Knowlegde
Ransomware can penetrate quickly, significantly damaging an organization
A new ransomware victims report issued by Cloudian found that traditional ransomware defences are failing. 54% of victims having anti-phishing training and 49% having perimeter defences in place at the time of attack. And the financial costs of ransomware attack related are significant and rising, despite paying ransom, only 57% of respondents got all their ...
Organizations still rely on weak security for remote workers
A new survey showed almost 80% of IT security leaders believe that remote workers are at more risk for phishing attacks because they are isolated from organizations’ security team. Also some leaders think distraction work environment, working from multiple or personal devices, pressure to appear more productive and phishing attacks have become ...
Beware of Malicious or Vulnerable Third Party Dependencies
Rapid growth in third-party dependencies (including open-source libraries, packages and container images, etc.) has significantly changed the modern software development process. Most applications nowadays are built on a combination of in-house and external code. Public open-source repositories offer a place for developers to use, host and share software libraries, packages, container images, ...
VPN Attacks: A Rising Threat for Remote Work in the COVID-19 Era
In COVID-19 era, VPN become an important tool for the people to work from home. However, hackers are following the trend and switch their focus on VPN network vulnerabilities. In fact, attack against two major enterprise VPN system both had increased more than 1000% in the first quarter of 2021 ...
Phishing maintained near-record levels in the first quarter of 2021
The APWG (Anti-Phishing Working Group) has released a new Phishing Activity Trends Report saying that phishing maintained near-record levels in the first quarter of 2021, which the phishing websites are doubled from 2020. Article briefly describe the findings and other trends they saw in the report. NGOs should be careful ...
Shame culture is the biggest roadblock to increasing security posture
Nowadays, many of cybersecurity team’s culture made themselves as antagonists rather than allies to the other company staffs. They usually judge the company staff’s security awareness by having some assessment for them. This situation may be harmful for the company security. Security team in NGOs should try to change the ...
Ransomware Keep Evolving: Multiple Extortion
Ransomware attacks are currently causing extensive havoc worldwide, becoming one of the biggest cyber threats nowadays. More and more companies and organisations have been materially affected. According to a ransomware report, the average ransomware payment in 2021 Q1 was US$ 220,298, (HK$ 1.72 million), up 43% from 2020 Q4. HKCERT ...
Beware of Flash Phishing Attacks
In the first quarter of this year, HKCERT has processed over 300 phishing attack incidents per month on average, up about 30% from same period last year. Apart from the increase in cases, HKCERT has also noticed that hackers have been using new techniques, with some using fake domain names ...
Kaspersky: Exploits for MS Office Flaws Most Popular in Q1 2021
In Q1 2021, the vulnerabilities of Microsoft Office suite were the most popular target of hackers to exploit. Microsoft Office suite is popular and used in most of the organization. NGOs should keep to software updated in order to protect the network from cyber attack. For details, please visit the below link: ...
Watch out: These unsubscribe emails only lead to further spam
Researcher found that scammers user fake ‘unsubscribe’ spam emails, ask the receivers if they want to subscribe or unsubscribe their email, to confirm whether the email is valid, for their future phishing and spam campaigns. Staff of NGOs may receive this kind of scam email, which may possibly be a ...
