Tag Archive for: holiday

Protect Your Ad From Holiday Hackers With Better Password Hygiene

/in


Criminal hackers look eagerly toward the holidays because it’s a time for vacations, general absences, and fewer eyes on the organization’s passwords. There is a 30% increase in the average number of ransomware attacks over the holiday period compared to the monthly average.  Get ahead of hackers’ plans this season and throughout the new year with an updated password hygiene protocol.

8 ways to improve password hygiene now

1.      Reject weak and easily guessed passwords

Criminal hackers guess passwords using employees’ personal data on social media. Hackers notice when Sue, the database admin, shares frequent pics and videos of her favorite nephew, Kevin. They will try likely password variations such as Kev123, Kev456, and Kevin1! to log in to her account.

Employees create passwords using the first words, numbers, and special characters that come to mind. Cybercriminals use dictionary lists, lists of weak, typical, and stolen credentials, and clues from social media to guess their login data. Rules that reject these passwords by default give the organization an edge over hackers.

2.      Require long, more complex passwords

When the organization removes a weak password, it must replace it with a stronger one. The longer the password, the stronger it is, and the more time it takes for criminals to crack it. A 12-character password takes 62 trillion times longer to crack than a six-character password.

Complex passwords are more robust than simple ones. Using a combination of upper- and lower-case letters, numbers, and symbols in random order makes it difficult for hackers to brute force their way into company systems. Password policies mandating long, complex passwords keep hackers off an organization’s systems and networks.

3.     Ban password reuse

It’s easy for employees to remember a single password rather than many passwords. But when they reuse the same password, criminal hackers gain easy access to information in many places with only one credential.

Once hackers confirm a password, they’ll try it everywhere, including the organization’s most sensitive systems. Over 40 million Microsoft users were found to have reused passwords. Ban password reuse…

Source…

The SANS 2022 Holiday Hack Challenge, The Year’s Most Awaited Cybersecurity Tradition, Opens to Players of All Skill Levels

/in


Protect the North Pole from Threats and Earn Your Place on Santa’s Nice List – Then Join Santa at KringleCon, a Virtual Conference featuring Cybersecurity Experts

BETHESDA, Md., Dec. 8, 2022 /PRNewswire/ — The SANS Institute (SANS) has officially opened its 21st annual Holiday Hack Challenge! Participants can join Santa to save the holiday season from treachery by recovering five precious rings, each ring representing a different quest to defeat cybersecurity obstacles and change the course of the future. This free, hands-on cybersecurity challenge is open to all skill levels and ages, where players will have their skills tested by a holiday supervillain with the potential to win prizes ranging from cybersecurity goodies to the grand prize of a free SANS online training course.

John the SANS 2022 Holiday Hack Challenge

SANS 2022 Holiday Hack Challenge, The Year’s Most Awaited Cybersecurity Tradition, Opens to Players of All Skill Levels

“We are thrilled to present another year of the SANS Holiday Hack Challenge,” said Ed Skoudis, President of the SANS Technology Institute college and SANS Chief Holiday Officer. “We’ve been saving the holidays with the cybersecurity community since 2002, and this year, we hope even more players will join the fight in this playful way to advance critical skills and cyber capabilities across the globe.”

More than 17,000 players participated in 2021, and this year’s Holiday Hack Challenge is expected to reach even more cybersecurity professionals and students. The collaborative virtual game allows players to create customized avatars and join up with teammates, friends, and players worldwide in this one-of-a-kind shared virtual experience to explore the North Pole while advancing their cybersecurity skills across cloud security, forensics, offensive and defensive security, and more.

“Our cybersecurity elves narrowly saved the season last year, protecting Santa and the North Pole from danger, and we all thought the holidays would be safe for years to come,” said Mr. Skoudis. “We have discovered that evil still lurks across the icy terrain, so we must call on our cybersecurity community, from elementary students to seasoned professionals, to join us in this mission to save the…

Source…

Houston expert shares tips for navigating cybersecurity challenges amid the holiday season

/in


It’s a grinch’s cyber-playground, and this holiday season, you’re at risk — even if you think it won’t happen to you.

The good news is you can protect yourself from scams and fraud. Just remember that cybercriminals don’t discriminate, they can prey on anyone.

These statistics may surprise you:

  • Anxiety about having a mobile device hacked differs by demographic; low-income Black women rank mobile security as their number one concern, while the general population ranks mobile security as their third largest concern, according to a recent Recon Analytics survey of more than 3,297 U.S. consumers.
  • 44 percent of millennials have been victims of online crime in the last year and 31 percent admit they share their passwords with others.
  • Romance scams resulted in the most financial losses for adults aged 60 and over
  • Younger consumers took fewest actions after being notified of a data breach affecting their identity/online accounts in Q1 2022
  • Nearly 50 percent of American gamers have experienced a cyberattack on their gaming account or device
  • 47 percent of women who live in cities say their identities and/or data has been compromised in the past 6 months due to lack of home internet protections, compared with 53 percent of city men who say the same thing, according to a recent Recon Analytics survey.

People everywhere, regardless of gender, race, income level, education, or age, deserve to feel safe online. And yet, many aren’t aware how to protect themselves, don’t make it a priority, or wait to act until they are alerted to suspicious activity.

With words like malware, phishing, spoofing, and encryption, learning to protect yourself can feel like a college-level course. But it doesn’t have to be that complicated.

Top 5 ways to guard against cyberthreats

By following five simple steps, you can start to protect your network, devices and data from many digital threats.

  1. Understand cyberattacks are real. One of the first hacks was documented in 1963 and today, nearly 60 years later, hackers are attacking phones and computers every 39 seconds. Cyberattacks continue to grow in number every year.
  2. Be proactive. Don’t wait for an attack to happen. Monitor your accounts daily so you are…

Source…

Holiday shoppers beware: Ransomware can be just 1 click away

/in


(KXAN) — One wrong click is all it can take for a hacker to lock your files or account and demand money.

It happened to Austin business Tiny Pies’ Instagram last year.

“We got an email from someone. And we accidentally clicked on it — it looks legitimate. We clicked on it. And then it was a hacker, and they asked us to give them ransom, or they threatened to delete our account,” Amanda Wadsworth, co-founder of Tiny Pies, a small business in Austin told KXAN News.

Ransomware attackers can also threaten to reveal customers’ information on the dark web, and there’s a lot of that data right now.

“Organizations are managing about 10 times more data than they were even five years ago,” said Bobbie Stempfley, vice president and business unit security officer for Dell Technologies.

“It’s an astronomical amount of data,” she added.

She said there’s been an increase in attack attempts. In fact, she said businesses like Dell have to fend them daily.

“It’s an environment where, when you put in better protections, the threat actors work to find better ways to go work around those protections,” Stempfley said.

She said Dell is constantly doing training and simulations for employees throughout the year so they don’t fall for ransomware attacks like phishing — when hackers try to lure you via email to click on a fake link.

Holiday shoppers beware

Security company Tanium said attacks like these increase during the holiday shopping season, as hackers try to capitalize on the surge of people surfing the web for deals.

“You’re going to potentially want to look for people impersonating your brand, by stealing websites or sending out emails,” said Melissa Bischoping, Tanium endpoint security research director.

It’s not just companies that hold your data that need to watch out for attacks, Bischoping said. Shoppers should be aware, too.

“Be aware when you receive an email, maybe advertising a holiday sale. Check…

Source…