In recent years, password managers have become an indispensable asset for individuals and organisations, fortifying their IT infrastructure. However, while they deliver unparalleled convenience by securely storing and auto-populating login details and generating robust, unique passwords, they’re not without vulnerabilities.

For example, a Google advisory published this year highlighted a concerning flaw where several password managers could be deceived into auto-filling credentials on unauthorized sites. This scenario serves as a pressing reminder that risk often shadows convenience for companies and users alike. It’s crucial to understand these vulnerabilities and maintain constant vigilance, especially concerning website auto-fill features.

The dual edges of password managers

Password managers are sophisticated applications designed to store an extensive database of a user’s passwords, making the challenging task of remembering complex credentials a thing of the past. The primary key to this vault is a singular master password. Upon its input, users gain access to all their passwords within the manager.

Many of these utilities have automatic password generators, churning out complex credentials on demand. They offer the advantage of autofill capabilities, eliminating the manual chore of copying credentials – an advantage especially valuable for mobile device users.

However, given the potential vulnerabilities of the hosting servers, utilizing online password managers pose risks of their own. Hence, these tools considerably elevate security standards but don’t offer absolute invulnerability.

The pitfalls of automatic auto-filling

Though conceived for bolstering security, password managers auto-fill functionalities can inadvertently populate credentials into dubious or malicious websites.

Cybercriminals deceive these managers by skillfully manipulating website components or crafting persuasive phishing sites. This becomes a greater issue when users don’t put in their due diligence to ascertain the site’s authenticity and instead lean too heavily on the auto-fill feature. Such negligence could inadvertently hand over their credentials to adversaries, leading to potential account breaches.

Moreover, Google’s advisory in January unveiled that several password managers were susceptible to mistakenly auto-filling credentials on untrustworthy pages, posing a tangible risk of account breaches for users.

Specifically, Safari browsers, and extensions, such as Bitwarden and DashLane, were identified as potentially auto-filling login details within forms embedded in sandboxed iFrames. Fortunately, by the advisory’s release, these flaws had been addressed.

Understanding password managers

In light of these revelations, our security research team undertook comprehensive tests on prevalent browsers and password managers, evaluating their responses to same-origin and cross-origin iFrames, notably those unsandboxed.

Our observations highlighted Chrome and Firefox’s robust security stance – neither auto-filled credentials nor presented the option. Contrastingly, the Edge browser did auto-fill the username or email field, although it left the password field untouched.

For password managers, Passbolt and 1Password emerged as frontrunners in security, refraining from both auto-filling and offering the option to users. BitWarden and LastPass, whilst adopting a different approach, present users with a precautionary prompt when credentials may be forwarded to a divergent domain. This pivotal prompt allows users to auto-fill or decline, even in unsandboxed cross-origin iFrames.

Secure password management not only relies on users choosing strong passwords but also using due diligence when choosing a password manager and utilizing its functions. We strongly recommend users disable any auto-fill features and only manually trigger the feature when users are confident that the form presented is legitimate and should be filled.

Best practices for a robust password

Password security is paramount, not only for individual users but for the broader integrity of databases. While protective mechanisms can counteract some user lapses, individuals remain particularly vulnerable when employing weak passwords. So, what constitutes a robust password?

1. Incorporate alphanumeric characters: While recent studies suggest that simply adding upper and lowercase letters might not drastically enhance password strength, their inclusion, even marginally, can fortify defences. 

2. Embrace length: One of the most effective strategies is lengthening your password. Extended character sequences significantly challenge recovery attempts. Familiarise yourself with the latest methods advocating for comprehensive passwords. 

3. Integrate symbols: Current research underlines the effectiveness of symbols. Their inclusion proves more potent than switching between upper and lowercase letters. 

4. Prioritise unpredictability: Crafting unconventional passwords is key. Avoid the temptation of dictionary words or predictable sequences. Aim for originality, confounding potential intruders.

