It seems like privacy breaches and data security failures are more prevalent than ever, resulting in serious consequences to the average consumer. According to a report by the Identity Theft Resource Center, more than 446 million records were exposed in 2018. Institutions that do not take a proactive approach to minimizing cybersecurity risks may face enormous financial, reputational and legal repercussions.
October marks National Cybersecurity Awareness Month, a collaborative effort between government and industry to raise awareness about the importance of cybersecurity.
Penn State takes data security very seriously. The University believes that protecting our most valuable information assets is everyone’s responsibility — it’s a partnership between Penn State and you.
Cybercriminals routinely target higher education institutions. They typically seek unauthorized access to the wealth of information that is being developed, collected and retained, such as personally identifiable information and research data.
You can help to keep information secure by:
Taking your time. Cybercriminals are very good at trying to get people to take immediate action. Slow down and decide if the information seems unreasonable or too good to be true before taking any action.
Considering the source. Pay attention to the sender of the email. Is it the correct address? Does the link or attachment seem reasonable? If you’re suspicious, forward potential phishes as an email attachment to firstname.lastname@example.org.
Keeping your software up to date and installing an anti-virus program. Software updates offer a line of defense against cyberattacks. You can easily enable automatic updates on Mac and Windows operating systems so that you’ll always have the latest, most protected version of the software.
Using a unique password for every account you own. Attackers often count on their victims using the same credentials on other websites and systems. Make a unique password for each site and never share it. Use 2FA (two-factor authentication) where possible. To enroll, go to https://get2fa.psu.edu/. Penn State requires faculty and staff to use 2FA on their Penn State Access Account and recommends enabling it on other platforms that offer it, such as gmail.
For more information on National Cybersecurity Awareness Month, please visit: https://security.psu.edu/ncsam-2019
For more information on Penn State’s Office of Information Security, please visit: https://security.psu.edu.
In just under 20 years, the internet has exploded to 2 billion websites. Naturally, with this growth has come fraud, amounting to a staggering $2 trillion in losses in 2019. Thankfully, cybersecurity has also developed into a $120 billion market, expected to grow to nearly $300 billion by 2024. Cybersecurity is considered one of the most important industries around the world given the continuous interconnectivity of devices and people.
In an epic cat and mouse game, cybersecurity companies and fraudsters have continuously worked to outsmart each other. This has led to proactive innovations in areas such as cloud security on the enterprise level, as well as mobile security for consumers. There is also a lingering question around data privacy and sovereignty.
As we head into the final quarter of 2019, here are a handful of companies working tirelessly to help companies and individuals enjoy the internet with greater safety and peace of mind.
Oxylabs is the leading provider of premium proxies and data gathering tools, such as unrivaled Real-Time Crawler, for 400+ global businesses. Founded in 2008, but referred to as a 4-year-old brand with products launched in 2015, Oxylabs shook their market and took the best proxy service title of 2019.
Oxylabs isn’t just a security company, yet global companies rely on their proxy pool infrastructure and innovative solutions for brand protection, ad verification, and email security purposes. Oxylabs provide future-proof resources and also excels in consulting their partners with extensive 110+ professionals hands-on experience in web harvesting and monitoring.
Winner of the IBM ‘Beacon Award’, ‘Microsoft Partner of the Year Award’ and TechXLR8 Award in the category ‘Best Cloud Security Platform’, eperi is undoubtedly an interesting player in the Cyber security sector. With 15 years of experience in the field of data encryption for cloud applications, the Europe-based company holds several global patents for its innovative technology.
eperi’s solutions deliver unrivaled data-centric security such as field level encryption, tokenization and unstructured data encryption for cloud services, web applications and private apps from anywhere, on any device. The platform empowers some of the world’s largest organizations with GDPR compliance, solving data residency problems, and fulfilling legal requirements. eperi enables customers with unhindered use of the Cloud without having to worry about liability, irrespective of the cloud application they use.
Led by CEO Vadim Kolchev, INXY.COM is a fast-growing marketplace of hosting services with large expertise in hosting business. Having started in 2005 with only couple of data centers and partners, INXY now has several large branches of hosting services, such as dedicated servers, content delivery networks, VPS, DNS, storage solutions and other useful tools for hosting and beyond.
