Weekly Security Roundup #44: Old Cyber Criminal Tricks Still Work
But you can use the same ol’ protection tactics too
As cyber security issues garner more attention, important questions arise that touch deeper issues with our ability to secure the platforms and infrastructure we build and so readily adopt.
Because we’re on a quest to provide actionable, relevant cyber security advice, we asked 27 experts in the field to share their knowledge. We wanted to identify what common mistakes that users make so that users can acknowledge them and start working on enhancing their protection online.
We received answers cyber security experts such as Brian Donohue, Graham Cluley, Troy Hunt, David Harley (ESET), Daniel Cid (Sucuri), Candid Wuest (Symantec), Tony Anscombe (AVG) and more, who generously shared their opinion. We gathered all the results in “The Most Common Mistakes These 27 Cyber Security Experts Wish You’d Stop Doing“, which we makes for a great (although admittedly a bit long) weekend read.
But not only home users are battling cyber threats. Corporations are having an even more difficult time with security challenges, especially since no organization wants to make headlines these days when it comes to data breaches. Heimdal’s CEO, Morten Kjaersgaard, touched the issue of burnout that may come as a consequence of APTs delivering ransomware in “Crypto’wear Is Emerging As a Security Topic“.
And then plenty of security news followed. But because we value your time and want to help you make the most of it, we selected 10 of the most important pieces of information you should read in the Weekly Security Roundup.
Security articles of the week
Simon Crosby, the Co-founder and CTO of Bromium Inc., published an article on TechCrunch yesterday called “The Psychology Of Insecurity” in which he depicts alternative ways to increase corporate cyber security levels without necessarily spending a lot more money. His perspective is definitely useful to those CISOs who keep using the same tactics and tools and feel that there’s not much else they can do.
Not only home users need to improve their protection when doing online financial transactions, but financial institutions as well. And there is a lot more they could do to improve their protection and responsiveness to cyber threats and cyber attacks.
Cyber criminals probably worry more about staying anonymous than anyone else. Which is why this happened:
Agora, the Tor network’s largest black marketplace, has been temporarily shut down because its administrators worry the website is vulnerable to recent methods of exposing Tor Hidden Services.
If you’re having privacy concerns over the so-called “spying” features in Windows 10, this article will guide you in claiming back your usual settings.
Dealing with phishing attacks is an increasingly costly business. Proof:
The average 10,000-employee company spends $3.7 million a year dealing with phishing attacks, according to a new report from the Ponemon Institute.
But it turns out that education on the issue could have a huge impact and can help save nearly $4m annually for companies that devote resources to this objective. And this type of education could also significantly reduce the financial impact of scam emails, that the FBI warns about.
Prakash Linga, CTO at Vera, suggests that reducing complexity and providing better interfaces and processes can help greatly reduce cyber threats and increase users’ online protection.
And that is great thing! The fact that generation Y values privacy and security over other features is a great indication of their awareness of issues that are troubling most people in the tech industry.
That is also the reason why they pay more attention to how companies and governments are handling their data. A recent study shows that not only do millennials think that these entities are doing a poor job at protecting their data, but they are also aware that threats on their privacy and security are likely to increase.
Old threats seem to stand the test of time and prove their effectiveness over and over, in spite of cyber security issues having become somewhat common knowledge. This is the case with social engineering, which continues to exploit the lack of cyber security awareness among home users.
And it doesn’t help that social media is a new channel used to disseminate millions of spam messages.
Browser add-ons can be much more dangerous than you think. For example, Webpage Screenshot Leaked private data for 1.2 million users earlier this year, but if it can do this then it can also infect you with malware.
So Google decided to take action and prevent the installation of plugins from webpages, which is a great step! For increased protection, head on over to our Ultimate Guide to Secure your Online Browsing to get more tips on how to keep safe online.
These simple 6 reasons that prove the Internet of Things is difficult to secure will make you shudder. Careful which device and company you share your data with.
That’s it for this week. Of course, we didn’t forget about the Ashley Madison hack, but you probably already caught that on the news, well, everywhere. Is there something else that caught your eye? Let us know in the comments below.