By adhering to these principles, users can significantly reduce their vulnerability in the digital sphere. Password management services require a two-way relationship. It’s important we don’t rely solely on this advanced technology and instead remain judicious and proactive in our online conduct. Despite being formidable allies in online security, they are not without their intricacies. Understanding the nuances and potential hazards linked to auto-fill features is central to user protection. We advocate for a more cautious stance – disable the automatic auto-fill function and opt for a manual trigger instead. Users should activate auto-fill exclusively when they are certain of the form’s authenticity.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar Pro

Ransomware casts a long shadow in today’s digital landscape, threatening businesses of all sizes with data paralysis, operational interruption, reputational damage and severe financial repercussions. The problem is particularly serious for mid-market organizations, with over half (57%) admitting they don’t regularly review and replace legacy systems, and a similar number (57%) failing to patch their systems regularly.

These security gaps create a wider attack surface and additional vulnerabilities that cybercriminals are eager to exploit. Thankfully, with a deeper understanding of ransomware and proactive cybersecurity measures, businesses can significantly bolster their defenses, and reduce the overall risk of data loss.

How does ransomware work?

Ransomware is a malicious software program designed to encrypt a victim’s critical data, essentially locking them out of their own files. Attackers will demand a ransom payment in exchange for the decryption key, creating a huge dilemma for businesses. Either pay the ransom, and risk emboldening cybercriminals, or lose access to essential data, halting operations, exposing customers to unnecessary risk and creating significant regulatory and financial headaches.

There are several methods that attackers may employ in an attempt to gain access to a victim’s network. Phishing, and the rise of spear-phishing, looks to target employees with emails containing suspicious attachments or links that, when clicked, can eventually download malware onto a device. It’s reported that 91% of all cyberattacks begin with a phishing email, and 32% of all successful breaches involve the use of phishing techniques. Exploiting known software vulnerabilities and abuse of trust attacks are additional methods employed by attackers to gain entry into business systems. In addition, ransomware operators will also look to identify your backup solutions and will either delete or encrypt these to ensure businesses cannot quickly recover and therefore avoid payment of the ransom.

The evolving threat landscape: New tactics and targets

The cybersecurity threat landscape is constantly evolving. In 2024, both businesses and individuals must be aware of novel and emerging threats, including the risks posed by new ransomware groups. Attracted by the lucrative nature of ransomware, these groups seek innovative ways to gain access to the systems that are crucial in maintaining day-to-day business operations . 

This lucrative nature can be exemplified by recent data which shows payments from ransomware victims exceeded $1bn last year – a record high. And that’s just for the cryptocurrency wallets forensics analysts were able to track. While authorities work together to take down the most prolific groups (such as the recent takedown of LockBit), these victories are often temporary, with new operators quickly filling the void.

Furthermore, attackers are shifting tactics. While data encryption remains a common method, some ransomware variants now steal data and threaten to expose it on the dark web, creating a double extortion threat. Malicious QR codes, a new variant called “Quishing,” are emerging as another potential entry point. Due to shifting tactics, user vigilance is paramount.

The focus is also shifting towards smaller businesses. BlackCat and Lockbit are two ransomware groups specifically targeting SMBs, particularly in growing economies. SMBs often lack the dedicated resources for robust cybersecurity, making them more vulnerable.

Building a fortified defense: Strategies for businesses of all sizes

While there’s no foolproof way to prevent ransomware attacks entirely, businesses can take proactive steps to significantly reduce their risk and limit the impact if an attack occurs. Cloud security solutions can be a powerful ally in this fight.

Building a strong defense against ransomware requires a layered approach. The cornerstone of this defense is a robust backup strategy. Regularly backing up critical data to a secure, offsite location, ideally managed by security professionals in the cloud, provides a safety net in case of an attack. Cloud backups are geographically separate from on-premise infrastructure, offering an extra layer of protection against ransomware targeting local systems. However, backups are only useful if they function correctly. Regular testing and training your team on the restoration process ensures a swift recovery if a ransomware attack disrupts your operations.

