AtNetPlus的动态

How do OTP bots work? Example Scenario (from Google): Your new accounting employee receives a call from what seems to be your company's financial service provider. The caller sounds professional and mentions a suspicious transaction in the company's account. Reassuring your employee that it’s a routine check, they ask for a one-time password (OTP) that has just been sent to secure the account. In a rush to safeguard the business, your employee shares the OTP—unaware they've fallen victim to a sophisticated scam involving an OTP bot. How to protect your business from OTP bots 1. Implement multi-factor authentication (MFA) Multi-factor authentication (MFA) adds an extra layer of protection beyond passwords. Use MFA methods like app-based authenticators for increased security. 2. Educate employees Employee awareness is crucial in defending against threats. Regularly train employees about social engineering tactics. Develop clear security protocols and encourage reporting of any suspicious activity. ? ? ? Join AtNetPlus and BBB Akron as we raise awareness about cybersecurity all month long. ?? Visit the AtNetPlus website to explore interactive content and cybersecurity resources specifically designed for businesses in Northeast Ohio. ?? Use BBB Scam Tracker to research and report suspected scams. #cybersecurityawarenessmonth #cybersafe

What is Business Email Compromise (BEC) BEC is a prevalent cyber threat to your business. It involves attackers impersonating entities who you may typically interact with in order to deceive employees into exposing sensitive information, with the typical goal being to make unauthorised financial transactions. The chances are that you've probably seen this in your business already - maybe through an attacker impersonating a supplier of yours with the intent to change bank details. So how do you prevent this type of attack? Be Aware: Train employees to recognise phishing emails and suspicious requests. Verify Always: Confirm requests for payments or changes to banking details, especially if they're unexpected. Use MFA: Implement multi-factor authentication to add an extra layer of security. Establish Procedures: Set clear protocols for authorising financial transactions. Monitor Activity: Regularly review account activity for signs of unauthorised access. Encrypt Data: Encrypt sensitive data to protect it from interception. Choose Trusted Partners: Collaborate with vendors and partners with robust cybersecurity measures.

To prevent cyber fraud, follow these best practices: 1. _Use strong passwords_: Unique, complex passwords for all accounts. 2. _Enable two-factor authentication_: Adds an extra layer of security. 3. _Keep software up-to-date_: Regularly update operating systems, browsers, and apps. 4. _Be cautious with emails and attachments_: Avoid suspicious emails and attachments. 5. _Use antivirus software_: Install and regularly update antivirus software. 6. _Use a firewall_: Enable firewall protection for your computer and network. 7. _Use encryption_: Encrypt sensitive data, like financial information. 8. _Monitor accounts and credit reports_: Regularly check for suspicious activity. 9. _Use secure networks_: Avoid public Wi-Fi for sensitive transactions. 10. _Educate yourself_: Stay informed about cyber threats and scams. 11. _Use a password manager_: Securely store and generate strong passwords. 12. _Back up data_: Regularly back up important data. 13. _Use a reputable security suite_: Comprehensive protection for your devices. 14. _Verify website authenticity_: Check for "https" and a lock icon. 15. _Report suspicious activity_: Inform authorities and financial institutions. Remember, cyber fraud prevention requires ongoing vigilance and proactive measures. Stay safe online!

Terminology Unpacked: Data Breach vs. Security Incident In cybersecurity, the terms "data breach" and "security incident" get thrown around a lot, but they're not exactly interchangeable. Understanding the key differences can help you stay informed and prepared. Here's the breakdown: - Security Incident: A broader term encompassing any event that threatens the confidentiality, integrity, or availability of an organization's information or systems. This could include: - Malware infections: Malicious software that can steal data, disrupt operations, or hold systems hostage. - Phishing attacks: Attempts to trick users into revealing sensitive information or clicking on malicious links. - Denial-of-service attacks: Flooding a system with traffic to make it unavailable to legitimate users. Not all security incidents involve a data breach. A successful phishing attempt that doesn't steal any data is still a security incident, but not a breach. - Data Breach: A specific type of security incident where unauthorized access or disclosure of sensitive data occurs. This could include: - Customer information: Names, addresses, email addresses, phone numbers, credit card details, etc. - Employee data: Social Security numbers, salaries, medical records, etc. - Intellectual property: Trade secrets, product designs, confidential business information, etc. A data breach is a more serious event because it can lead to identity theft, financial loss, reputational damage, and regulatory fines. Read the full article here: https://lnkd.in/eZercihd #cybersecurity #databreach #securityincident #informationsecurity

