A new phishing campaign has been spotted that pretends to be from a local hospital telling the recipient that they have been exposed to the Coronavirus and that they need to be tested.

The FBI has warned that scammers are using email scams to capitalize on the coronavirus scare, including messages purporting to be from national authorities like the Centers for Disease Control and Prevention. “Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them,” the Federal Bureau of Investigation […] The post Don’t Fall for These COVID-19 Scams, FBI Warns appeared first on Security Boulevard.

As COVID-19 cases have further spread over the past few weeks, our team has come across new lures that target an individual’s fear of coronavirus as it relates to their health insurance coverage. Both examples lead to malicious sites that attempt to steal Microsoft Office 365 login credentials. The post COVID Phishing Update – Insurance Coverage Lures appeared first on Security Boulevard.

The coronavirus crisis is forcing people to distance themselves from others, work remotely, and spend time indoors and online. While social distancing is a good health practice to reduce the spread of the coronavirus, it may be helping scammers. Research from the Better Business Bureau (BBB), the FINRA Investor Education Foundation, and the Stanford Center on Longevity found that people are more likely to lose money to a scam when they are socially or physically … More → The post Social isolation is a risk factor for scam loss appeared first on Help Net Security.

The University of Utah Health is notifying patients whose protected health information was in some employees’ email...

Hackers are exploiting the hardship and concerns faced by households across the country with false emails claiming to offer support in the form of a tax rebate.

FBI's Internet Crime Complaint Center (IC3) today issued a public service announcement on human traffickers' continued usage of online platforms like dating sites and social networks to lure victims. [...]

Using homographic characters is an easy way to execute a convincing fake site.

Robert Ross was sitting in his San Francisco home office in October 2018 when he noticed the bars on his phone had disappeared and he had no cell coverage. A few hours later, he had lost $1 million.

Passwords remain the dominant method of authentication and top cause of data breaches, according to MobileIron.

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute. The conclusion is that IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation and reality are often misaligned when it comes to the implementation of usable and desirable security solutions. The tools and … More → The post Users still engaging in risky password, authentication practices appeared first on Help Net Security.

A complex and robust password is the first step towards a safer online presence, but some people straight up ignore this simple rule and choose the worst possible password. The weakest passwords, at least, are remarkably consistent from year to year, according to information provided by SplashData. The user name and password for login are […] The post !@#$%^&*: The Most Used Passwords in the World Are as Bad as You Imagine appeared first on Security Boulevard.

63% of enterprise professionals have created at least one account without their IT department being aware of it, and two-thirds of those have created two or more, the results of a recent 1Password survey have revealed. Even more worryingly, only 2.6% of these 63% use a unique password when they create a new shadow IT account at work and just 13% use a password generator – the rest re-use a memorable password or use a … More → The post Shadow IT accounts with weak passwords endanger organizations appeared first on Help Net Security.

As an early domain name investor, Mike O'Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O'Connor refused to auction perhaps the most sensitive domain in his stable -- corp.com. It is sensitive because years of testing shows whoever wields it would have access to an unending stream of passwords, email and other proprietary data belonging to hundreds of thousands of systems at major companies around the globe.

The security of your bank account, Netflix account and email inbox depends on how well you safeguard your passwords.

Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment. Categories: Opinion Tags: advanced persistent threatadvanced persistent threatsAPTbreachcredential managementcredentialsdata breachhackingmanaged service providerMSPMSPsphishing (Read more...) The post Securing the MSP: their own worst enemy appeared first on Malwarebytes Labs.

With the complexity of consumer devices only increasing, contextual security should be a priority for all – a situation which would avoid password shaming.

British streaming service the latest to suffer major security incident

Human beings are poor judges of risk. For example, we perceive the risk of air travel to be higher than it actually is after a fatal aviation-related accident happens. We also tend to dismiss risks just because we don’t see a tangible negative impact right away. This is, for example, what prevents many from making dental hygiene a priority: we all know dental hygiene is critical to our health and a relatively easy “investment”, but … More → The post What’s preventing organizations from making pragmatic security decisions? appeared first on Help Net Security.

If you’re reading this from your home while working remotely during the COVID-19 crisis, you’re in good company. A recent study by Global Workplace Analytics showed that even before the coronavirus forced us all into working from home, remote work had grown by 173% over the last 15 years, with nearly 5 million telecommuters in.. The post Protecting Remote Workers From Cyber Threats appeared first on Security Boulevard.

Your boss just called and all your employees are mandated to work from home for the next two to three weeks due to the potential COVID-19 pandemic. What could go wrong? What risks are you now bringing to the firm? These are the actions should you take immediately to ensure you can allow your workforce to work remotely and securely.To read this article in full, please click here (Insider Story)

Take these six concrete steps to ensure that your home WiFi network and asociated hardware is secure and properly configured for remote work. The post How to Secure a Home WiFi Network for Remote Work appeared first on JumpCloud. The post How to Secure a Home WiFi Network for Remote Work appeared first on Security Boulevard.

Gallagher study finds companies exposed to service outages and data loss risks

Maia Snow reports: Concerns have been expressed after documents containing patient information was stolen from a...

Faced with increasing volume and sophistication of cyber threats, CISOs and security teams need to find ways to ... Read More The post How to Use NIST’s Cybersecurity Framework to Foster a Culture of Cybersecurity appeared first on Hyperproof. The post How to Use NIST’s Cybersecurity Framework to Foster a Culture of Cybersecurity appeared first on Security Boulevard.

Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.

43% of IT professionals report using spreadsheets as one of their resources for tracking assets, according to Ivanti. Further, 56% currently do not manage the entire asset lifecycle, risking redundant assets, potentially creating a risk, and causing unnecessary and costly purchases. Findings from the survey demonstrate the need for greater alignment between ITSM and ITAM processes, especially when looking at the time spent reconciling inventory/assets. Nearly a quarter of respondents reported spending hours per week … More → The post 43% of IT professionals are still tracking assets in spreadsheets appeared first on Help Net Security.