Beyond backups, minimizing your attack surface is crucial. This involves security hygiene practices that reduce potential entry points for attackers. Educating employees through regular security awareness training equips them to identify phishing attempts, a common tactic used to deploy ransomware. IBM’s ‘Cost of a Data Breach’ report, suggests that employee training is a particularly effective mitigator against data breaches saving organizations at least $232,867 per attack.

Regularly reviewing and tightening access controls for applications, networks, systems, and data helps minimize potential damage. The principle of least privilege should be followed, granting users only the access they need for their job functions. Taking advantage of built-in security features on devices and operating systems, such as firewalls, malware detection, and automatic updates, further strengthens your defenses. Reputable cybersecurity resources can provide easily digestible, jargon free guidance on establishing best practices for different systems. By implementing these measures, businesses can significantly reduce their vulnerability to ransomware attacks.

Cloud’s role in the fight against ransomware

Cloud security services provide additional layers of defense against ransomware. These services can continuously monitor your network activity for suspicious behavior, acting as a vigilant guard that utilizes the power of cloud infrastructure to identify and block potential threats before they can cause damage. Furthermore, cloud providers typically encrypt your data both at rest and in transit, adding an extra shield against unauthorized access. Disaster recovery services offered by cloud providers can also ensure business continuity by minimizing downtime in the event of an attack. Finally, segmenting your network using zero trust principles acts as a series of walls within your digital castle, containing a ransomware attack to the specific compromised segment and preventing it from spreading throughout your entire network.

By understanding how these attacks work and adopting a proactive approach, you can significantly bolster your defences. Regular backups, preferably stored securely in the cloud, are the cornerstone of any ransomware defence strategy. Cloud solutions offer additional benefits like continuous monitoring, data encryption, and disaster recovery capabilities.

However, defense goes beyond technology. Implementing security hygiene practices like employee training and strong access controls significantly reduces your attack surface. Leveraging built-in security features and multi-factor authentication further strengthens your posture. Remember, ransomware is constantly evolving, so staying informed about the latest threats and updating your defenses regularly is crucial. By taking these simple steps, you can transform your business from a vulnerable target and be prepared for and mitigate against ransomware attacks.

Get in touch with one of our experts today and ensure that your business stands resilient in the face of cyberthreats.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar.com SOURCE

It’s no secret that cybersecurity has become a necessity for small businesses. As the threat landscape continues to evolve, grasping the fundamentals of cybersecurity is not only crucial for safeguarding your operations, but also for keeping your business from becoming a gateway to more widespread attacks. Knowledge is the key, and with the right cybersecurity training, you can arm yourself with the necessary tools to protect your business from cyberthreats.

In this comprehensive guide, we will walk through the most critical cybersecurity training topics small-business owners like you need to master. These training areas are not only crucial for protecting your digital footprint but also for meeting compliance standards that may be required in your industry. Let’s dive in and learn how you can protect your business from digital threats.

Passwords: The first line of defense

Passwords are often the first line of defense against cyberattacks. However, many small-business owners underestimate the importance of creating robust passwords for their accounts. It is crucial to educate yourself and your employees about password best practices, such as:

Creating strong and unique passwords
Passwords should be complex, using a combination of upper- and lowercase letters, numbers, and special characters. Avoid using easy-to-guess information, such as birthdays or pet names.

You need a mix of techniques to form a password that is virtually impossible to crack. One such method is creating an acronym for a memorable phrase and substituting numbers or special characters for letters.

Implementing password management tools
With so many online accounts and passwords to remember, it’s easy to fall into the trap of reusing the same password. To prevent this, consider using a password management tool that securely stores all your passwords in one place. These tools generate strong and unique passwords for you and can even automatically log you in to your accounts without you having to type out the password.

Email: A common entry point for cyberattacks

Emails are the heart of business communications, which is why they are also a prime target for cybercriminals. Here are some essential training topics to secure your business’s email communications.

