Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Tim Sadler
CEOfeature_status*/ ?>
Tessian

Comments Dotted : 6
January 11, 2021

Response Comment: Hackers Post Hackney Council’s ‘Stolen Documents’

Educating people will help but advanced attacks like this require advanced security solutions.

Although it's unclear how this particular group delivers its ransomware payload, it's likely that phishing has played a role. Figures from last year show that distributing ransomware attacks via email is quickly coming "back into fashion", while our own research found that a third of IT leaders have experienced a rise in ransomware delivered by phishing messages since companies started working fully remotely last year.

 

As hackers continually look for ways to hack humans in order to hack

.....Read More

Although it's unclear how this particular group delivers its ransomware payload, it's likely that phishing has played a role. Figures from last year show that distributing ransomware attacks via email is quickly coming "back into fashion", while our own research found that a third of IT leaders have experienced a rise in ransomware delivered by phishing messages since companies started working fully remotely last year.

 

As hackers continually look for ways to hack humans in order to hack organisations, businesses must find ways to secure their people, especially as they continue working remotely. Educating people will help but advanced attacks like this require advanced security solutions. Often, hackers will build trust with their targets over time, and across multiple emails, before sending the tell-tale malicious payload link or attachment. Solutions need to be in place to automatically detect this threat, and alert employees, at the very start of the email chain to avoid valuable data being stolen and extorted.

  Read Less
Like(0)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Educating people will help but advanced attacks like this require advanced security solutions...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/response-comment-hackers-post-hackney-councils-stolen-documents

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Educating people will help but advanced attacks like this require advanced security solutions...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/response-comment-hackers-post-hackney-councils-stolen-documents

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
November 23, 2020

Experts Reacted On MPs Hit With Nearly 3 Million Malicious Emails Every Month

Hacking humans on email is still the easiest way for cybercriminals to hack into organisations and institutions.
These findings highlight the sheer scale of the threat that all businesses are facing. With millions of malicious emails being sent, the odds that one might work are high - especially if they are carefully crafted to evade detection. It just takes one busy and stressed employee to miss the cues or one very convincing message for cybercriminals to breach an organisation's security and access highly sensitive information. Hacking humans on email is still the easiest way for cybercriminals to.....Read More
These findings highlight the sheer scale of the threat that all businesses are facing. With millions of malicious emails being sent, the odds that one might work are high - especially if they are carefully crafted to evade detection. It just takes one busy and stressed employee to miss the cues or one very convincing message for cybercriminals to breach an organisation's security and access highly sensitive information. Hacking humans on email is still the easiest way for cybercriminals to hack into organisations and institutions. Governments, therefore, need to protect their people from falling for phishing attacks, putting solutions in place to automatically detect threats and educating employees on threats like social engineering attacks. Failure to do so and the fallout could be disastrous, as cybercriminals get their hands-on sensitive data and gain illegal access to officials' email accounts. Consider the damage that could be caused should a hacker successfully take over an MP's email account. The threat of phishing isn't going away any time soon, but organisations can find ways to proactively prevent their people from falling for the scams.  Read Less
Like(0)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Hacking humans on email is still the easiest way for cybercriminals to hack into organisations and institutions. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-mps-hit-with-nearly-3-million-malicious-emails-every-month

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Hacking humans on email is still the easiest way for cybercriminals to hack into organisations and institutions. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-mps-hit-with-nearly-3-million-malicious-emails-every-month

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
September 18, 2020

NCSC warns of ransomware attacks against UK universities – experts reaction

While DMARC is a necessary first step to preventing domain impersonation, it has its downfalls and hackers will find ways around it.
It’s important to remember ransomware attacks are often delivered via phishing emails, so it’s concerning to see that nearly all of the top 20 UK universities do not have DMARC policies in place to protect their domains from being spoofed by scammers. We have seen hackers capitalise on key moments throughout the pandemic using phishing attacks, so it’s likely they will use this ‘back to school’ momentum to their advantage too, impersonating trusted universities to try and steal.....Read More
It’s important to remember ransomware attacks are often delivered via phishing emails, so it’s concerning to see that nearly all of the top 20 UK universities do not have DMARC policies in place to protect their domains from being spoofed by scammers. We have seen hackers capitalise on key moments throughout the pandemic using phishing attacks, so it’s likely they will use this ‘back to school’ momentum to their advantage too, impersonating trusted universities to try and steal valuable personal and financial information. The problem is that without DMARC records in place, or without having DMARC policies set up to ‘reject’, hackers can easily impersonate a university’s email domain in phishing campaigns, convincing their targets that they are opening a legitimate email from a colleague, fellow student, professor or administrator at their university. If you receive an email from your university asking for urgent action, question the legitimacy of the request and if you’re not sure, contact the university directly to verify. It’s also important to note that while DMARC is a necessary first step to preventing domain impersonation, it has its downfalls and hackers will find ways around it. For example, DMARC won’t stop lookalike domains, and hackers can register domains that look similar to an organisation’s domain, betting on the fact that people won’t notice the slight change. Given that DMARC records are also inherently public, an attacker can use this information to select their targets and attack method simply by identifying institutions without an effective DMARC record. So as universities start to welcome students back - and inundate inboxes with updates about online learning and social distancing — it’s critical that they take action to build robust security measures that can protect their staff and students against email scams.  Read Less
Like(1)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"While DMARC is a necessary first step to preventing domain impersonation, it has its downfalls and hackers will find ways around it...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ncsc-warns-of-ransomware-attacks-against-uk-universities-experts-reaction

