How many emails do you receive each day? Did you know that one out of every 99 emails is a phishing attack? Phishing emails are everywhere and are still the most consistently effective cyberattack method we see daily. The subject lines are tricky as they appear to be legitimate emails that would generally be in your inbox, and it takes utmost vigilance and awareness to not click right on through one of these emails. To become more vigilant and cyber-aware, let’s take a look at the top 10 phishing email subject lines from Q1 of 2022.
Lately, there's been a lot of chatter around two-factor authentication (2FA) and multi-factor authentication (MFA). We're seeing more and more websites and applications enforcing 2FA—like Google recently announcing 2FA will be turned on by default for all accounts. But that led us to wonder: How easy is it for malicious threat actors to circumvent 2FA?
Ransomware is everywhere. In 2021, ransomware was involved in at least 10% of breaches. Businesses in Healthcare, Financial Services, and Professional/Legal Services are consistently on the list of "most at risk" of ransomware attacks. So what is ransomware? What are the specifics that we as businesses need to understand to educate ourselves and our organizations on this imminent risk?
Let’s be honest, the cybersecurity marketplace is complex and confusing. Businesses are already struggling to make sense of security and defend themselves from modern attackers. It doesn’t help that they are also drowning in a sea of acronyms and jargon while doing it. MDR, EDR, NGAV, SIEM, the list goes on and it can feel like you’re staring at a bowl of alphabet soup.To help you make sense of today's complex security landscape, we've defined the key acronyms and capabilities that can be found in several of today's most crucial security categories.
Small and medium businesses (SMBs) are facing a reckoning now. Insurance companies are forcing many to get proper security measures in place, or they risk not being insured. But how did it come to this? Over the years, cybersecurity insurance has paid out billions in claims from malware and other attacks bringing businesses to their knees. As these attacks became more frequent and more targeted, it became costlier and more likely that insurance companies would have to pay out claims because companies were, and always will be, vulnerable to attack. Insurance companies have introduced a few new tools to lower their risk of paying out on losses due to cybersecurity incidents. And some of these tools have affected how the industry couples cybersecurity and insurance.
Researchers found that cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits.
2021 dragged itself to a close under a Log4Shell-induced blitzkrieg. With millions of Log4j-targeted attacks clocking in per hour since the flaw’s discovery last month, there’s been a record-breaking peak of 925 cyberattacks a week per organization globally.
Credential Stuffing was our topic last week. If you missed it, here is the link. We discussed what it is, the steps hackers take, and how likely you are to be a victim. Other than not reusing passwords, we did not cover how to prevent falling victim to one of the most common attacks. Let’s look at how to stay safe from a credential stuffing attack.