Spotting phishing emails
Phishing emails are fraudulent emails designed to trick you into revealing sensitive information, such as passwords or credit card numbers. They can be challenging to recognize, as they often appear to come from a legitimate source. Train your team to identify common signs of phishing, such as suspicious sender addresses and requests for sensitive information.

You can also conduct simulated phishing training, where you send fake phishing emails to your team to see how they respond. This can be a powerful way to highlight areas for improvement without the risks of an actual attack.

Creating email policies
Establishing email policies is crucial for ensuring secure and professional communication within your company. These policies should cover topics such as proper password protection, encryption of sensitive information, and guidelines for handling suspicious emails.

Social media: A gold mine for identity thieves

Social media is a treasure trove for hackers. It provides them with personal information that can be used for identity theft or targeted attacks. Understanding how to manage your social media accounts and the risks involved is essential for keeping your business safe.

Limiting personal information on public profiles
Encourage your employees to limit the personal information they share on their social media profiles. This includes details such as birthdates, home addresses, and phone numbers. Hackers can use this information to impersonate employees or even steal their identities.
As for your business’s social media accounts, avoid posting sensitive information such as financial details or employee personal information.

Monitoring social media for suspicious activity
Train your employees to keep an eye out for suspicious activity on social media. This could include fake accounts impersonating the company or employees, unusual posts or comments, or links to malicious websites. Reporting these incidents immediately can prevent potential cyberattacks.

Protecting company data: A core business responsibility

Protecting your company’s data is not only essential for cybersecurity but also for maintaining the trust of your clients. Here are some training topics that will help you establish secure data protection practices within your organization.

Data backup and recovery
Regularly backing up important data is crucial in case of a cyberattack or system failure. Ensure your employees understand the importance of backing up their work and how to do it properly. Additionally, having a recovery plan in place can minimize downtime and losses in case of an attack.

Secure file sharing and storage
With remote and hybrid work becoming the norm, secure file sharing and storage practices are more critical than ever. Train your employees on how to use cloud-based services or virtual private networks (VPNs) for secure access to company files. Ensure they understand the risks of using personal devices or unsecured networks.

Physical security
Don’t overlook physical security when it comes to protecting your company’s data. Educate employees on the importance of securing laptops, phones, and other devices that contain sensitive information. Also, establish protocols for securely disposing of old devices to prevent any data breaches.

Encourage a culture of security awareness within your company, stay informed on the latest cybersecurity developments, and always be ready to adapt to new threats. By investing in cybersecurity training, you are not only protecting your business but also contributing to a safer online environment for all.

Contact our team of experts to learn more about developing a comprehensive cybersecurity training program for your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Between infostealers, ransomware, and BEC attacks, SMBs are having a hard time remaining secure

Information-stealing malware, ransomware, and business email compromise (BEC), remain the three biggest cyber-threats small and medium-sized businesses (SMB) are facing, a new report from Sophos has warned.

The company claims almost half of all malware detected on SMB endpoints last year were either keyloggers, spyware, or infostealers – all malicious programs used to steal sensitive data and login credentials. 

For the researchers, this makes sense as the abuse of legitimate accounts is more difficult to spot, while opening the doors to many more criminal opportunities.

Ransomware and BEC

“The value of ‘data,’ as currency has increased exponentially among cybercriminals, and this is particularly true for SMBs, which tend to use one service or software application, per function, for their entire operation,” says Christpher Budd, director of Sophos X-Ops.

“For example, let’s say attackers deploy an infostealer on their target’s network to steal credentials and then get hold of the password for the company’s accounting software. Attackers could then gain access to the targeted company’s financials and have the ability to funnel funds into their own accounts.” 

Infostealers may be the most wide-spread threats, but ransomware remains the biggest. Fortunately for SMBs, the number of ransomware attacks “stabilized”, Sophos said, suggesting that growth slowed down. At the same time, ransomware attacks continue to evolve. Between 2022 and 2023, the number of remote encryption attacks rose by almost two-thirds (62%). Remote encryption happens when threat actors use an unmanaged device belonging to the victim organization, to encrypt files on other systems.

