Fear, uncertainty, and doubt (FUD) hold powerful influence over humans. Fear itself is a deeply powerful emotion that causes specific reactions in the brain, and uncertainty and doubt are feelings that manipulate your actions, your employees’ actions, and your business operations. Examples of FUD have a long-standing history in the information technology and information security industries. In the 1970s, IBM utilized FUD tactics to make buyers question trying new products by casting a shadow of fear over the idea of unknown products compared to IBM’s safe, known offerings. In the 1980s, IBM was given a taste of its own medicine […] Continue Reading >
What Do You Know About Tweedle Beetles?
For that past few years, thanks to having an amazing little addition to my family, I have been reading a lot of Dr. Seuss books, and one of my favorites is “Fox in Socks” If you haven’t read it to your kids, you should. Well…you can try. If you don’t have kids it is an entertaining read anyway. It puts your tongue to the test when read out loud. The last story in the book talks about “tweedle beetles” and for some reason it, got me thinking about phishing. Phishing these days comes in many forms and names, just like […] Continue Reading >
Healthcare: Security in Crisis?
The other day my wife went to the doctor, and a few weeks before that we took our son to the dentist. We had to fill out all the paperwork and give them all the usual PII, including name, address, phone number, alternate contacts, SS#, DOB, driver’s license, insurance info, weight, height, underwear size (just kidding), then we paid them with our credit card. All the while trusting that they are keeping our information safe and secure. Well, they are keeping the information we entrust them with secure, right? How do we know if they are? Let’s look at […] Continue Reading >
Vendors, Educating, and Social Media Marketing
What do professionals inadvertently disclose about the operations security (OPSEC) of their organizations and themselves while giving advice? Becoming a known educator and voice in your area of expertise is effectively done by drawing connections between yourself, your knowledge base, and your audience. Often in Information Security (InfoSec), this involves sharing an anecdote or short story that others can relate to and emphasizing the security benefits or areas of improvement that are seen in the story. However, even the most savvy security professionals should be wary of what information they provide that could be used by an attacker. Where is […] Continue Reading >
A Nonverbal Analysis of Mark Zuckerberg’s Congress Testimony
Most of us are familiar with the fact that Mark Zuckerberg, CEO of Facebook, is testifying in front of Congress this week regarding Facebook’s mishandling of user data. This hearing is being watched around the globe by corporations, governments, and users alike. Like many of you, I am watching much of the hearing to see what is being said. But I also am watching much of it to see what is NOT being said, by doing a nonverbal analysis. This nonverbal analysis will cover microexpressions and body language tells that may reveal what Mr. Zuckerberg is thinking. A microexpression is […] Continue Reading >
Your Phone’s Betrayal
Look at your phone and ask yourself, do you rely on that tiny device for your business dealings? Your important family notifications? Your link to the outside world? If the answer to any of these is “yes” then it is critical you be aware of the rise in phone porting scams, and how they can affect you and your business. According to the New York Times, there were 1,038 documented cases of phone porting incidents in 2013, and that number jumped to 2,658 in 2016. In February of this year, there was a resurgence in this type of attack, largely […] Continue Reading >
When Training Does Not Equal Security
For many organizations computer security training does not appear to impact the user population in a manner that protects the company assets and confidential data as intended. It is a tough balance to deliver enough information to explain the organization’s security stance, and have it succinct enough to be retained by employees. Continue Reading >
Are You Being Vigilant Against a Dumpster Diving Attack?
When one thinks of Open Source Intelligence (OSINT) things like Facebook, court records, and Google-fu typically come to mind. However, a skilled reconnoiter will also utilize the contents of your trash when looking for information. Fraudsters can use information found in a dumpster to find vendor lists, quotes, customer information, and other proprietary secrets of a business. If they are searching the trash from your house, they may be able to find out banking information, insurance policies, and other Personally Identifiable Information (PII) on you and your family. Whether it’s business or personal, information found can be used to mount […] Continue Reading >
Stay Safe in the Tax Season after Equifax
‘Tis the season for tax fraud and identity theft via tax-related scams. Tax fraud has been on the rise for years, and nearly 1 out of every 2 Americans are at increased risk for tax fraud due to the Equifax breach. 145 million Americans had their personally identifiable information (PII) stolen during that breach bringing added stressors with increased unknowns. After the breach, you may have been instructed to freeze your credit and take precautions to protect your finances, credit, and life from potential malicious actors, but it must be noted that freezing your credit is not enough to prevent […] Continue Reading >
Look out for More SMiShing This Year
With the new year come new social engineering threats to users. While many of these threats themselves are not new, the rising frequency and execution of them is worth attention. Continue Reading >
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 7
- Next Page »