?? Cybersecurity Tip: Protect Yourself from Remote Desktop Scams Recently, cybercriminals have devised a cunning scheme to compromise your computer security. They initiate the attack by sending a deceptive email posing as your bank, alerting you to a non-existent account issue. The goal? To persuade you into downloading seemingly harmless software that grants them access to your computer. ?? What makes this scam tricky is that the remote desktop software they have you download is legitimate – a tool typically used by IT professionals to assist users. However, the person urging you to install it is not legit; they're a scammer aiming to exploit your trust. ?? Don't fall victim to this remote desktop scam! Follow these precautions: ? Verify Suspicious Emails: Be wary of unexpected emails claiming account issues. If in doubt, contact your bank through a verified number or email address. ? Never Surrender Control: Do not grant access to your computer to unsolicited callers, even if they claim to be from your bank or tech support. ? Guard Your Passwords: Your bank will never ask for your login information. Never share passwords or sensitive data with anyone. Stay vigilant and share this post to help safeguard your network! #cybersecurity #scamalert #staysafeonline

?? ???? ???????? ??????????-???????????????? ???????????????? ???????? ???????? ???????????? ?? Vade Secure's latest analysis sheds light on the evolving landscape of spear-phishing attacks, revealing key trends and targets. Spear phishing remains a top cyberthreat, with small businesses and specific industries like Professional Services and Local Government at the forefront of attackers' agendas. ?????? ????????????????????: ???????? ???????????? ??????????????: Initial Contact, Payroll Fraud, Banking Fraud, CEO Fraud. ?????????????? ??????????????: Small businesses, Finance Treasurers, and roles within Finance and Accounting departments. ???????????????????? ????????????????????: Advanced email security and awareness of social engineering tactics are crucial. Stay ahead of cyber threats with advanced email protection from IT.ie, leveraging NLP, human insights, and generative AI for unmatched email security. Protect your organisation now! ??????????@????.????. https://lnkd.in/ea-CY2QB #CyberSecurity #SpearPhishing #EmailSecurity #VadeSecure #ITSecurity

"AiTM attacks are insidious and can have serious consequences Several levels of security had failed, and the attackers were now able to infiltrate the network stealthily, impersonate the target and access email conversations and documents in the cloud. “In a stolen session cookie replay attack, the attacker uses the valid stolen cookie to impersonate the user, circumventing authentication mechanisms of passwords and MFA,” Microsoft notes in its blog on the subject. “In this campaign, we observed that the attacker signed in with the stolen cookie after a few hours from an IP address based in the United States…. In addition, the attacker generated a new access token, allowing them to persist longer in the environment.” Once inside, attackers can add new authentication methods to bypass those already in place, often with the goal of building a rule to divert certain mail so that the user or owner of the mailbox doesn’t see it being sent. Preventing AiTM attacks requires a combination of techniques To prevent AiTM attacks, Microsoft recommends using security defaults as a baseline set of policies to improve identity security posture. For more granular control, you’ll want to enable conditional access policies; implementing risk-based access policies is particularly helpful. “Conditional access policies evaluate sign-in requests using additional identity-driven signals like user or group membership, IP location information, and device status, among others, and are enforced for suspicious sign-ins,” according to Microsoft. “Organizations can protect themselves from attacks that leverage stolen credentials by enabling policies such as compliant devices, trusted IP address requirements, or risk-based policies with proper access control.” Invest in advanced anti-phishing solutions as a front-line defense, specifically solutions that monitor and scan incoming emails and visited websites. Ensure that you use SmartScreen and other technologies that block malicious websites. Investigate suspected malicious activities, hunting for sign-in attempts with suspicious characteristics and enable rule sets that look for unusual activity or other more obvious attack processes that identify risky locations, malicious ISPs, unusual user agents, and the use of anonymizer services." https://lnkd.in/eRZrCkdA.