BEC attacks are the second-highest type of attack, right after ransomware, Sophos concluded. The attackers engaged in BEC are growing increasingly sophisticated, and often engage in a series of conversational emails with their victims, and sometimes even phone calls, before deciding to strike.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

While all types of fraud pose serious challenges, identity fraud is one of the most potent, and consumers must take extra care to detect and avoid it. People need to educate themselves on protecting their personal information, but many might feel they don’t know where to begin. Five main steps can be taken to guard against identity fraud and stop fraudsters and scammers from obtaining personal information or accessing accounts.

Beware of phishing

Phishing emails are a vital tactic for scammers and have developed beyond the clumsy, poorly written-efforts of the past. However, many still contain tell-tale signs of a scam, such as lousy formatting and unofficial email addresses. Phishing emails are designed to convince consumers to click on a malicious link, so consumers should avoid following links they do not recognize. Pay extra attention to an email that calls for immediate action, such as requiring payment to keep your energy on; scammers know that consumers are more likely to make a mistake if there’s urgency.

The best way to root out the fakes is to independently check the information by logging into personal accounts on the company website—companies will often post a warning on their website if they are aware of the scam email. Smishing, where phishing is conducted via a text message, isn’t a new threat but has evolved during the COVID-19 pandemic and represents another avenue where consumers need to be hyper-vigilant.

Activate two-factor authentication

Many online accounts offer two-factor authentication, which can help to prevent online account takeover. Text messaging is the most popular second factor, but this is also vulnerable to takeover, so individuals should choose an alternative factor if one is available.

Sign up for activity alerts from financial institutions

Signing up for activity alerts with bank or credit card companies can alert consumers to any suspicious activity associated with their accounts. People are notified straight away, and this can prevent any further fraudulent charges or withdrawals. Do not delay reporting suspected fraud to your bank, and ask about the possibility of closing the account in question.

Set up identity and credit monitoring

Individuals can sign up for an identity and credit monitoring service that will warn them if their data is at risk. Due to personal information being traded on the dark web, monitoring services focus on places where data is known to be bought and sold and will send alerts if personal data is identified. Credit monitoring services will notify individuals of any changes to their credit profile, such as new trade lines or hard credit inquiries. If individuals suspect fraudulent use of their information, a professional can assess the extent of the fraud and assist with identity restoration.

Follow password security best practices

There is a lot of advice available on how to create strong, unique passwords for every account. However, with the average person having 70-80 accounts, it can be difficult to remember them all, leading many people to reuse passwords. Installing a password manager can help you generate and store passwords for all your accounts on your devices. Although using common passwords like “QWERTY” or your pet’s name is not safe, it can suggest a nearly impossible alternative to guess.

The most important thing to remember is that there is no single solution to ensure complete protection against identity theft. The best thing you can do is to stay vigilant and use caution. By adopting the layers of security discussed above, you can give yourself the highest level of protection against a threat that is certain to become increasingly dangerous in the future.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Security is a top priority for many businesses, but the speed at which the cybersecurity landscape is evolving and the increasing sophistication of cyberattacks means a detailed understanding of where some of the biggest risks are coming from is limited amongst many CISOs and IT managers.

By 2025, the cost of cybercrime for businesses is predicted to reach $10.5 trillion, up from $8 trillion in 2023. Despite this trend, many businesses are overlooking and neglecting high-risk areas such as print security, inadvertently leaving them subject to attacks.

In fact, according to research from Quocirca, printed documents represent nearly one third (27%) of IT security incidents, yet print security is low on the agenda when compared to other elements of the technology stack like cloud, email, and public networks.

Despite this fact, 61% of organizations have experienced data losses due to unsecure printing practices over the past year. At a time where cyberattacks are on the rise, and will become increasingly common, it is critical that businesses do not overlook the importance of securing the print environment as a crucial building block for a robust security infrastructure.

