Articles
The Role of a Virtual Chief Information Security Officer (vCISO)
The Role of a Virtual Chief Information Security Officer (vCISO) in an era where cyber threats are increasingly sophisticated and prevalent, businesses of all sizes must prioritize information security. Yet, not every organization has the resources or need for a full-time Chief Information Security Officer (CISO). This is where a Virtual Chief Information Security Officer…
Read MoreBenefits of cybersecurity compliance
By Terry Cutler Cybersecurity and regulatory compliance are crucial diverse areas for businesses, healthcare professionals, financial service providers, and political leaders, involving meeting various regulatory controls to protect data confidentiality and network integrity. Take a deep breath. It’s not as bad as it sounds. Many of these controls come from different sources: CIS Controls (Center…
Read MoreTop technologies for scalability
Rushing through process implementations, technology upgrades, and new hire training can cause botched executions and unnecessary confusion. Businesses must pursue the top technologies for scalability. This sustainable strategy allows them to grow smarter, not just faster. Sustainability in business is about being repeatable, adaptable and capable of scaling up and down as needed. Sustainable scaling…
Read MoreFormjacking
Formjacking involves hackers posting malicious JavaScript codes on eCommerce sites. Users typically enter their private information at the checkout point, where the script waits. As a result, this information is copied. This type of online theft is like someone peering over your shoulder at an ATM and writing whatever you input. Often, hackers create many…
Read MoreCryptocurrency scams
The growing popularity of cryptocurrency has seen an increase in cryptocurrency scams. A cryptocurrency is a digital currency that exists virtually and uses cryptography to secure transactions. It doesn’t rely on the Go-Betweens, such as brokerages, exchanges, banks, or governments. In fact, a peer-to-peer network, known as a blockchain, monitors and organizes the wallet. Cryptocurrency…
Read MoreHacking the Bluetooth
The Bluetooth handshake occurs when two devices pair up to establish a connection, such as your phone and car. Hackers in the area use specialized software and hardware to discover vulnerable Bluetooth-equipped devices. The primary use of Bluetooth involves connecting multiple devices without using cables or wires. Further, Bluetooth relies on short-range radio frequency, and…
Read MoreLockBit 2.0
LockBit 2.0, unlike other Ransomware, spreads on its own. It confuses defence systems and hooks up with other Ransomware on other networks, for instance. It functions in this manner: The attacker infects a single host and sets it loose. As a result, it is embedded in a network and spreads its encrypting code across devices.…
Read MoreFake charity scams exploits Ukraine
With Russia’s invasion of Ukraine, charitable organizations are mobilizing for Ukraine and its citizens. But fake charity scams are exploiting our sympathy for Ukraine’s situation. According to the Wisconsin Department of Financial Intuitions (DFI), the scams are increasing. The department suggests consumers to some research before donating money to any charity. “Scammers see tragedies as a…
Read MoreBack to Ransomware basics
Ransomware is a form of online extortion targeting businesses and individuals. And as we move further into 2022, it is becoming more of a problem. Imagine you show up to work as the company CEO and find out that all your corporate data is unusable, for instance. Moreover, the data backups are now encrypted and…
Read MoreWhat is spoofing?
