now browsing by tag


#cyberfraud | #cybercriminals | Rimbey RCMP warn public scams related to COVID-19 cropping up – Stettler Independent

Source: National Cyber Security – Produced By Gregory Evans

Rimbey RCMP are warning residents of scams using the COVID-19 outbreak as a cover.

Scams associated with the global pandemic have been cropping up, feeding on people’s fear, uncertainty and misinformation during a difficult time.

“Fraudsters are exploiting the crisis to facilitate fraud and cyber-crime,” Rimbey RCMP said in a press release.

Scammers are using many different means to attempt to exploit innocent victims.

There have been a number of reported scams concerning COVID-19.

These scams include door-to-door sales people, and people posing as an official from the Red Cross.

RCMP say they following scams that have been reported:Cleaning or heating companies – offering duct cleaning services or air filters to protect from COVID-19

Local and provincial hydro/electrical power companies – threatening to disconnect your power for non-payment

Centers for Disease Control and Prevention or the World Health Organization – offering fake lists for sale of COVID-19 infected people in your neighbourhood

Public Health Agency of Canada – giving false results saying you have been tested positive for COVID-19, tricking you into confirming your health card and credit card numbers for a prescription

Red Cross and other known charities – offering free medical products (e.g. masks) for a donation

Government departments – sending out coronavirus-themed phishing emails, tricking you into opening malicious attachments, tricking you to reveal sensitive personal and financial details

Financial advisors – pressuring people to invest in hot new stocks related to the disease, offering financial aid and/or loans to help you get through the shut downs

Door-to-door sales people – selling household decontamination services

Private companies – offering fast COVID-19 tests for sale – Only hospitals can perform the test. No other tests are genuine or guaranteed to provide accurate results and the selling fraudulent products that claim to treat or prevent the disease threaten public health and violate federal laws

RCMP are reminding residents to be mindful and award of the following:Spoofed government, healthcare or research information

Unsolicited calls, emails and texts giving medical advice or requesting urgent action or payment

Unauthorized or fraudulent charities requesting money for victims, products or research

High-priced or low-quality products purchased in bulk by consumers and resold for profit. These items may be expired and/or dangerous to your health

Questionable offers, such as: miracle cures, herbal remedies, vaccinations, faster testing

Fake and deceptive online ads, including: cleaning products, hand sanitizers, other items in high demand

It is important to remember where to find trusted information and advice about COVID-19.

For the latest updates on health information look to the Public Health Agency of Canada and the World Health Organization, RCMP say.

Any questions or concerns about any health insurance should be directed to your insurance provider.

RCMP also recommend having anti-virus software install on your devices to protect from suspicious email or ads online.


Get local stories you won’t find anywhere else right to your inbox.
Sign up here

Source link

The post #cyberfraud | #cybercriminals | Rimbey RCMP warn public scams related to COVID-19 cropping up – Stettler Independent appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | VPNs: Not a cybersecurity slam dunk for telecommuters in the age of COVID-19

Source: National Cyber Security – Produced By Gregory Evans

CISOs and cybersecurity teams around the world are watching their threat surface multiply as millions of staffers find themselves working from home for the first time in order to help constrain the spread of Coronavirus.

The removal of these people from the safe and controlled working environment found in their offices and tossing them into the wild, so to speak, means a greater dependence on VPNs, which may prove problematical as most large enterprises are not prepared to host the majority of their workforce online, and smaller companies may not be set up at all for this type of access.

Then there is the additional threat posed by workers operating outside the direct oversight of IT and security teams possibly making catastrophic decisions that could endanger the entire organization.

Stan Lowe, global CISO for Zscaler, noted that most businesses have enough VPN hardware to generally handle between 20 percent and 30 percent of their workforce working remotely. However, now that entire corporations have been forced to send their employees home with their laptops this is proving not to be anywhere near enough.

It is also no simple nor inexpensive matter to go out and purchase additional equipment, at least the type needed by larger firms that require a high degree of security, Lowe said. Zscaler is a provider of a cloud-based, remote access software.

“If you need more equipment, it takes time—you have to buy it, wait for it to ship and arrive then deploy it, update the hardware and keep it updated. And that’s just the VPN stack. Trying to scale VPNs and other legacy remote access technology, adding tens of thousands of users, can take months and break a corporate network,” he said, adding three to five months is a good guesstimate for such an upgrade.