The impact of hybrid working

To address the evolving security challenges posed by people working both in the office and remotely, businesses need to implement additional measures to safeguard their networks and the sensitive information that travels on them.

When everyone worked in the office full-time, organizations heavily relied on traditional security measures to protect their documents, including office security, traditional password encryption, network security and firewalls. In fact, recent research from Quocirca found that 39% of organizations are finding it harder and harder to keep up with print security demands as the workplace has evolved into the hybrid spaces they are today.2

The combination of remote and office working has increased the use of personal and mobile devices, which are not protected by the organization’s robust security infrastructure. This leaves private end-user devices susceptible to breaches when working away from the office. As a result, security leaders are forced to reassess their cybersecurity strategies to specifically address document protection in this new landscape.

This is highlighted in a recent report from IDC, which shows that 43% of respondents cite security vulnerabilities and the ability to ensure that at-home print devices are compliant with corporate governance and security policies as a top challenge. With employees printing documents from their own homes and personal devices, the risks of potential data breaches and unauthorized access have significantly increased.

This paradigm shift in work dynamics calls for a more robust approach to print security. Organisations must adapt to the reality that sensitive documents may be accessed and printed on various remote devices that do not have the same level of protection as the wider business network. Consequently, security leaders are now tasked with reimagining their strategies, implementing measures to secure documents at every stage of their lifecycle, whether printed or electronic, and regardless of the device used or where it is located.

Robust security measures are the key for hybrid workplace safety

It’s imperative for organizations that don’t currently have robust measures in place to safeguard their documents sooner rather than later. Third-party providers can play a significant role in enhancing secure practices around remote printing devices. While many organizations already invest in third party services, only 32% are satisfied with their security offerings. As such, it is crucial for organizations to work with vendors that prioritize security from the ground up, ensuring it is implemented at every stage of the printing process.

Businesses should aim for services that offer a comprehensive, 360-degree approach to security, covering devices, software, networks, and cloud-based services. Many lean on third-party vendors that specialize in secure information management, to help ensure that sensitive documents are protected throughout their lifecycle, from storage and transmission to printing and disposal.

Leveraging external expertise can help strengthen organizational print security measures, promote a holistic approach to print security, and ensure a culture of secure practices is in place. In doing so, businesses can mitigate cyber-attacks by safeguarding the confidentiality and integrity of their printed materials, particularly when using remote end-devices.

Prioritizing print security for your business

It goes without saying that the safe moving and sharing of documents must be a crucial part of workplace security. Implementing robust measures to safeguard sensitive documents is essential to mitigate potential risks and vulnerabilities. This includes adopting a comprehensive approach that covers devices, software, networks, and cloud-based services.

By recognizing the importance of securing the print environment and implementing a proactive strategy, businesses can adopt a holistic 360-degree approach to print security and mitigate the risks of cyber-attacks from the ground up.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Cybercriminals are relentless in coming up with new ways to steal our personal information and financial data. That’s why it’s more important than ever to take steps to protect ourselves online, and these steps include visiting websites that use HTTPS.

What is HTTPS?

When you visit a website, you may see a padlock icon in the address bar. This icon indicates that the website is using Hypertext Transfer Protocol Secure (HTTPS), which is a secure communications protocol that encrypts all data transmitted between your browser and the website.

Without HTTPS, all the data you enter or click on is sent in plain text. This means that anyone who intercepts the traffic between your browser and the website can see everything you do, including the information you enter on the website.

HTTPS also verifies the identity of the website you are visiting, protecting you from cyberattacks involving spoofed versions of legitimate websites that are designed to steal your information.

Compared to the standard HTTP, HTTPS offers a higher level of security, making it essential for online banking, eCommerce, and any other website that handles sensitive data.

How do HTTPS certificates work?

