Cross-site forgery (CSRF) is a malicious technique designed to take advantage of unsuspecting users who are actively logged into web applications. Learn more about this threat to your data and how to safeguard against it.
Understanding open redirection vulnerabilities is key to detecting them and protecting your organization’s data. Without proper validation, attackers can redirect victims from trusted to malicious sites, or use forwards to access unauthorized pages.
Cybersecurity is a top priority for organizations. All it takes to infect a network or steal valuable data, is one wrong click by an employee. While employees seem to have good knowledge of basic cybersecurity practices, there are considerable security blind spots which leave the employee and organization vulnerable to breaches. Spanning helps to identify red flags and vulnerabilities in security awareness training for employees.
From hurricanes, errant employees, malware to even a rodent with an appetite for cables — the likelihood of an organization suffering data loss has never been greater. An organization’s best defense is to plan for business continuity and disaster recovery by using processes that guide organizations to possibly prevent and/or better manage an (unpredictable) disruptive event.
Phishing is a critical security issue that can trick even the most diligent, security-minded users. How do you protect your organization from being another phish in the sea? Let’s start by understanding how phishing works and then move on to practical pointers to avoiding biting the bait.
This October is the 15th annual National Cybersecurity Awareness Month (NCSAM), an initiative to raise awareness about the importance of cybersecurity that grows stronger by the year in significance and scope. This is no surprise given that breaches and malware attacks are getting more frequent, and they don’t discriminate against industry. A cross-section of companies from government, healthcare, finance and retail to nonprofits, car-sharing, and even the Port of San Diego have faced ransomware attacks.
At the beginning of 2018, the FBI and the Department of Education Inspector General revealed that hackers had tried to sell over 100 million private records from almost 100 schools and businesses as of the end of last year. 100 million records seems like a lot, but when you consider that more than 63 percent of organizations experienced an attempted ransomware attack in 2017, with 22 percent reporting these incidents occurred on a weekly basis, it’s easy to see how pervasive and far-reaching the threat of ransomware is.
On June 28 2018, California Governor Jerry Brown signed into law AB 375, the California Consumer Privacy Act (CCPA) of 2018. The statute, seen as one of the toughest privacy laws in the United States, will require companies to tell California residents what information is being collected and how it’s used. You have 18 months to get ready.
Ransomware attacks are increasing, getting more sophisticated and sparing no industry. In this blog we examine both sides of a ransomware attack — ways to prepare a solid defense (or offense) to prevent an attack and pointers to repair the damage if you do suffer an attack.