For those companies that cannot increase their VPN capacity it might become necessary to put their workers onto shifts so the VPN capability that is on hand is spread out, Lowe said.

Even companies well-equipped to handle an influx in VPN usage face the daunting task of bringing those who normally occupy office space up to speed on how to use their VPN and make sure their home network can handle the added bandwidth.

“IT must be sure to educate their users, so they are aware of the impact on everyone and to limit their bandwidth-heavy activity, like Netflix streaming, to outside of office hours. This will ensure that productivity doesn’t drop and that users don’t try to forgo the VPN altogether, which could have dire consequences for the security of the business,” said Justin Jett, director of audit and compliance for Plixer.

Another unique situation that needs to be addressed, Jett said, is that not only are employees at home, but so is the rest of their family. A person attempting to do work at the kitchen table is competing with their spouse who is working from the den and their kids who may be gaming or streaming video in another room. All of these demands need to be balanced so work can get done, perhaps requiring the kiddies to limit themselves to board games during the day and steaming when office hours are over.

Then there is the cybersecurity aspect of this new reality. Using a VPN does not by itself make working from home more secure. Lowe pointed out that with people linking in from all over the world, possibly through an insecure router, a company’s attack surface is vastly increased. Even those with a safe connection can cause problems as cybercriminals are working overtime right now to come up with new phishing lures designed to grab login credentials from all the individuals who are now telecommuting full time.

“A VPN only secures the communication channel between the employee’s workstation and the corporate network. However, as a massive amount of home workers now start to use their personal workstations to access corporate assets, it’s only a matter of time until we see a soaring number of cyberattacks that originate from these personal devices that can be easily breached,” said Tal Zamir, co-founder and CTO of Hysolate.

If just one person makes a mistake a malicious actor could gain the information needed to access a corporate network. Placing even more pressure on the individual is the fact that there is nobody from the company’s IT department or security team within earshot to ask if an email is malicious or legit.

“If devices are infected with malware, even workers who use a VPN client cannot evade attackers who can ride their VPN connection to raise havoc in enterprise networks. The more users are working from home, the greater the risk. Organizations should instruct employees to use trusted dedicated workstations to access sensitive corporate assets and avoid using their multi-purpose personal devices,” Tamir said.

A VPN breach is about as bad as you can get, the ability for someone to travel internally from VPN infrastructure into sensitive data is extremely easy, said Aaron Zander, Head of IT at HackerOne.

Companies able to add VPN capacity are not safe but must takes several extra measures to ensure errors are not made in their haste to deploy the new hardware.

“Triple check all of your network configurations, ACL’s, firewall rules, etc. Without a doubt in 9 months from now, we’ll be looking at news stories about two impacts resulting from COVID-19 — all the babies being born, and all the breaches that have happened because of negligent infrastructure,” Zader said.

Original Source link

The post #cybersecurity | hacker | VPNs: Not a cybersecurity slam dunk for telecommuters in the age of COVID-19 appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | UK Spies Hunt Down Covid-19 Threats

Source: National Cyber Security – Produced By Gregory Evans

The UK’s National Cyber Security Centre (NCSC) has stepped in to remove malicious and phishing websites linked to Covid-19 scams, but warned that attacks could increase if the outbreak does.

The GCHQ body said that phishing efforts using the Coronavirus as a lure have led to victims losing money and sensitive data across Europe.

It urged businesses and consumers to consult its advice on email scams and dealing with malware to better insulate them from the threat of ransomware, credential theft and fraud.

“The NCSC has seen an increase in the registration of web pages relating to the Coronavirus suggesting that cyber-criminals are likely to be taking advantage of the outbreak,” it said.

“Continued global susceptibility to phishing will probably make this approach a persistent and attractive technique for cyber-criminals. Moreover, if the outbreak intensifies, it is highly likely that the volume of such attacks will rise.”

Security vendors have been sounding the alarm over phishing attacks for more than a month. Emails are often spoofed to appear as if sent from the World Health Organisation (WHO), the US Center for Disease Control (CDC) or other official bodies, and claim to contain new information on the outbreak in an attachment or via a link.

Some are laden with malware while others request the user enter their email and password, Outlook log-ins or other credentials to proceed. There are also reports, cited by the NCSC, of fraudsters requesting Bitcoin donations to fund a fake vaccine, and even scam sites selling fake antiviral equipment.

