While Amazon Alexa skills facilitate users in their day-to-day activities, this personal assistant can go malicious as well. Researchers have found that vicious skills can bypass the Amazon Alexa skill vetting process. Researchers from the Ruhr-Bochum University have found how malicious skills can flood Amazon Alexa. Alexa skills are like third-party apps that run on… Read More »Researchers Identified that Amazon Alexa Can Learn Malicious Skills
Cybersecurity Awareness Month has come and gone, but we would be remiss without addressing Incident Response. Before we do, let’s recap the ground we’ve covered in the first four of five installments on a robust Cybersecurity and Data Privacy Program. Conduct an Assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 5, Incident Response.
With just one more week to go in Cybersecurity Awareness Month, let’s recap the ground we’ve covered in the first three of five installments before moving on to Phase 4, Compliance. Start your journey with a risk assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic viewpoint of People, Process, and… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 4, Compliance
It is the middle of Cybersecurity Awareness Month. Let’s recap the ground we’ve covered in the first two installments before moving on to Phase 3, Managing Cybersecurity Risk. Start your journey with a risk assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic viewpoint of People, Process, and Technology using a… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 3, Managing Cybersecurity Risk
In our second installment, we’ll cover the next phase in the lifecycle, Design. Keep in mind, depending upon your circumstance, you could enter the lifecycle at any stage. This installment title does not contain just a catchy subtitle but actual requirements under law in legislation like the European Union’s The General Data Protection Regulation (GDPR)… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 2, Security & Privacy by Design
If dealing with COVID-19 and 100% remote workforce is not enough, businesses of all sizes and in all verticals are facing an exponentially more frequent and more sophisticated siege of cyberattacks. However, for those small to mid-market businesses (SMBs), there is likely worse news. Bad actors/hackers/hacktivists/cybercriminals are targeting them specifically since there is a well-known weakness. Most SMB organizations aren’t as well prepared to defend and respond. https://www.bizjournals.com/sanfrancisco/news/2020/09/28/hacks-of-fortune-500-business-may-make-the-headl.html Part of the reason… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 1, Let’s Assess.
Joe Biden, Elon Musk, Barack Obama, Jeff Bezos and Apple all had their twitter accounts hacked last week. Generally, when twitter users are hacked, the primary reason is due to the individual user falling victim to a social engineering attack. In this case, 130 users were hit at the same time and it appears that… Read More »Twitter Hack – Lessons Learned
A recent report shows that ransomware attacks were up 25 percent across all industries in Q1 of this year. No industry was safe but the manufacturing industry was shown to be the most at risk, with an increase in ransomware attacks of 156 percent. Not only are cyberattacks on manufacturers and fabricators skyrocketing but the… Read More »Manufacturers Industry Targeted: 156% Increase in Cyberattacks in Q1
The coronavirus has exposed many of the vulnerabilities of our country and unfortunately the number of bad actors looking to exploit those vulnerabilities has only risen due to the crisis. The White House and the Department of Justice has blamed China and Russia for trying to steal research related to COVID-19 from the Department of… Read More »White House Blames China for Increased Hacks on Medical Institutions
This a security note on TEXT SCAMS with a COVID19 theme. (By the way, these are also called ‘SMS phishing’ or smishing attacks.) Now is the time to be more cautious about scams than ever before. The Pandemic has raised sanitation awareness and emphasized safe practices to minimize the spread of germs / viruses. However,… Read More »Security Note: Covid-19 SMS Phishing Attacks Exploiting the Crisis