Ignoring Software Updates…

Uploaded on 2017-06-02 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Ignoring Software Updates… Means making 5 basic security mistakes…

Cyber-crime has quickly become a major problem for businesses, governments and citizens everywher. While awareness of this multifaceted threat is increasing, we’re still making the same blunders when it comes to cybersecurity.

Here are a few security mistakes to be aware of: 

Email: This ruse is nothing new. Social engineering tactics are as old as the day is long, yet people keep falling for them. Today, phishing via email has become incredibly common-place.Although criminals are improving the ‘quality’ of these emails, with some targeted emails, known as spear phishing, looking incredibly authentic most do not (telltale signs include poor spelling, random email address and far-fetched claims that you’ve won millions).

Keep yourself safe by carefully checking the recipient, the request, and use some common sense, search via Google rather than using the enclosed website address. Also, be cautious of attachments, as they may be malware-infected. It’s important to check file extensions and to only open files deemed safe and from legitimate sources.
Social media has become the go-to-market for cybercriminals eager to compromise people. It’s no surprise, as many users still fail to adequately look after their networks (for example, a 2016 survey showed that 58% of people do not know how to update their privacy settings).

As with emails, always check the authenticity of the sender (do they look credible?), the message and the link (which will likely be shortened). Beware trending hashtags too, as many attackers are now using these to catch out unsuspecting Twitter and Facebook users trying to catch up with the latest breaking news.
Attitude: It won’t happen to me

Forget technology for a second, culture is arguably the biggest issue with security right now, and this has been the case for 20 years. CEOs think they won’t be targeted and citizens think much the same (i.e. it won’t happen to me).

This complacency is misguided, as everyone is a target and a potential victim. Accordingly, this attitude can often result in poor security habits, with individuals and organizations treating, for example, password and Wi-Fi security not as seriously as they should.

This is despite the fact that good cyber-security can be achieved relatively easily, through good password hygiene, regular software updates, anti-virus and even password managers, VPNs and secure encrypted messaging apps.
Generic, guessable passwords can be easily cracked, and they can open a can of worms if you use the same password across several accounts. Brute-forcing passwords is increasing fast and easy for criminals today equipped with either huge computing power, or access to buy such expertise on the dark web.

Weak passwords, such as 123456; password; 12345678; and qwerty remain commonplace, with many people failing to see how this ‘low-hanging fruit’ is an entry point for cybercriminals. According to Forrester, 80% of all attacks involve a weak or stolen password.

Fortunately, some web providers now forcing you to generate random passwords, or create complex ones. You may want to consider a password manager, as well as passphrases.

Software updates: A lack of
Whether on desktop, laptop or mobile, there’s always another software update for an app, our operating system or security solution. Interestingly, the constant pop-ups irritate us, with many people failing to understand just how important they are.

If we fail to update, we’re effectively leaving our software and devices vulnerable to attack, as cyber-criminals look to exploit out-of-date flaws. Configuring automatic updates from trusted providers can make sure these are installed regularly.

WeLiveSecurity

You Might Also Read: 

What Every CISO Needs To Know:

WannaCry Outbreak Is Just A Tip Of An Iceberg:

WannaCry Also Hit Windows 7 Systems:

Directors Report: Cyber Security Checklist For Management (£):

 

« Eight Steps To The GDPR Countdown
Snowden: NSA Should Have Prevented WannaCry Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

Saviynt

Saviynt

Saviynt is a leading provider of Cloud Security and Identity Governance solutions.

Syskode Technologies

Syskode Technologies

Sykode Technologies is a next-generation global technology company offering an integrated portfolio of advisory services, products and solutions in areas including AI, IoT and Cyber Security.

Risk Based Security (RBS)

Risk Based Security (RBS)

Risk Based Security provide the most comprehensive and timely vulnerability intelligence, breach data and risk ratings.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

TAV Technologies

TAV Technologies

TAV Technologies is a provider of technology services to the aviation industry in areas including airport infrastructure systems, digital transformation and cybersecurity.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Network Contagion Research Institute (NCRI)

Network Contagion Research Institute (NCRI)

NCRI provides pioneering technology, research, and analysis to identify and forecast cyber-social threats targeting individuals, organizations, and communities.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.

C/side (cside)

C/side (cside)

At c/side, we're creating the ultimate delivery, performance and detection mechanism for browser-side fetched 3rd party Javascript.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

XONA

XONA

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.