The main idea is to gather as many hosting services in one place as possible while maintaining high standards of these services with a single and convenient point of entry for payments and support. The marketplace carefully chooses services and providers that satisfy all modern needs for security in hosting and provides customers with free consultations on the best choice for their business needs.
Speaking about dedicated servers and VPS, INXY.COM makes sure that everything is up to the industry standards in terms of datacenter, server, email and other hosting security matters. Their content delivery networks provide the best security standards, such as simple hotlink protection and DDoS mitigation.
Link11 is a German IT security company ensuring cyber resilience for its customers. With its AI-based cloud security platform, customers get access to a range of products securing their websites and IT infrastructures, in order to stay online at all times. The platform’s core product is a highly sophisticated, patent-pending DDoS protection for websites and IT networks, which can be extended with further products such as a Zero Touch WAF, Secure CDN or Secure DNS to get a 360- degree protection solution.
Link11’s products run fully automated and use Artificial Intelligence and Machine Learning in order to exclude human error and make the solution the fastest in mitigating DDoS attacks. Link11 has received several awards for its innovative solutions and strong growth.
Password Safe by MATESO is an enterprise password management system with a track record in IT security of more than 20 years. Password Safe can be easily integrated into many identity management systems as it offers various interfaces to fit existing systems. Users are also able to use DirectAccess, logs for security information and event management, as well as a credential provider for privileged access management. Moreover, the company regularly conducts penetration tests, which is quite uncommon in the industry.
Put simply, Password Safe is a versatile, digital vault for businesses. Above all, with over 500 available settings and features, Password Safe ensures that its software can be individually adapted to all company sizes and needs – from startups to large corporations. Today, over 10,000 companies worldwide use Password Safe, including 20 of the top 30 DAX companies.
Watch out for this iPhone call scam, prominent Germans hacked, Android spyware found and an Acrobat update.
Apple iPhone users should be on the lookout for a phone phishing scam.According to security writer Brian Krebs, it works like this: You get a call and when you look at the phone’s screen to see who it is, the Apple logo, real phone number and real address is displayed. The target in this case didn’t answer the call so a message was left asking her to call a 1-866 number. It probably led to a scammer who would have asked for personal information. So iPhone users, ignore calls purporting to be from Apple. Apple won’t phone you. And for those who use other phones, hang up on anyone who tries to get personal information or passwords.
Hackers somehow have gotten access to private emails, memos and financial information of hundreds of German politicians, reporters, comedians and artists. The information was then published through a Twitter account. At this point no one knows if this was the work of a mischievous activist or a foreign country, or exactly how it was done. But British security writerGraham Cluley suspectsvictims fell for a phishing lure and gave away a password to one of their email or social media accounts. The hacker then went from there. Victims may have also used the same password for different accounts, which also makes a hacker’s job easier. If so, it’s another example of why you shouldn’t use the same password on more than one site, and, where possible enable two-factor authentication to make sure someone else can’t log into your account. Two factor authentication usually sends a six-digit number to your smart phone that you have to enter in addition to your password. Check your applications’ settings to see if you have it.
UPDATE:According to the Associated Press, a popular German YouTube contributor who was victimized said the perpetrator somehow first gained access to his email account and then convinced Twitter to disable a second security check — presumably two-factor authentication — required to take control of his account on the social networking site.
Twitter didn’t immediately respond to a request for comment and it wasn’t clear how many of those affected by the leak had such “two-factor authentication” enabled for their email or social media accounts, and whether the hacker similarly managed to bypass it.
As hard as Google tries to keep malware out of the Google Play store, criminals manage to find ways to evade detection.Trend Micro reportsit discovered spyware hidden in six seemingly legitimate Android applications including a game called Flappy Bird, a presumably copycat called Flappy Birr Dog, FlashLight, Win7Launcher and others. All have been removed from the app store. The spyware would have stolen information like user location, text messages, contact lists and device information as well as try to phish for passwords. Owners of any computing device have to be cautious when deciding what to download, advises Trend Micro.
Finally, Adobe usually issues security updates on the second Tuesday of the month, which is tomorrow. However, it hasalready issued an emergency patchfor Acrobat and Acrobat Reader. So if you use either of these applications check you have the latest versions.