Microsoft Secure Score: Your First Line of Defense
Is your business truly secure? With cyber threats becoming increasingly sophisticated, it’s crucial to stay one step ahead. That’s where Microsoft Secure Score, a powerful vulnerability management tool, comes in. This tool offers an all-encompassing overview of your organization’s security posture, enabling you to assess and enhance it effectively by tracking metrics and scores for […]
Cybersecurity 101: Best Practices You Need to Know Protect Your Digital Assets
Cybersecurity is the practice of protecting computer systems, networks, and sensitive information from theft, damage, or unauthorized access. It is a critical aspect of modern-day life as we increasingly rely on technology for our daily activities. Information security is a subset of cybersecurity that focuses on protecting digital data from unauthorized access, use, disclosure, disruption, […]
Secure Your Accounts Using App-Based Authentications
By: Alex Weinert In my blog Your Pa$$word doesn’t matter, I laid out the key password vulnerabilities, and in response to a gazillion “but other creds can be compromised, too” DMs and emails, I wrote All our creds are belong to us, where I outlined vulnerabilities in credentials other than passwords and highlighted the promise of passwordless, […]
Ransomware Attacks in Healthcare: Security Tips to Secure Your Organization’s Data
By Puja Mahendru The outbreak of COVID-19 has put cyberattacks on healthcare providers into hyperdrive. Factors contributing to such attacks include, but aren’t limited to: Ryuk ransomware, in particular, has seen a resurgence recently. Sophos recently identified a new spam campaign linked to the Ryuk actors, and our Managed Threat Response team assisted an organization in mitigating a Ryuk […]
Microsoft on the counter-attack! Trickbot malware network takes a hit
Good news, for a while at least. Microsoft went to US District Court for the greater good of all of us and came away with a court order permitting it to take over a whole raft of internet servers. The company was authorized to take over a wide range of IP numbers, effectively ripping them out from […]
8 tips to tighten up your work from home network
Earlier this week, we published an article headlined “If you connect it, protect it.” The TL; DR version of that article is, of course, exactly the same as the headline: if you connect it, protect it. Every time you hook up a poorly-protected device to your network, you run the risk that cybercriminals will find […]
Phishing tricks – the Top Ten Treacheries of 2020
Sophos Phish Threat, in its own words, is a phishing attack simulator – it lets your IT department send realistic-looking fake phishes to your own staff so that if they do slip up, and click through… …it’s not the crooks on the other end. The phishing scammers are testing you all the time, so you might as […]
Russian cybercrime suspect arrested in $1M ransomware conspiracy
by Paul Ducklin Here’s a cybercrime conspiracy story with a difference. When we write about network-wide ransomware attacks where a whole company is blackmailed in one go, two burning questions immediately come up: How much money did the crooks demand? Did the victim pay up? The answers vary, but as you have probably read here on […]
Business Email Compromise – What it is and how AI Technology can stop and detect fraud.
Younghoo Lee is a Senior Data Scientist at Sophos. Together with Joshua Saxe, Sophos Chief Scientist, he recently presented these findings at DEFCON 28 AI Village. Business Email Compromise (BEC) It is a form of targeted phishing where attackers disguise themselves as senior executives to dupe employees into doing something they absolutely shouldn’t, like wire money. […]
Cybersecurity Awareness and Tips
Copyright AKAVEIL Technologies LLC all rights reserved Written by D. Gowen Cybercriminals Target the Weakest Link Cybercriminals are relentless. The more business protects themselves the more cybercriminals prey on that which the business cannot directly control – the behaviors of people! Business must invest in ongoing cybersecurity awareness and end-user training to ensure even this […]