Articles of interest from the week of March 16, 2020

Mass move to work from home in coronavirus crisis creates opening for hackers: cyber experts

As people disperse to their homes to work and study because of the coronavirus pandemic, taking their laptops and company data with them, cyber security experts say hackers will follow, seeking to take advantage and infiltrate corporations. (By Steven Scheer, Raphael Satter, Reuters) Ingalls: We compiled a list of tips businesses can follow  to ensure secure remote access and business continuity during the COVID-19 pandemic crisis. 

Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion

Though it's not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities. (By Mohit Kumar, The Hacker News) Ingalls: We highly recommended for Adobe users to download and install the latest versions of the affected software to protect their systems and businesses from potential cyber-attacks. Our blog discusses how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program.

Quantifying Cyber Risk: Why You Must & Where to Start

One sign of cybersecurity maturity is adoption of a common language and analytical framework to describe risk in terms other lines of business understand. (By Curtis Franklin Jr., Dark Reading) Ingalls: Quantifying cybersecurity risks can be a critical step in understanding those risks and getting executive support to address them. The cybersecurity experts at Ingalls have spent years helping our clients identify their risks and implementing solutions. To help you with this task, we have created a downloadable 8-point guide that explores ways for SMBs to develop the level of cybersecurity risk management that prevents attacks from succeeding and minimizes the impact of a successful intrusion.

Human Behavior is What Makes Phishing Attacks So Successful

The problem isn’t the lack of software designed to detect, prevent, and protect – it’s that human response is a required part of every phishing attack that users seem to be happy to oblige. (By Stu Sjouwerman, KnowBe4) Ingalls: Good information and education remain the best disinfectants for malicious online schemes trailing in the wake of the Coronavirus itself.  Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4, the market leader in security awareness training and simulated phishing.

The Epidemic of COVID-19 Phishing Emails Rages On

Spoofs of authoritative sources of information continue to be the most common malicious virus-themed emails that are reported to us. And the top three spoofed organizations remain the CDC (Centers for Disease Control), the WHO (World Health Organization), and HR. Since the publication of KnowBe4's first two blog pieces documenting the flood of Coronavirus-themed emails (see HERE and HERE), customers using the Phish Alert Button (PAB) have continued to share an ever-growing variety of emails from bad actors looking to capitalize on the crisis. (By Stu Sjouwerman, KnowBe4) Ingalls: Keep your employees on the lookout for signs of social engineering, particularly since fraudulent emails about the coronavirus are increasing. These emails (phishing emails) may either have infected attachments or link to malicious websites. Instruct employees to exercise special caution with coronavirus related emails. Click here for a detailed Social Engineering Red Flags PDF courtesy of KnowBe4.