October is Cybersecurity Awareness Month!  To kick it off with information you need to know to be come more cyber aware, please check out this article linked to in this blog post...

New data shows that pushback from the ransomware victim “market” may be influencing just how much cybercriminals are asking for as ransom and are being paid.

2020 seemed to point to ransomware continuing to grow in devastation and cost; Ryuk reached a $34 million ransom payout, organizations were operationally brought to their knees by many of the prominent ransomware families, and the “as-a-Service” market for various parts of ransomware attacks – including the publishing of exfiltrated data – grew in interest.

For details, please check out this post....

With the influx of remote workers, it’s a perfect opportunity to flood people’s inboxes with malicious emails and fake links. The Cofense Phishing Defense Center (PDC) recently uncovered a phishing campaign that targets employees to harvest their Microsoft credentials. Ironically, the phish was found in an environment protected by Microsoft’s own secure email gateway (SEG). The phishing email, which was reported to the PDC using the Cofense Reporter button, included a well thought out “AudioChat” notification link supposedly from Microsoft Teams.

Teams is one of the most popular platforms for remote employees. Predictably, the threat actors have taken this into consideration – especially during the COVID-19 pandemic with millions of people teleworking. We expect this trend to continue with similar communication platforms.

Whenever a disaster of some sort happens, there are usually criminals out there that like to take advantage of the situation.  The same goes for the current Coronavirus (COVID-19) outbreaks.  Be on the lookout for fake phishing emails that claim to be sending you information about the virus.  If you get one, perform the usual checks to see whether it's real or not.  If there's any question, please contact the IT Help Desk.  Inside are a couple of recent articles that discuss the situation...

Smishing is phishing via Short Message Service (SMS Texting) on a participating device, usually a cell phone. Long neglected by phishers and spammers, smishing has recently become a very common way of spamming, phishing, and spear phishing potential victims. KnowBe4 has been covering and warning users about it and its coming rise for years. This blog post will cover why smishing is becoming so popular, show some general and more sophisticated examples, and discuss defenses.

If you've ever wondered how to block robocalls from telemarketers that interrupt you during all ours of the day, you have a number of effective options. These range from using features on your phone, options offered by your phone carrier, or using robocall blocker apps.

While we have written about the various ways to identify phishing emails, we want to alert you to a specific type of phishing that we have noticed has been on the rise lately, Credential Phishing. 

Defenseless devices are an invitation to hackers.

Today is the day to #LayerUp by making sure you have strong passwords protecting your information.