Spoofing is when a malicious person masquerades as someone or a well-known company to win your trust. The idea is to gain access to your computer or device. The goal is to steal your data, money, and spread malware. When it comes to spoofing, hackers will use fake emails and websites. Much like a phishing…
Read MoreYour email is being hacked
There are telltale signs your company email is being hacked. A rejected password The first sign your email is being hacked is you can’t sign in. If you notice your password is being repeatedly rejected, more than likely a hacker has changed it to block you out. Second, if you got into your email, it’s…
Read MoreRansomware attacks continue
Ransomware is a form of online extortion targeting businesses and individuals. And as we move further into 2022, it is becoming more of a problem. For instance, imagine you show up to work as the company CEO and find out that all your corporate data is unusable?. The data backups are now encrypted and useless. …
Read MoreCyber Security Today, Week in Review for Feb. 18, 2022
I’ll be joined by guest commentator Terry Cutler of Montreal’s Cyology Labs to discuss some of the news from the past seven days. Howard: We’re going to talk about a couple of other stories that I came across. Researchers at Crowdstrike issued their annual global threat report this week and among the findings: It took hackers an average…
Read MoreDark Web monitoring
Search and track your company information on the dark side Dark Web monitoring can help you find leaked or stolen company information on the Dark Web. For example, monitoring could lead to discovering old and new passwords, stolen log-ins, customer information, and credit card numbers. Ideally, it is a place to hide and lease ransomware…
Read MoreDefend against phishing attacks
“How can I prevent someone from hacking my company?” I am asked this question whenever I speak to business CEOs. My response? Ensure your workers never open their emails. Of course, that’s not possible. The answer is to train them to be your frontline prevention against cybercriminal’s phishing attacks. First, this would be the right…
Read MoreThe malicious hacking employee
Overly disgruntled employees turning to malicious hackers From the experienced human resources leader to the new employee, security awareness training will foster a defence culture that would protect the company against the unprecedented rising ransomware attacks and, now, the malicious employee! As I reported in January 2022 in Small to medium-sized business owners vulnerable to…
Read MoreAgriculture hackers attacking farmers
Hackers are increasingly targeting agriculture to manipulate data and shut down processing plants By Terry Cutler Technology in agriculture was a few milking machines and farmers hand-fed their animals. Wholesome is a word that comes to mind—Milk and eggs on the table, a family at work on the farm, are just some of the images…
Read MoreOne in every 99 emails is a phishing attack
Three billion phishing emails a day are sent to unsuspecting employees. One in every 99 emails are phishing attacks—those cleverly crafted fake emails targeting data designed to look like they come from trusted senders. Left alone, these emails mean nothing, but one click on a “sexy looking” link means everything to a hacker—they are in…
Read MoreThe Canadian Centre for Cyber Security warns to posture up for expected Russian Cyberattacks.
“Be ready for a Russian cyberattack,” the Canadian Centre for Cyber Security (CCCS) tells Canadian businesses and those responsible for Canada’s critical infrastructure. Reporting that these cyber threat activities are messages to prepare and be vigilant in the coming year. Last week’s warning comes as Russia deploys more military along the Ukraine border. This build-up…
Read MoreYour online sharing can lead to a cell phone port-out scam
A port-out scam—when scammers target your personal information to impersonate you and access your banking and other accounts linked to your phone—is a little-known scam that starts with you sharing personal information on any social media platform. Porting happens when you switch phone service providers, but you want to keep your existing number. Scammers who…
Read MoreSmall to medium-sized business owners vulnerable to ransomware
If you are a small business, you may not be concerned with cybersecurity—what would a hacker want with your company? Well, your thinking makes you an ideal target. You realize you’re a target when it is too late, and you’ve been a target. Your question becomes, “Maybe I should have taken my cybersecurity more seriously?…
Read MoreAre you the perfect ransomware Victim?
Suppose you’re a large, US-based business with at least $100 million in revenue, using the remote desktop protocol. A virtual private network (VPN), Active Directory credentials, Panels access or Remote Monitoring and Management, etc. In that case, you are the perfect ransomware victim—not someone in the healthcare or education sector, as one might expect. Compared…
Read MoreWhat is the zero-trust approach in cyber security?
Zero trust is the non-binding concept that every action a user or device takes is subject to some form of a policy decision, a verification of every attempt a client makes to access their information. Therefore, this means that no user or device has default access to your organization’s network. Trust no one. Trusted firewalls,…
Read MoreTop cyber security risks for 2022
It’s been a crazy year. Economic upheaval. A COVID-19 Pandemic that seems to have no end. Changes in laws and regulations. Digital disruption. Data security dangers. It sounds like a doomsday wish list! It may not be a wish list, but it is a list of risks. “Risk in Focus” – New Report Focuses on…
Read MoreThe Big Quit doesn’t mean you quit on your cybersecurity
It’s called the Great Resignation, but mostly it’s about low-wage workers switching to better jobs with higher wages. It is a COVID-19 popular term with implications for a company’s cybersecurity, directly correlating staff turnover/transitions and cyber incidents. Indeed, many of us have adopted home office setups or have decided to resign from existing posts to…
Read MoreUnforeseen levels of ransomware attacks predicted for 2022
With ransomware the top threat for businesses, I predict 2022 will be the year of astronomical numbers of ransomware attacks. They won’t be solely in sectors once the favourite of hackers—electrical grids, gas and oil systems, and life-saving hospital equipment—but in supply chains and low-level operators with connections to higher up the chain. In one…
Read MoreDeepFake technology becoming new ransomware
Deepfakes are designed images, audio, and video content using Artificial Intelligence (AI) and Machine Learning (ML) technologies to look like accurate content and spread misinformation and lead to ransomware. The scrupulous replaces the voice/image of a particular person’s speech to manipulate information. For instance, One goal of Deepfake is to confuse and spread disinformation campaigns…
Read MoreAssume the cost of multi-factor authentication or pay a high price
Cutting back on or not investing in multi-factor authentication (MFA) can go another way—the way of the hacker, the way of billions lost in profit, the way of lost reputation, and the way of bankruptcy. You’re sunk. MFA is a cybersecurity measure that requires users to provide multiple factors verifying their identity before getting into…
Read MoreAre you prepared to defend yourself against cyber attacks?
