HackDig : Dig high-quality web security articles for hackers

Brand impersonation attacks targeting SMB organizations

IntroductionBuilding and maintaining a brand is an important part of a successful business. Having a recognized brand confers recognition, and if done well, provides a way of developing trust between customers and company. Brand trust and loyalty go hand-in-hand. Research has shown that 80% of US customers look at the trustworthiness of a brand when ma
Publish At:2020-10-21 12:23 | Read:79 | Comments:0 | Tags:Security Awareness

More Effective Security Awareness: 3 Tips for NCSAM

It’s often said that humans are the weakest link in cybersecurity. Indeed, I’d have a hard time arguing that a computer that was sealed in a box, untouched by human hand, poses much of a security risk. But a computer that is unused has no purpose. It behooves security practitioners to get smarter about how we teach people to use those machines so that both h
Publish At:2020-10-21 04:31 | Read:186 | Comments:0 | Tags:Featured Articles Security Awareness cyber security culture

How to avoid getting locked out of your own account with multi-factor authentication

Multi-factor authentication (MFA) is one of the most popular authentication security solutions available to organizations today. It really comes as no surprise, as the multi-factor authentication benefits of enhanced security go beyond the basic password security measures by forcing the user to authenticate with another method that (presumably) only th
Publish At:2020-10-19 09:41 | Read:116 | Comments:0 | Tags:Security Awareness

How to find weak passwords in your organization’s Active Directory

IntroductionConfidentiality is a fundamental information security principle. According to ISO 27001, it is defined as ensuring that information is not made available or disclosed to unauthorized individuals, entities or processes. There are several security controls designed specifically to enforce confidentiality requirements, but one of the oldest an
Publish At:2020-10-14 12:41 | Read:93 | Comments:0 | Tags:Security Awareness

How hackers use CAPTCHA to evade automated detection

IntroductionCAPTCHA seems to be everywhere we look. These sloppy characters are on blogs, ticket websites, shopping portals — you name it. Those cars you need to spot in a block of images before you can access a website? That’s CAPTCHA too. CAPTCHA was invented to help sites distinguish human users from bots and automated hacking tools. But little did
Publish At:2020-10-13 09:47 | Read:182 | Comments:0 | Tags:Security Awareness hack

The State of Ransomware 2020: Key findings from Sophos & Malwarebytes

IntroductionRansomware has become one of the most common and well-known threats to cybersecurity. 2020 saw a notable increase in ransomware attacks specifically on enterprise entities, as many organizations found themselves in the crosshairs of malicious actors. These attacks are becoming increasingly complex, as cybercriminals leverage new and sophist
Publish At:2020-10-08 12:47 | Read:133 | Comments:0 | Tags:Security Awareness ransomware

Cybersecurity Awareness: 6 Myths And How To Combat Them

National Cybersecurity Awareness month is upon us. And, so is the opportunity to look at what common C-suite misconceptions could be handcuffing security awareness efforts.  As we enter the back half of 2020, now is the time to look at myths and highlight their relevancy in this chaotic year. Which myths are in the modern threat landscape? An
Publish At:2020-10-07 09:34 | Read:209 | Comments:0 | Tags:CISO Incident Response Risk Management Cybersecurity cyberse

Monitoring business communication tools like Slack for data infiltration risks

IntroductionIf you’re sending instant messages at work, chances are you’re using Slack, the business-oriented analog of WhatsApp or Discord. Slack currently boasts over 12 million users worldwide, and as more businesses turn to remote or hybrid work environments, that number is only expected to grow. But Slack’s popularity raises a very important quest
Publish At:2020-10-07 09:29 | Read:171 | Comments:0 | Tags:Security Awareness

Integrating Security Awareness Training Into Employee Onboarding

Training your team on security awareness is an essential part of a successful security program. And, new employee onboarding is an optimal time to introduce your staff to your security best practices. This is in large part due to the fact that they likely won’t know your company’s protocols for secure information nor how to securely navigate int
Publish At:2020-10-01 09:16 | Read:131 | Comments:0 | Tags:CISO Identity & Access Risk Management Cybersecurity Trainin

Tech companies, privacy and vulnerabilities: How much transparency is enough?

Views and opinions published in this article are intended to foster productive thought and discussion around challenges in the cybersecurity industry. Views expressed in this article do not necessarily represent the views of Infosec.  IntroductionIn late June 2020, a story was published by Vice’s Motherboard technology investigative platform with
Publish At:2020-09-30 12:31 | Read:98 | Comments:0 | Tags:Security Awareness

Breached passwords: The most frequently used and compromised passwords of the year

IntroductionPasswords should be secret, so why do so many people wind up using the same popular passwords? The truth is, no one sets out to choose a password that is dangerously common or insecure. Instead, they most likely don’t realize the risk of using a common password or don’t know how to create — and protect — a strong password. But before users
Publish At:2020-09-30 12:31 | Read:146 | Comments:0 | Tags:Security Awareness

Android app security: Over 12,000 popular Android apps contain undocumented backdoors

Many Android apps contain hidden secretsWhen many people think about malware and other malicious or suspicious software, they focus on computers. It is common best practice to have an antivirus program installed and regularly running on these machines.Smartphones are rapidly becoming the most common and popular device for computation and Internet acces
Publish At:2020-09-15 10:00 | Read:255 | Comments:0 | Tags:Security Awareness security android

Time to update your cybersecurity policy?

IntroductionIn today’s highly connected world, new cyberthreats and risks emerge seemingly every hour, around the clock. Whether it is from spearphishing, a distributed denial-of-service attack or a targeted piece of malware, connecting your organization’s systems and workstations to the internet always opens up the possibility of a cyberattack. Unfort
Publish At:2020-09-15 10:00 | Read:307 | Comments:0 | Tags:Security Awareness security cyber cybersecurity

Ultimate guide to international data protection and privacy laws

Introduction Human beings have many things in common and we all live in one world, together. However, when it comes to data privacy laws, the saying “there are many ways to skin a cat” seems apt. Data privacy laws are popping up or being adapted to suit new tech environments across the globe. But there is often variation between them that reflects the
Publish At:2020-09-14 10:32 | Read:242 | Comments:0 | Tags:Security Awareness

Creating a Cybersecurity Culture Starts With Your Team

As cyberattacks become more prevalent and sophisticated, companies must put more faith in their employees to make sure they don’t put data at risk or fall victim to ransomware. But, employees are busier than ever. And, creating a cybersecurity culture at work becomes both more important and more challenging when employees work at home. Creating a stro
Publish At:2020-09-09 13:18 | Read:247 | Comments:0 | Tags:CISO Data Protection Security Services Cybersecurity Trainin


Tag Cloud