Threat Brief: Personal Device Awareness

Posted by Peter Dylan

Mon, Apr 03, 2017

 


What if your phone was hacked? Would you know?

Despite persistent rumors to the contrary, mobile devices are vulnerable to attacks in the same way any computer is. A smart phone is exactly that: a computer, and it should at least keep up with the same level of security. Traveling in your pocket, in and out of carefully designed security perimeters, your phones are always on, and always connected. In your portfolio of devices, the phone is both under protected and highly vulnerable. Hence, why it should be your most protected, but most can profess this is not the case.

An unsecured device becomes an easy entry point for hackers to eventually gain access to your organization’s security perimeter or worse, your personal, family affairs. This month's BrandProtect Executive Threat Brief offers a solid foundation for you to fully utilize the security features that come with your device, and to establish a groundwork for hardening the overall security of your most vulnerable companion—the device in your pocket.

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online.


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Threat Brief: Secure messaging -- Keeping your private messages private

Posted by Peter Dylan

Wed, Mar 01, 2017

 

Recently there has been news of White House staff using the messaging app Confide to carry out day-to-day communications, in order to mitigate the possibility of information leaks.  Confide is part of the world of Secure Messaging apps, which employ a combination of encryption and other functions to prevent unauthorized access to the messages they send.

Data leaks are becoming all-too-common news events. As a result, the threat of our own information being part of a nationally-publicised breach is a growing concern. Many of us are suspecting (and rightfully so) our most-used messaging apps, such as email, as being inherently insecure, which is leading to the pursuit of alternative platforms that will hold our private matters to a higher standard of security.

This month's BrandProtect Executive Threat Brief looks at secure messaging – what makes it secure, and what you should look for in choosing a messaging platform that will stand against even the most sophisticated of prying-eyes.

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online.


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Threat Brief: Fake News -- A Threat to You and Your Family

Posted by Greg Mancusi-Ungaro

Mon, Jan 02, 2017

 

One of the biggest cyber stories of 2016 was Fake News. There is no doubt that it impacted the 2016 presidential and congressional elections. But did you know that fake news directly threatens business, and worse, you and your family?

This month's BrandProtect Executive Threat Brief takes a long look at fake news -- how it is created, how it is distributed, the threats it can contain, how it impacts you, and how you can improve your defensive posture against it.

Most important, the January Brief provides you and your family with clear guidance on how to better assess the trustworthiness of an online news item. If you can spot the fake, you can eliminate the risk. Read the brief, so that you can have more confidence in your online actions. 

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online. Remember, the easiest threat to stop is the one that you are not exposed to. 

Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

December Threat Brief: Avoid a Bleak Midwinter! Stay Safe Through the End of 2016 (and in 2017!)

Posted by Greg Mancusi-Ungaro

Thu, Dec 01, 2016

 

There is no doubt that 2016 has been an epic cyber year. Fraudsters have become more sophisticated, and exploits have become more numerous, and more brazen.
But it isn't over yet.

Stay on track through the new year!
Don't slip off the road.

The December Executive Threat Brief provides you with ten actionable cyber tips that will help keep you and your family safe from on-line dangers in the remaining weeks of the year.

Put them into practice now, and keep them going in 2017. 

The December Threat Brief covers a lot of ground, but each of the tips is easy to implement. It's likely that you are already taking some of these precautions. But possibly not all of them. Take action to stay safe. 

BrandProtect Executive Threat Briefs are designed to minimize your exposures by educating you and your team about simple steps you can take to protect your personal information online. Remember, the easiest threat to stop is the one that you are not exposed to. 


Read More

Topics: Phishing, cybercrime, social media, cyber threats, mobile malware, Spear Phishing, Social Engineering, ThreatBrief

Thanks to Yahoo!, there are 500,000,000 new reasons CISOs should think more about external threats

Posted by Greg Mancusi-Ungaro

Fri, Sep 23, 2016

 

Sad to say, but yesterday's Yahoo! news could not have been that surprising. Yahoo joins LinkedIn, Gmail, Twitter and Facebook in the pantheon of leading social networks that have suffered (very public) large-scale data breaches. Healthcare providers like Anthem, Blue Cross and many others are also members of this exclusive club. 500 million records is a lot of records, but truly, it's getting to the point where the world is awash in stolen records....

It is also not surprising that many the stories appearing today highlight the steps a company should take AFTER it has been hacked, like this one on MSNBC.  But do stories like these really solve anything?

Pundits are fond of saying "it's not IF you'll get hacked, but WHEN you'll get hacked," but that doesn't mean that enterprise security teams should roll over and await their fate. There are lots of things that enterprises can do BEFORE they get hacked that should reduce their risks from a large number of external threats...

Read More

Topics: data breach, Phishing, Spear Phishing, CISO, External Threat, Executive Threat, Masquerades

Say it Ain't So! Serena & Venus Williams, Simone Biles, Compromised in Cyber Hack of WADA

Posted by Greg Mancusi-Ungaro

Wed, Sep 14, 2016

 

Vendetta?  Absolutely.

Read More

Topics: data breach, Spear Phishing, BEC Attacks, Social Engineering, External Threat

The Phishing Attack is Only the Beginning...

Posted by Greg Mancusi-Ungaro

Mon, Aug 01, 2016

Read the August Executive Threat Brief

It's a fact that most of the headline-grabbing enterprise breaches -- from Target to the DNC -- began with a simple compromise, a compromise caused by a simple phishing email.   The AugustThreat Brief from BrandProtect is focused on phishing:  

  • How phishers are raising the stakes.
  • How phishers build their emails.
  • How you can avoid being caught.

 Download it today!

Read More

Topics: Phishing, Spear Phishing, BEC Attacks, Social Engineering, Executive Threat

How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro

Wed, Jul 27, 2016

 

 

Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all