All it takes is one mistake, one wrong click or weak password, one unpatched vulnerability, for a malicious threat actor to infiltrate your network. Once they are inside, the options are endless. Security can never be 100% airtight, but making sure you have strong armor at the frontline will critically minimize the attacks that have a chance of penetrating your network. How is this defense built? Most of the time, our mind jumps right to the tools – which technologies can we use to armor up? But effective security is much more than that – setting in place the right mindset, personnel, processes AND tools is the key to keeping your data secure. In this blog post, we will share critical mistakes that managers, IT teams and employees alike should be aware of in order to make the right choices and keep the company network safe.

Wondering what our readers were most interested in over the past year? Wonder no more! We've rounded up our most read articles of the year to save you time. Wrapping up the worldwide roller coaster that was 2020, we wish we were feeling a little more nostalgic. Covid-19 came in like a tornado and changed up our daily lives as we knew them. The security industry, accordingly, also had to change mindsets and processes to adjust to a new, distributed-access-focused reality.

The Best, according to you:

Winter holidays are a glowing delight, filled with cozy warm drinks, great food, decorations, family traditions, and of course – presents. Families know the feeling of December creeping in, and the burst of joy filled with urgency that comes with it. People rush to shopping malls by the handfuls, making a day (or days) of purchasing gifts for their friends and loved ones. But the Covid-19 pandemic has reshaped the holiday shopping experience, migrating holiday shoppers from mall trip extravaganzas to multi-platform online shopping. Probably the last thing buyers are thinking about when deliberating between a blue bike or a green scooter is the plethora of cyber attackers just waiting for them to make one mistaken make one wrong click, and fall victim to a phishing scam that can drain all the money (and holiday joy) from your stocking.

2020 has been a crazy year for everyone – including higher education institutions. While the world scrambled to keep health care systems afloat AND hold on to flailing economies over the summer, universities and colleges dealt with a different challenge – taking an extremely social experience, the education system, and putting it online. There’s no doubt that online learning saves facility expenses and time, but it has made Higher Ed institutions – and their students and staff – much more vulnerable to cyber attacks. University systems and networks need to be accessible to students from home, and in a time when online study life and online personal life merge, students may very well be putting the institution’s systems at risk as well.

In recent months, the global COVID-19 epidemic has forced millions of employees to work from home. While some have experience working remotely in the past, for most working from home for months on end has been a first-time experience. Cyber attackers are at large exploiting this time of chaos and panic to deploy a variety of attacks, and with millions working from home, a plethora of additional vulnerabilities and attack options arise. In this article, we will recommend 10 tips for secure remote work from your home during COVID-19.

When security personnel think of email attacks, usually the first word that comes to mind is “phishing." While phishing is a very common (and sadly, very successful) attack vector, many threat actors take a different approach to gaining access to victims’ accounts. Breaching an email mailbox is a critical first step, creating a doorway to endless exploitation possibilities.

In this blog post, we will outline five different ways that cyber attackers can breach your email account and steal personal information.

With the Coronavirus death toll constantly on the rise, people are becoming more and more panicked. It seems that almost everyone these days is thirsty for any information they can get on how to avoid the deadly virus, creating a tremendous opportunity for cyber attackers to exploit these fears and steal personal information and credentials.

Malicious emails are one of the cyber realm’s most widespread epidemics. Over 215 billion business and consumer emails are received daily, and with such an overwhelming flow of emails arises a very attractive opportunity for threat actors to easily penetrate victims’ online activity and lure them in to giving up credentials, downloading malware and more. According to the Symantec Internet Threat Security Report, one out of 412 emails contains a malware attack.

Although it seems as though cyber awareness is somewhat increasing due to the attempt to keep up with rapid advances in attack techniques, preying on human error continues to be extremely rewarding for threat actors. In retrospect, many email attack victims are dumbfounded when they realize that the email they so willingly acted upon is quite obviously suspicious upon second look. On top of that are highly thought out, sometimes tailored malicious emails, which do not even alert relatively cyber-aware people.

DNS is one of the single biggest important components to making the global internet work and it is often the most neglected aspects of a network. Invented in the 80's, DNS “just works," but its ease of use has people overlooking the power of using it to protect their customers. DNS offers the first clues to what is going on in your network and is used by criminals to steal data.

Recently, we were contacted regarding two different incidents of Business Email Compromise (BEC), where there was an attempt to redirect wire transfers from individuals to another bank account. One was successful and the victim lost six figures, one was interdicted because of an attentive individual who picked up the phone to ask, “Uh, are you sure this is right?” This kind of fraud is increasing and are more specifically targeted towards smaller firms and individuals trying to redirect high-dollar transactions.