Are we being too complacent in our feeling of “nothing will happen to us” with regard to Cybersecurity? 2 stories tie this theme together: Phishing awareness training wears off after a few months Apparently retraining is required after 6 months. Ransomware and Observations from Recent IR investigations Businesses are still getting ransomware, not how it … Read more
Should Cybersecurity have some attention if you have not been hacked before? Does your business really need more Cybersecurity awareness? I.e. So What… Cybersecurity!!! Is this what you are thinking? That does not matter to me ? I guess if this is your default thinking after every new headline of Breaches and attacks… For example … Read more
Deepfakes are computer generated images and footage of real people. I.e. a computer generated images or video from a program (or algorithm). FireEye has a paper that discusses this phenomenon: https://www.fireeye.com/blog/threat-research/2020/08/repurposing-neural-networks-to-generate-synthetic-media-for-information-operations.html? Instead of talking theory and what happens once the cat is out of the bag, let’s give some good examples: https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402 “Criminals used artificial … Read more
There is a LexisNexis report: “2020 True cost of Fraud Study” Here are the 6 basic tenets of the report: More fraud attacks translated to higher costs for merchants A surge in online and mobile channel activity increased fraud Trying to distinguish between real customers and bots is difficult Covid-19 or the Wuhan … Read more
Yesterday’s story comes to mind as well as others recently that puts this issue back to the forefront. You know that when your company name is in the news for a Cybersecurity breach because your files are publicized by hackers your Cybersecurity practices have not been very effective. “The ransomware gang pinched files, including AutoCAD … Read more