The U.S. Federal Communications Commission (FCC) has finalized new cyber attack reporting and consumer data breach notification rules for American telecom providers. These rules mandate that telecom companies report any breach of consumer proprietary network information (CPNI) to the FCC, FBI, and Secret Service within seven days. Additionally, consumers must be notified within 30 days of any theft or inadvertent disclosure of their personal data. The definition of personal information now includes biometrics like fingerprints and facial images used for logins, as well as inadvertent exposure of data due to misconfigurations. The FCC's ruling aims to address concerns about the increasing number of data breaches from phone companies and ensure timely notification to consumers. ? Next Steps: ? 1.?????Compliance Preparation: Telecom companies need to prepare to comply with the new reporting and notification rules by establishing internal procedures and systems to detect, assess, and report breaches promptly. ? 2.?????Enhanced Security Measures: Given the expanding definition of personal information, telecom providers must enhance security measures, particularly regarding the storage and handling of biometric data, to minimize the risk of breaches. ? 3.?????Educating Executives and Security Teams: Executives and security teams within telecom companies need to understand the implications of the new rules thoroughly. They should prioritize protecting customer data and ensure compliance with regulatory requirements. ? 4.?????Reviewing Incident Response Plans: Telecom companies should review and update their incident response plans to align with the new reporting obligations. This includes identifying key stakeholders, establishing communication channels with regulatory agencies, and conducting regular drills to test response readiness. ? 5.?????Monitoring Regulatory Updates: Continuously monitor regulatory updates and guidelines from the FCC and other relevant authorities to stay informed about evolving cybersecurity requirements and best practices. ? Collaboration and Information Sharing: Engage in collaboration efforts with industry peers and participate in information sharing initiatives to collectively strengthen cybersecurity defenses and mitigate the risk of cyber attacks and data breaches. https://lnkd.in/eq54wMVa

The cool part about working in Identity and Cybersecurity is also being a consumer. We get to see what companies are offering and seeing tangible results on what we work on. As an AT&T customer, this data breach does not come as a surprise to me. I have frequently had issues over the years with my account and ability to easily manage it. Granted I do have the ability to secure my account with multi-factor authentication, I don’t have the ability to leverage strong authenticators such as passkeys to my knowledge. On the contrary, as a CVS Health customer I am very happy with that identity experience and security measures I can take advantage of and I have been encouraged to do so within the experience. I look forward to seeing how AT&T Cybersecurity responds to this. I received notice that my password was reset as a precaution which is one way to mitigate compromise and is appreciated. However, I assume as a result of this news, the investment will now be there to implement added layers of security. Companies in all industries need to get ahead of this and make the investment in Identity before it’s too late!

If you use AT&T - your personal information may have leaked. Massive Data Leak Impacting 71 Million People: AT&T Denies Breach Origin A staggering data leak impacting 71 million individuals is making headlines, but AT&T asserts that this data did not originate from their systems. The leak, allegedly from a 2021 breach, was initially attempted to be sold by a hacker known as ShinyHunters for $200,000, with an immediate sale price of $1 million. Despite AT&T’s claims that their systems were not breached, sone investigations have confirmed the accuracy of some data entries, including those not publicly accessible for scraping. The leaked data includes sensitive information such as names, addresses, mobile phone numbers, and encrypted social security numbers. Another threat actor, MajorNelson, has now leaked this data for free on a hacking forum, claiming it is from the same 2021 breach. The leaked data now includes decrypted birth dates and social security numbers, raising serious concerns about privacy and security. While AT&T maintains that there is no evidence of a breach in their systems, the origin of this extensive data remains a mystery. However, given the accuracy of some of the data, it is advisable for former and current AT&T customers to be cautious and vigilant against potential targeted attacks, such as SMS and email phishing, and SIM swapping attacks. Customers should be wary of any communications claiming to be from AT&T and verify directly with the company before providing any information. #DataLeak #Cybersecurity #ATT #data #PrivacyConcerns #PhishingAttacks