Two-factor authentication (2FA) is an extra layer of security used when logging into websites or apps. With 2FA, users have to log in with their username and password and provide a second form of authentication, such as a code generated by an application on their mobile device or a text message. This additional step makes...Read More
Three malicious Chrome extensions, posing as VPNs, were force-installed 1.5 million times, causing significant concern for users’ security. These extensions, netPlus (1 million installs), netSave, and netWin (500,000 installs), were found to be browser hijackers, cashback hack tools, and data stealers. The malicious extensions were spread via an installer hidden in pirated copies of popular...Read More
A browser extension is a small software application designed to enhance the functionality of a web browser. Monitoring the installed browser extensions is crucial for ensuring their secure use within your organization. Browsers typically allow users to install a variety of extensions, including user interface modifications, cookie management, ad blocking, and the custom scripting and...Read More
Receiving an unprompted one-time passcode (OTP) sent as an email or text should be a cause for concern as it likely means your credentials have been compromised. One of the initial components of a cyberattack is the theft of legitimate credentials to corporate networks for data theft, which can be stolen in phishing attacks, credential...Read More
In a recent surge of BazarCall attacks, cybercriminals have adopted a novel approach by utilizing Google Forms to generate and dispatch payment receipts to their unsuspecting victims. This innovative tactic is designed to enhance the perceived legitimacy of the phishing attempt, thereby increasing the likelihood of success. First identified in 2021, BazarCall is a phishing...Read More
A new solution has been introduced to address the essential third-party risk management for Software as a Service (SaaS). This solution aims to help organizations mitigate the risks associated with using SaaS providers, which often must be managed through compensating controls in the customer’s organization. Organizations using SaaS services often have less detailed risk information...Read More
The digital landscape is constantly changing, and it is important to regularly reassess how we protect web environments. While traditional antivirus solutions have their benefits, they are reactive in nature. This means that they are designed to respond to threats after they have already infiltrated a system. As a result, they may not be effective...Read More
Phishing attacks are evolving to become more sophisticated, as cybercriminals invest in new methods to deceive individuals into divulging sensitive information or installing malicious software. One of the recent trends in phishing involves the utilization of QR codes, CAPTCHAs, and steganography. These techniques are employed to carry out attacks and it is important to understand...Read More
When an employee at your organization forgets their password, it typically initiates a frustrating and time-consuming process. The employee usually needs to contact the IT department and wait for a response, leading to decreased work productivity, heightened anxiety, and potential jeopardy to deadlines. However, there are better ways to handle the password reset process, such...Read More
Scopus is an abstract and citation database used by researchers, academics, and institutions to track and analyze scientific literature. The database covers a wide range of disciplines, including science, technology, medicine, social sciences, and arts and humanities. Using Scopus, users can quickly assess the relevance and impact of a particular scientific article through the abstracts...Read More