Due to a serious iMessage vulnerability found recently in Apple iPhones and iPads, please upgrade your iPhones and iPads to iOS and iPadOS v14.8 as soon as you can.  This is being exploited and can infect a device without interaction by the user. 

If you have an Android device, please keep up with those updates as well...

New data shows that pushback from the ransomware victim “market” may be influencing just how much cybercriminals are asking for as ransom and are being paid.

2020 seemed to point to ransomware continuing to grow in devastation and cost; Ryuk reached a $34 million ransom payout, organizations were operationally brought to their knees by many of the prominent ransomware families, and the “as-a-Service” market for various parts of ransomware attacks – including the publishing of exfiltrated data – grew in interest.

For details, please check out this post....

Business email compromise (BEC)—also known as email account compromise (EAC)—is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business—both personal and professional.  View this blog post to learn about BEC and see tips on how to prevent it...

On the Dark Web, you can purchase cybercrime “how-to kits” that gather lists of breached names, account numbers, passwords, and even telephone support lines for the victims to call. Make no mistake. Just because you’re on the Dark Web doesn’t mean you’re anonymous though.

Ransomware attacks, data breaches, and scams — along with a steady stream of extortion and phishing emails — have taken over the internet. We hear about cybercrime so often that it can quickly turn into white noise. That's a mistake.

Here are 10 security myths you need to stop believing about your data.

With the influx of remote workers, it’s a perfect opportunity to flood people’s inboxes with malicious emails and fake links. The Cofense Phishing Defense Center (PDC) recently uncovered a phishing campaign that targets employees to harvest their Microsoft credentials. Ironically, the phish was found in an environment protected by Microsoft’s own secure email gateway (SEG). The phishing email, which was reported to the PDC using the Cofense Reporter button, included a well thought out “AudioChat” notification link supposedly from Microsoft Teams.

Teams is one of the most popular platforms for remote employees. Predictably, the threat actors have taken this into consideration – especially during the COVID-19 pandemic with millions of people teleworking. We expect this trend to continue with similar communication platforms.

The first Thursday of each year is 'World Password Day'.  It's designed to educate everyone on the proper and secure use of account passwords.  See inside for helpful information.

Here's an update of a post from 2016.  It still holds true today...

USB "Thumb" Drives are popular tools for backing up and transporting data. They are small and feather-light, yet can hold mountains of data. Their compact design enables us to conveniently slip them into our pockets when on the go and then used in almost any device that's handy. However, it is precisely this efficient usefulness that also makes them dangerous. Consider the following inside this post...

In recent months we've seen an increase in email that has the name of a staff member, usually a supervisor or director, on it but is from an unknown email address.  Anyone can put any name they like on an email account, so it's very hard to prevent this.  However they tend to send phishing email like this in an attempt to steal money.  Please see the blog post for further details and an amazing example.

The City has seen an influx of phishing emails lately that claim to be sending you a Voicemail Message.  Check out this post for further details.

It’s that time of year again, holiday shopping has begun! Everyone is looking for those unique gifts, hot toys, and cool electronics.  Black Friday sales seldom fail to pique the interests of even the most casual shoppers.  Yet even after the chaos of Black Friday lies both Small Business Saturday and Cyber Monday.  While it’s clear that businesses are after your dollars during the holidays, you should be aware that cybercriminals are on the lookout, too.  Click on this article for shopping tips from the folks at the Center for Internet Security.

Today, October 29, the Internet turned 50!  In reality, it started as ARPANET as an offshoot of the cold war and on this day in 1969, the first transmission was sent across a network between 2 computers.  It immediately caused them to crash, but this was the Internet in its infancy. Enclosed are some articles that you may find of interest...

Your mobile devices – including smartphones, laptops and tablets – are always within reach everywhere you go, whether for work, travel or entertainment. These devices make it easy to connect to the world around you, but they can also pack a lot of info about you and your friends and family, like your contacts, photos, videos, location and health and financial data. It's important to use your mobile devices safely. The first step is to STOP. THINK. CONNECT. STOP: make sure security measures are in place. THINK: about the consequences of your actions and behaviors online. CONNECT: and enjoy your devices with more peace of mind.

While we have written about the various ways to identify phishing emails, we want to alert you to a specific type of phishing that we have noticed has been on the rise lately, Credential Phishing. 

As we are upon another tax season, scams involving tax filing always increase in intensity. 

We all get emails that we don’t want, and sometimes stopping them up can be as easy as clicking “Unsubscribe” at the end of the email.

Defenseless devices are an invitation to hackers.

If you’ve heard about security breaches in the news and wondered what you can do to protect yourself and your identity, help is here, and it’s free. 

Today is the day to #LayerUp by making sure you have strong passwords protecting your information.

Did you know that people are 6X more likely to open a phishing email than a genuine marketing email? Don't take the bait! i

A hacker group is threatening to reset iCloud passwords and wipe Apple devices on April 7. Find out what you need to know to protect yourself.

Keep your devices safe and secure while you're on the road.

The holiday season is in full swing, which may also mean changes to your spending habits.  Perhaps you’re shopping at different online stores or visiting new places.  Here are some tips for protecting your financial transactions from hackers.

Can you detect a real email from a fake one? Most of us think we can, but hackers are getting more and more sophisticated with their email phishing scams. Take this quick Phishing IQ Test to see how well you score on spotting fraud.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. It's a thriving new virus that offers hackers a simple, reliable revenue stream. Classic malware sits and waits in the dark corners of your system, hoping that you'll eventually type in personal details like a credit card number they can steal. However, ransomware isn't shy. Once it's on your system, it encrypts your files and holds your data hostage and loudly demands that you pay your attacker directly. The demand often looks something like this:

Have you ever had a need to send someone a file that was too big to email? Yes, we’ve had FTP servers, but that meant managing another password. And services on the internet aren’t always secure. Problem solved. Now City employees can use SENDIT. All you need is the same user name and password you use to log into your computer. All City employees can use it, and it’s simple to use.