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"While DMARC is a necessary first step to preventing domain impersonation, it has its downfalls and hackers will find ways around it...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ncsc-warns-of-ransomware-attacks-against-uk-universities-experts-reaction

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 20, 2020

Experts On The News: Tesco ‘Free 4K TV’ Phishing Scam Targets UK Shoppers

They know people are struggling financially during this pandemic, so the offer of a free TV could be very attractive.
As the lines between people in our 'known' network and our 'unknown' networks blur on social media feeds and in our inboxes, it becomes incredibly difficult to know who you can and can't trust. Hackers prey on this, impersonating a trusted brand or person to convince you into complying with their malicious request and they will also prey on people's vulnerabilities. They know people are struggling financially during this pandemic, so the offer of a free TV could be very attractive. But as the.....Read More
As the lines between people in our 'known' network and our 'unknown' networks blur on social media feeds and in our inboxes, it becomes incredibly difficult to know who you can and can't trust. Hackers prey on this, impersonating a trusted brand or person to convince you into complying with their malicious request and they will also prey on people's vulnerabilities. They know people are struggling financially during this pandemic, so the offer of a free TV could be very attractive. But as the saying goes, if it looks too good to be true... it probably is! Question the legitimacy of these messages and always verify the request or offer before clicking on the link.  Read Less
Like(0)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"They know people are struggling financially during this pandemic, so the offer of a free TV could be very attractive. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-the-news-tesco-free-4k-tv-phishing-scam-targets-uk-shoppers

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"They know people are struggling financially during this pandemic, so the offer of a free TV could be very attractive. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-the-news-tesco-free-4k-tv-phishing-scam-targets-uk-shoppers

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
May 28, 2020

CEO On Research: Half Of Workers Are Less Likely To Practice Safe Data Practices While Working Remotely

The Covid-19 crisis has triggered a tidal wave of challenges for businesses.
The Covid-19 crisis has triggered a tidal wave of challenges for businesses. Whilst they adapted fast to the abrupt shift towards remote working, the challenge businesses now face is keeping data secure from risky employee behaviour as working from home becomes the norm. Our research shows that people will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions. But, all it takes is one.....Read More
The Covid-19 crisis has triggered a tidal wave of challenges for businesses. Whilst they adapted fast to the abrupt shift towards remote working, the challenge businesses now face is keeping data secure from risky employee behaviour as working from home becomes the norm. Our research shows that people will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions. But, all it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil. During this time, protecting people has to be all businesses’ top priority. IT decision makers, therefore, must establish clear guidelines on security best practices, enabling all staff to work efficiently and safely when away from the office.  Read Less
Like(21)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Covid-19 crisis has triggered a tidal wave of challenges for businesses. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ceo-on-research-half-of-workers-are-less-likely-to-practice-safe-data-practices-while-working-remotely

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Covid-19 crisis has triggered a tidal wave of challenges for businesses. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ceo-on-research-half-of-workers-are-less-likely-to-practice-safe-data-practices-while-working-remotely

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
April 03, 2020

Industry Leaders And Cybersecurity Experts Insight On Marriott International Data Breach

Contact the hotel directly to verify whether the request is legitimate.
Marriott customers should now be alert to the fact that they could receive targeted phishing scams from hackers impersonating the hotel group, leveraging the information they have stolen to steal payment details or account passwords. If you receive a suspicious email that asks you to carry out an urgent action, do not comply with the request, click the link or download any attachments. Contact the hotel directly to verify whether the request is legitimate.
Like(0)  (0)

Linkedin Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Contact the hotel directly to verify whether the request is legitimate...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/industry-leaders-and-cybersecurity-experts-insight-on-marriott-international-data-breach

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Tim Sadler, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Contact the hotel directly to verify whether the request is legitimate...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/industry-leaders-and-cybersecurity-experts-insight-on-marriott-international-data-breach

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel