Knowlegde
How to solve the cybersecurity resources crisis
Resources have always been one of the major problems on cyber security, especially for the NGOs that lack of resources. This article shares four security management strategies that enable NGOs to strengthen the organisation’s cyber security despite the lack of resources. For details, please refer to the below link: https://gadget.co.za/how-to-solve-the-cybersecurity-resources-crisis/ ...
CISA Releases Free Detection Tool for Azure/M365 Environment
Cybersecurity and Infrastructure Security Agency (CISA) released a free detection tool on GitHub, which is used for detecting possible compromised accounts and applications in the Azure/Microsoft O365 environment. NGOs who are using the Azure/Microsoft O365 service can visit the below GitHub for getting more information: https://github.com/cisagov/Sparrow ...
‘Tis the Season for Nonprofit Cybersecurity Risks to Reach New Heights
Due to COVID-19 pandemic, more and more NGOs have transformed part of their services from offline to online; meanwhile, many NGOs will organise the donation activities during the year end, it also brings up the new cyber risks to organisations. This article introduces three security advisories for data protection; also ...
Enterprise VPN Security Guideline
The Enterprise VPN is a common technology to support remote working during global pandemic outbreak. However, adopting enterprise VPN without proper risk assessment and corresponding mitigation measures could lead to a security incident. It is common to find that cyber-attacks targeting enterprise VPN appliances, while sensitive information disclosure and reputation ...
Identity Theft Protection for Social Media and Instant Messaging Accounts
Social media and instant messaging software have become essential tools for our daily social interaction and communication. Therefore it is important to protect the user accounts of relevant software. In many cases, users have not changed or strengthened the security settings of the account after first registering the account and ...
Case Study on Bitcoin Scam Incident – A Combined Social Engineering and Privilege Escalation Attacks
On 15 July 2020, a total of 130 high-profile accounts in a major social networking platform were compromised by outside parties to set up a bitcoin scam. The attackers launched a sophisticated attack utilising multiple attack tactics. For a start, they used social engineering attack to steal the employees’ credentials ...
End-of-Support for Adobe Flash Player after 31 December 2020
Adobe had announced that Flash Player will no longer be supported after 31 December 2020, meaning the end of this life-long web content tool. Adobe has also stated that the Flash content will be blocked from running in Flash Player beginning from 12 January 2021, since no further updates or ...
New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
A computer with inadequate antivirus security is like a bank where all the doors are always open. Antivirus security is computer’s first line of defense against attacks. Keeping up-to-date version of antivirus software is important for NGOs. For details, please refer to the below link: https://thehackernews.com/2020/10/antivirus-software-vulnerabilities.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29 ...
Hacking Group Used Malware to Bypass 2FA (2 Factor Authentication) on Android Devices
Nowadays, use of mobile devices are common in NGOs. The importance for Mobile Device Management is keep on increasing. New security threats and issues regarding mobile devices are what NGOs concern about. For details, please refer to the below link: https://www.bankinfosecurity.com/hacking-group-used-malware-to-bypass-2fa-on-android-devices-a-15026 ...
ISO 27701 Paves the Way for a Strategic Approach to Privacy
Data privacy is always a hot topic for NGOs. The 2020 research report pointed out that 97% of companies will allocate more resources to comply with the privacy code, and the international certification body ISO has recently launched the ISO 27701 Privacy Information Management System (PIMS), its predecessor is ISO ...
