Getting teams to improve security can be hard work, but it’s an important job that organisations must take seriously to protect an increasingly risky world. For this post, I wanted to explore some ways that an organisation or individual might start building a new security “habit” so that, in time, acting securely becomes automatic.
Now that the ongoing worldwide trend toward “going digital” has been accelerated by COVID-19, taking extra precautions to protect your organization’s data, communications and information assets is more important than ever. Of course, there are many traditional and emerging ways to protect and secure your business.
Despite what many advertisements and salespeople would like you to think, you don’t need to (and in many cases shouldn’t) spend a fortune on security tools to achieve a robust cybersecurity program. Some tools are essential, such as a ticketing tool or Security Information and Event Management (SIEM) system, but the best security programs are built off the employees that run the business.
Recently, Europeans were hit by an influx of SMS texts claiming to be package delivery notifications. It turns out these messages were orchestrated by threat actors seeking to distribute malicious apps laced with the banking trojan FluBot, also known as Cabassous. Once the victims download the malware, the app can intercept SMS messages, steal contact information and display screen overlays to trick users into handing over their credentials.
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.