When you go to a website, your device uses an internet directory (i.e., DNS server) to convert the website’s name into a number (i.e., its IP address). This number is saved in a cache so that your device doesn’t have to look it up again every time you visit the website. However, if your computer gets compromised while using an HTTP connection, an attacker can change the directory so that you are redirected to a malicious website, even if you type in the correct address. Victims are usually redirected to spoofed versions of legitimate websites, where they are tricked into entering their sensitive information, such as their login credentials.

To prevent this, internet directories issue HTTPS certificates that transform HTTP into HTTPS. This makes it impossible for anyone to redirect you to a fraudulent website. HTTPS certificates include data about the website, such as its domain name, company name, and location. They also contain a public key for encrypting communication between your browser and the website.

More ways to stay safe online

Here are a few tips for staying safe online, whether you’re just browsing or doing work-related tasks:

  • Think twice before clicking on a website flagged as “unsafe” by your browser. Proceed only if you are sure that no confidential data will be transmitted.
  • Use trusted web browser extensions, such as HTTPS Everywhere, to encrypt your communication, especially when visiting unencrypted websites.
  • Don’t go to websites that don’t use the HTTPS prefix.
  • Be vigilant. Even if a website has HTTPS, it doesn’t automatically mean it’s safe. For example, amaz0n.com (with the “o” replaced with a 0) could have a certificate, but the misspelling suggests that it’s an untrustworthy site. Cybercriminals use similar spellings of real websites to trick victims into believing they’re on a secure site.

While HTTPS is not a silver bullet for online security, it is an essential measure for protecting yourself online. Reach out to us today to learn more about HTTPS and other cybersecurity best practices.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory SOURCE

Adobe has issued a urgent warning to users of its Acrobat and Acrobat Reader PDF editors following the discovery of a zero-day vulnerability of critical severity.

The software company has released a security update for Windows and macOS users, urging them to apply the patch as soon as possible in order to reduce the risk of an attack.

In a statement, the firm said: “Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader.”

Adobe Acrobat and Reader patch

Details about the vulnerability remain scarce given the fresh nature of the discovery, however the software maker did confirm that: “Successful exploitation could lead to arbitrary code execution.”

Acrobat DC and Acrobat Reader DC versions 23.003.20284 and earlier have been confirmed to be affected, as have 2020 versions of both software running build 20.005.30516 and earlier for macOS and 20.005.30514 and earlier for Windows.

Adobe’s latest software updates for its PDF programs, which became available on September 12, address a series of security issues. They also introduce some feature changes and enhancements, including the ability to reposition quick tools, new undo and redo options in the top menu bar, drag-and-drop support for combining files, and more.

The San Jose-based company also issued further updates across its range of products, including Adobe Connect and Adobe Experience Manager software, which allowed attackers to gain arbitrary code execution on unpatched devices.

The discovery of vulnerabilities in Adobe’s software is not ideal, but nor is it alarming. Companies release security fixes for their software on a regular basis in order to iron out vulnerabilities and protect users, and the fact that the company responded with speed is admirable.

Adobe or not, anybody using any digital service should keep an eye on software and firmware updates that become available, installing them as soon as possible.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Phishing is still by far the most popular attack vector out there. Not only that, but its popularity among the cybercriminal community is growing by the day.

This is according to “Phishing threats report”, a new paper just published by Cloudflare. After analyzing more than 279 million detected email threats, 250 million malicious messages, and more than a billion of brand impersonations, Cloudflare found that phishing is the initial attack vector for nine in ten cyberattacks.

As a result, businesses lose more than $50 billion every year.

Two key objectives

When it comes to phishing, cybercriminals are focused on two objectives: to achieve authenticity, and to get victims to click. The goal to achieve authenticity was underscored by the uptick in identity deception threats, which saw an increase from 10.3% to 14.2% year-on-year. That equals 39.6 million total detections.

