You are here

Home » Cybersecurity

Cybersecurity

NIST Releases Guidance on Protecting Highly Sensitive Data from Advanced Persistent Threat Actors

The National Institute for Standards and Technology (NIST) has published guidance that can be used by organizations to protect highly sensitive data from advanced persistent threat (APT) actors, including those affiliated with nation-states. NIST’s Special Publication (SP) 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST SP 800-171, offers a set of tools designed to counter the efforts of state-sponsored hackers and complements another NIST publication.

FBI Tech Tuesday on Building a Digital Defense against Cryptocurrency Scams

As part of its Tech Tuesday series, the FBI's Portland, Oregon office has published an article on building a digital defense against cryptocurrency scams. This article was prompted by the FBI’s Internet Crime Complaint Center having received numerous tips recently from people who received threatening messages demanding digital currency. The targeted victim receives an email from a person or group alleging that they committed some crime that involved the theft of virtual funds from the scammer. The threat actor makes a series of threats demanding the victim pay him back.

Happy Data Privacy Day, Alexa

Today, January 28, 2021 is Data Privacy Day. After this past year, we could all use some data privacy reminders as many of us have willingly acquiesced to greater contactless interactions, often at the detriment of privacy. From smart devices to consumer data, privacy settings and permissions, multifactor authentication, and encryption, there is room for everyone to improve data privacy hygiene.

CISA Releases New Courses on Cloud Security and Cybersecurity for Government and Veteran Users

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of two new cybersecurity courses: Cloud Security and Foundations of Cybersecurity for Management. Federal, state, local, tribal, and territorial government and veteran users can access these courses, track their progress, and store course transcripts.

Security Awareness – Quite Simply, We are ALL Targets and We ALL Fall Victim

If you are still trying to convince staff that EVERY one of us are susceptible to succumbing to a well-crafted socially-engineered cyber attack, then you’ll want them to read this post. The Google Threat Analysis Group (TAG) has identified a recent campaign targeting security researchers. The pretext of the attack involved engaging researchers to collaborate on vulnerability research. Vulnerability research is some of the most technical and complex work in the cybersecurity domain.

CISA Announces Reduce the Risk of Ransomware Campaign

Today the Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat. “CISA is committed to working with organization at all levels to protect their networks from the threat of ransomware,” said CISA Acting Director Brandon Wales.

Security Awareness – Stolen Credentials from Xerox-themed Phishing Campaign Publicly Exposed

If your organization uses Xerox multifunctional devices (and even if it doesn’t) this incident may be of interest. It seems attackers inadvertently exposed more than 1,000 stolen corporate credentials obtained through a Xerox-themed phishing campaign. While 1,000 credentials may not seem significant, this incident represents a typical lure that staff are likely to fall for, especially if your organization uses Xerox devices.

Pages

Subscribe to Cybersecurity