet of Things, the vulnerabilities of big data and cloud computing deployments. The day will close with a discussion of the state of cyber threats and the strategies to combat them.

Philen is uniquely qualified to join in this discussion, she is an ex-USAF Intelligence Analyst, with a 20+ year career in intelligence collection, analysis, and reporting.

She has served with the U.S. Air Forces-Europe, U.S. Air Force Special Operations Command, and the U.S. Strategic Command Center (USSTRATCOM).

Read More

Topics: cybercrime, Internet Threats, cyber threats, OSINT, CISO, InfoSec, Internet of Things, Threat Intelligence

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all