Furthermore, Cloudflare’s researchers witnessed attackers impersonating over 1,000 different organizations, in more than a billion brand spoofing attempts. Most of the time (63.3%), the attackers tried to ape the same brands. The researchers identified the top 30 most popular brands, which included big names like Microsoft, Google, and Salesforce (all highly trusted organizations). 

Finally, almost all (89%) unwanted messages squeezed through SPF, DKIM, or DMARC authentication checks. “Attackers’ efforts to achieve legitimacy in the eyes of their victims have proven successful, as we have seen email authentication failing to stop threats,” the researchers concluded.

When it comes to the second goal, Cloudflare says users are more susceptible to the click “as an authentic form of communications.” Apparently, hackers know it’s easier for victims to click a link, rather than download a file. Hence, malicious links were the number one threat category, taking up more than a third (35.6%) of all detected threats. 

In almost all phishing attacks, the email will have a sense of urgency to it, forcing victims to react before taking the time to think their actions through. Given that most firms will not require urgent action in the majority of cases, a company asking for something to be done immediately can be considered a red flag.

Cybersecurity is an ongoing process, and staying informed about the latest threats and solutions is essential to keep your business safe in the digital age. Protect your assets, safeguard your customers, and maintain your reputation by talking to our cybersecurity experts today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Data loss can lead to financial loss, reputational damage, and legal complications. Therefore, it’s crucial for companies to implement effective strategies to prevent data loss and ensure the safety and integrity of their valuable information. Here are some tips and best practices that businesses can follow to minimize the risk of data loss.

Back up your data regularly

Having robust backup and recovery systems is crucial for data disaster protection. Regularly back up your critical business data to secure off-site locations, such as cloud storage or remote servers. Ensure that backups are automated, encrypted, and regularly tested to guarantee their integrity and accessibility during emergencies.

Implement strong cybersecurity measures

Among the strong cybersecurity measures you should deploy are strong passwords and multifactor authentication for all of your business’s systems. You should also install reliable antivirus and anti-malware software, and regularly scan your network for vulnerabilities.

Physical security and redundancy

Safeguard your physical infrastructure by putting in place measures to prevent or mitigate damage from natural disasters or accidents. This includes installing fire suppression systems and backup power generators, and keeping backups in secure off-site data centers. Redundancy in network infrastructure and data storage helps ensure business continuity even in the face of hardware failures or physical damage to your infrastructure.

Train your employees

One of the most common causes of data loss is human error. This is why you should invest in comprehensive training programs to educate your employees on data protection best practices, including proper handling of sensitive information, recognizing potential threats, and reporting incidents promptly. Conducting training regularly will encourage a culture of cybersecurity awareness, which is key to defending against current and emerging threats.

Create an incident response and business continuity plan

Develop a comprehensive incident response plan that outlines the steps to be taken in case of a data loss incident. Define roles and responsibilities, establish communication channels, and conduct regular drills to ensure readiness.

Additionally, you should create a business continuity plan to minimize downtime and mitigate the impact on your operations. This plan should include procedures for restoring critical systems, prioritizing essential functions, and communicating with stakeholders during a crisis. Review and revise your disaster recovery plans periodically to account for changes in your business environment or technology infrastructure.

Perform regular audits and updates

Conduct regular audits of your data protection measures to identify vulnerabilities and areas for improvement. Also, make sure to roll out the latest security and software patches as soon as they become available to ensure that your systems are fortified against emerging threats.

Use data encryption and access controls

Implement strong data encryption protocols to safeguard sensitive information both in transit and at rest, as well as access controls and user permissions to restrict access to your data and systems.

Conduct third-party risk management:

If your business relies on third-party vendors or service providers, ensure they have robust data protection measures in place. Contractual agreements must be clearly established so both parties understand their obligations when it comes to data protection. You should also regularly assess and monitor your vendors’ compliance with security standards to mitigate any potential risks they may pose to your business.

By prioritizing data loss prevention, businesses can safeguard their operations, maintain customer trust, and mitigate the potentially devastating consequences of data breaches. If you need a reliable data protection solution for your business, call our experts today.