“We know that cyber-criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak,” said NCSC director of operations, Paul Chichester.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | UK Spies Hunt Down Covid-19 Threats appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Apple’s COVID-19 Response – Apple

Source: National Cyber Security – Produced By Gregory Evans

In Our Offices and Stores

First, I want to recognize Apple’s family in Greater China. Though the rate of infections has dramatically declined, we know COVID-19’s effects are still being strongly felt. I want to express my deep gratitude to our team in China for their determination and spirit. As of today, all of our stores in Greater China have reopened. I also want to thank our operations team and partners for their remarkable efforts to restore our supply chain. What we’ve learned together has helped us all develop the best practices that are assisting enormously in our global response.

One of those lessons is that the most effective way to minimize risk of the virus’s transmission is to reduce density and maximize social distance. As rates of new infections continue to grow in other places, we’re taking additional steps to protect our team members and customers.

We will be closing all of our retail stores outside of Greater China until March 27. We are committed to providing exceptional service to our customers. Our online stores are open at, or you can download the Apple Store app on the App Store. For service and support, customers can visit I want to thank our extraordinary Retail teams for their dedication to enriching our customers’ lives. We are all so grateful to you.

In all of our offices, we are moving to flexible work arrangements worldwide outside of Greater China. That means team members should work remotely if their job allows, and those whose work requires them to be on site should follow guidance to maximize interpersonal space. Extensive, deep cleaning will continue at all sites. In all our offices, we are rolling out new health screenings and temperature checks.

All of our hourly workers will continue to receive pay in alignment with business as usual operations. We have expanded our leave policies to accommodate personal or family health circumstances created by COVID-19 — including recovering from an illness, caring for a sick loved one, mandatory quarantining, or childcare challenges due to school closures.

Source link

The post #deepweb | <p> Apple’s COVID-19 Response – Apple <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Alert Logic COVID-19 Preparedness and Response

Source: National Cyber Security – Produced By Gregory Evans

To the Alert Logic customer and partner community,

With the global coronavirus (COVID-19) situation continuing to develop, Alert Logic is actively taking steps to safeguard the health of our employees and mitigate the spread of the virus in all the communities we are members of, while ensuring the continuity of our operations and maintaining consistently high levels of service to you.

As a worldwide organization that is entrusted to deliver an essential service 24/7, we are well prepared for the unexpected. In addition to our standard business continuity plans, we began reviewing and implementing specific provisions shortly after the COVID-19 outbreak occurred in China. While there continue to be unknowns, we are here and we are ready.

To support our employees in their well-being, we are asking them to work from home and refrain from all non-essential travel. Operating remotely is business-as-usual for our global team. We have voice and video systems in place and have encouraged their use for most customer and business partner meetings. In addition to operational enablement of our remote workforce we maintain the security controls and access management to support continuous monitoring and compliance.

Your day-to-day interaction with Alert Logic will remain unchanged. Our security operations are designed for continuous availability, operating across multiple geographic locations and capable of shifting resources and workflow as needed. Our online systems are built for extreme scale and are expected to operate without disruption. They will continue to be monitored and supported by the Alert Logic engineering and operations teams.

We will remain vigilant as this situation evolves, and continue to adjust our operations as needed. We are confident in our ability to uphold our commitments to your business and trust during this challenging time, and will maintain an open line of communication with the extended Alert Logic community throughout. We appreciate your continued trust and partnership as we navigate through this situation.

Best regards,

Bob Lyons, President and CEO
Alert Logic, Inc.

About the Author

Bob Lyons

As Chief Executive Officer, Bob Lyons brings Alert Logic more than 25 years of experience as a global executive with a demonstrated track record of value creation through technology innovation, revenue growth, customer experience and operational excellence. He is recognized for his success in helping high-growth technology and Software-as-a-Service companies scale globally and innovate, most recently as President and Chief Operating Officer of Connexions, a global leader in SaaS based customer loyalty and engagement solutions. Previously he served as Executive Vice President, Technology and Operations at Ascend Learning, a leading educational content and SaaS company. At Alert Logic, Lyons will support the company’s continued leadership and growth in security and compliance solutions for today’s diverse technology environments.

More Posts by Bob Lyons

Source link

The post #cybersecurity | #hackerspace |<p> Alert Logic COVID-19 Preparedness and Response <p> appeared first on National Cyber Security.

View full post on National Cyber Security