Canadian victims have recorded 235 known ransomware attacks in 2021. According to a Canada digital cybersecurity agency report, more than half hit electrical grids, oil and gas systems. Most ransomware attacks go unreported, warns the Communication Security Establishment’s (CSE) Canadian Centre for Cyber Security published in December 2021. Hackers use malware to infect individuals or…
Read MoreInsider threats to hacking your network
What if your company has trained your employees in cybersecurity? Is the network safe now? Your employees may be trained, and you are updating them as fresh forms of hacking are discovered. What if the latest attack was a deliberate attack from someone working in an office or a cubicle—an employee you trained? An employee…
Read MoreCyber insurance keeping you awake at night?
If you lie awake at night obsessing over your cyber security systems, you may have another obsession: Cyber insurance (CI). Will your policy cover a cyber attack? Will your policy cover different attacks? Or will it cover specific attacks and not others? However, CI coverage protects businesses from lawsuits after an attack on their systems.…
Read MorePhoney QR code scams on the rise
Consumers are at risk of having their credentials and other data stolen through Quick Response codes. An old technology that’s found a new use in the hands-free payment practises of the global pandemic. QR codes are machine-readable codes comprising black and white squares used for storing information to be read by a camera on a…
Read MoreBillions of data exposed through data breaches
Data breaches exposed 16 billion records, including credit cards, home addresses, phone numbers and other personal information in June 2020. That’s a 273% increase compared to Q1 2019, making the first quarter of 2020 the worst period in data breach history, with a reported 8 billion records exposed. Inga Goddijn, Executive Vice President, Risk-Based Security,…
Read MoreBrand reputation after a cyber attack
In cyber security language, a loss of a company’s brand and reputation is known as reputational risk. This risk we describe as a potential threat or a danger to the good name. Moreover, the confidence of its loyal customers and the historical standing of a company falls. Reputational risk is one of the five cyberattacks,…
Read MoreBecome a cyber security-minded employee
In today’s business world, employees are often the first contact for customers with questions about billing, updates and new purchases—they are also the ones holding the keys to the front door for hackers. Above all, Through a phishing scheme, eliciting from an unsuspecting employee a quick click on a link, and the door to your…
Read MoreWhy you need a cybersecurity strategy against ransomware?
Don’t wait until it’s too late Ransomware attacks on small to large businesses, threatens the integrity of their networks, the privacy of workers’ personal information, and protecting customer data, such as credit card, banking, and personal information. The general definition of ransomware is malware that employs encryption to hold a victim’s information at ransom. A…
Read MoreHow easy it is to get hacked
With today’s sophisticated cybersecurity protection strategies, it may seem a hack is less likely than ten to 20 years ago. As companies upgrade their systems to advanced levels of protection, so do the hackers. It takes a higher level of hacking skill to break into today’s systems, but today’s hackers have the skills. With today’s…
Read MoreThe fine-print scam
By Terry Cutler Do you read the fine print on any online agreement for, let’s say, premium access to a game such as Angry Birds or an amazing weight loss product? Not many do. It’s estimated that 20% of those entering a contract read the fine print. For the 80%, known as skim readers, who…
Read MoreA stolen laptop and a potential acquisition of a competitor: What to do in the perilous situation
Our vice-president had a laptop stolen from his car, loaded with details of the potential acquisition of a competitor. What should we do? Cyber nightmares can happen to the best of us, even security expert Terry Cutler. “Years ago, I went for a business dinner and left my computer in my truck,” he says. Cutler…
Read MoreAmazon, Apple continues to top list of impersonator scams
By Terry Cutler If Amazon or Apple has reached out to confirm a recent purchase, or offer a refund, or claim someone has hacked your account—you’re one click or phone call away from falling for a business impersonator scam. Other phony claims include an undelivered or lost package, or an unfulfilled order requiring more money.…
Read MoreWhy would anyone want to hack my business?
