Eric Hess, Author at Helical

Happy National Cybersecurity Awareness Month!

Happy national cybersecurity awarness month

For 17 years, October has been National Cybersecurity Awareness Month (NCSAM). The importance of deeming it awareness month is that, particularly for small to mid-sized businesses, it's difficult for enterprises to focus on cybersecurity awareness when there are so many other distractions. Unfortunately, times of turbulence have provided more opportunities for hackers and with it, the...

Ransomware Up 715% – Don’t Leave it to Chance

The threat of Ransomware is on the rise. Bitdefender’s 2020 Mid-Year Threat Landscape Report found that ransomware attacks in the first half of this year are up 715.08% compared to the first half of 2019! And it’s not just attack frequency on the rise. Attack costs are increasing as well. SafetyDetectives found that the average ransom per incident has nearly doubled since...

Cybersecurity Is a Top Risk To Businesses

According to a recent study by the World Economic Forum, Cybersecurity ranks among the top 3 Covid-19 related business risks. Cybersecurity is only behind the risk of a global recession and the surge of company bankruptcies and consolidations. As the workforce has been forced to adapt to employees working from home and dealing with increasing threats...

Is your company prepared for a phishing attack?

Cybercriminals are always looking for ways to exploit businesses and individuals. Phishing emails will attempt to appear as legitimate emails from known senders but, will be used to attempt to have a business or individual provide sensitive personal information or entice the user to click on a link that may contain malicious code. Recently, both...

A Cautionary Tale On Domain Hacking

Japanese cryptocurrency exchange Coincheck recently announced that hackers gained access to emails sent to the firm by its customers by changing its DNS records with its domain registrar. By doing this, the hackers were able to forward incoming emails to themselves. First off, all readers of this short piece should check whether their third party...

Scamming Tax Refunds and COVID-19 Relief: The Weaponization of Trash and Recycling

In a recent study, researchers have discovered an upward surge in threat activity designed to capture a wide range of payments and appropriations between taxpayers and the government, targeting tax refunds to COVID-19 appropriations. Some of these efforts trace back to accountants involved in tax preparation services that dispose of customer hard copy paperwork insecurely via...

Apple’s Security Mis-Steps

Because multimedia files need to be transferred to an operating system library to identify what needs to be done with it next, vulnerabilities in multimedia processing components can allow malicious code to be run remotely on the receiving device/OS without requiring any further action by a user. Google’s Project Zero discovered such a bug in Image...

Back To School With COVID Contact Tracing & Social Distancing for Kids

With most of the U.S. having been under some form of “Stay at Home” restrictions for over a month, many of us are grappling with the question of how to manage the transition back to the new normal. As many think about businesses, our school systems are becoming a more burning question. First, as...

Ransomware’s New Double Threat

The common ransomware attack pattern has traditionally involved threat actors holding access to data hostage in return for a ransomware payment. There is now an uptrend in a second layer of extortion…increasingly hackers are extracting large quantities of sensitive information (such as customer, financial and employee information) and threatening publication unless ransom demands are paid. To prove that they intend to execute on the threat, a small portion is leaked on the dark...

How To Fight COVID-19 Scammers From Your Computer

Since last December, over 136,000 new COVID-19 themed domains have been created. While many are legitimate or simply parking for future sale, others are clearly not. As reported in our last microblog, the FBI published an alert on April 1st warning of cyber actors stepping up their efforts against virtual environments…no doubt many such actors are leveraging newly...

Entries by Eric Hess