Because you didn’t get an audit beforehand and want to save your business from getting hacked By Terry Cutler You might not know this, but hackers have been lurking in your system for months, even years. When you finally discover their presence, it may already be too late. Or if you are one of the…
Read MoreYour best defense against phishing attacks
Employee training key to company cybersecurity and hacking By Terry Cutler “How can I prevent someone from hacking my company?” I am asked this question whenever I speak to business CEOs. My response? Ensure your workers never open their emails. Of course, that’s not possible. and the answer is to train them to be your…
Read MoreHow to avoid romance scams?
Why do we fall prey to romance scams? By Terry Cutler Online romance scams cost Canadians more than $18.5 million in 2020. According to a 2021 Canadian Anti Fraud Centre report, romance scams, where money is transferred from one person to the other was the number one fraud affecting Canadians during the COVID-19 pandemic, and…
Read MoreWhat is an ethical hacker?
How the “good guys” can help you improve cyber safety, expert tells COS how he hacks companies to ensure they become more secure Phishing, scamming and hacking may seem worlds away for many workers. The reality is that cyber criminality is essentially everywhere. “Most people think that they’re not a target because they’re too small…
Read MoreFacebook phishing scams target Indigenous artists’ business pages
Fake accounts are mimicking Indigenous businesses, trying to solicit banking information Ka’nhehsí:io Deer · CBC News · Posted: Mar 16, 2021 6:18 PM ET | Last Updated: March 17 Tara Kiwenzie was forced to take a break from beading barrettes over the weekend to warn her customers about a phishing scam she and other Indigenous artists and businesses have found themselves targeted…
Read MoreInvestment and audit key for security in 2021
Published: February 18th, 2021 By: Glenn Weir Companies hoping for a pullback in cybersecurity threats as the impact of pandemic eases in 2021 will surely be disappointed, says cybersecurity specialist Terry Cutler. In a recent interview, the CEO of Cyology Labs said he expects this year will see a continuation — and likely a worsening…
Read MoreCyber Security Today – Britain adds offensive cyber squad, bug found in GO SMS Pro, and updates for Cisco Webex Meetings, Chrome, and Firefox
Howard Solomon @howarditwcPublished: November 20th, 2020 Britain adds offensive cyber squad, a bug found in GO SMS Pro, and updates for Cisco Webex Meetings, Chrome and Firefox browsers Welcome to Cyber Security Today. It’s Friday November 20th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:…
Read MoreCyber Security Today Week In Review for Nov. 20, 2020
Howard Solomon @howarditwcPublished: November 20th, 2020 Welcome to Cyber Security today, the Week In Review edition. I’m Howard Solomon, contributing reporter on cybersecurity for IT World Canada. To hear the podcast click on the arrow below: With me as guest analyst is Terry Cutler, CEO of Cyology Labs in Montreal. But first, a roundup of…
Read MoreCyber Security Today – Warning for Asterisk phone system admins, U.S. tries to get a $1 billion criminal bitcoin account and beware of election-related malware
Howard Solomon @howarditwcPublished: November 6th, 2020 Warning for Asterisk phone system administrators, U.S. tries to get control over a $1 billion criminal bitcoin account and beware of election-related malware. Welcome to Cyber Security Today. It’s Friday November 6th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow…
Read MoreCyber Security Today Week In Review for Nov. 6, 2020
Howard Solomon @howarditwcPublished: November 6th, 2020 Welcome to Cyber Security Today. This is the Week In Review edition for Friday November 6th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below: With me this week to analyze the top news story is Terry Cutler, CEO of Cyology…
Read More