It can also be referred to as non-technical attack as no special technical skill is required to perpetrate such attack. A form of social engineering attack whereby cyber criminals leverage personal interaction and social skills. Sometimes refer to as a non-technical attack. Business Email Compromise (BEC), CEO fraud, or Whaling, are all examples of non-malware…
Mode of malware delivery 1. Social engineering and phishing Social Engineering SE in the context of Information Security, is the act of psychologically manipulating someone to divulge vital personal information (such as password, transaction PIN, username) through personal interaction and social skills. Attackers play around online users mental intelligence by tricking them to believe the…
Malware is any software (program code) that is purposely designed to carry out malicious action; steal and destroy vital sensitive information and data. Sometimes, malware goal is to disrupt and make network resources unavailable to the authorized users. We have file-base, and fileless malware. Forms of Malware There are more than 20 forms of malware,…
The major sources of cyber attacks for an organization can be classify into Internal and External sources. Internal sources: These are majorly people legitimately granted access to company network and digital resources, but abuse the access due to their selfish interest and ulterior motive. It can be disgruntled current or former employees, a disloyal third…
CASB stand for Cloud Access Security Broker. Traditionally, it is a cloud security control (it can be op-prem or cloud based)stationed in between cloud services users and cloud service provider to intercept cloud traffic so as to effect enterprise predefine security policies on the services being accessed. Basically, CASB act as a proxy gateway to…
With increase in the adoption of cloud based application by SMEs due to the affordable and predictable cost of maintenance, flexible remote workforce, predictable data recovery, among others, security remain a point of concern as the cloud providers are only saddled with security responsibly in their cloud environment thereby customers take responsibility for security blunders…
When you activate 2FA on your WhatsApp, Hackers will not be able to clone your WhatsApp account. People fall victim every day. 2FA has safe a lot of people from losing their account and fortunes. Primary function of 2FA is applicable to every other online account, so endeavor to activate 2FA whenever possible on your…
It is no more news, there are fake bank apps on Play Store. People are being scammed daily. If you have not fallen victim does not mean the SCAM is not real. Popular banks applications are often the targets. People’s data are being compromised daily via the download of these fake apps. Cyber criminals target…
Basically, traditional Email Security Gateway was designed during the days of on-prem exchange online and it was very effective then. It protect email infrastructure just like Firewall seating at the edge of the corporate network. Unfortunately, it fails at scaling up with recent migration of email infrastructure to cloud because it is not cloud native….
For those that do not know what DMARC is, check here: https://www.blog.a-jevertonnetworks.com/what-is-dmarc-and-how-it-works/ As we know DMARC leverage two authentication standard (DKIM & SPF). With DKIM, every email sent is signed with a private key which the receiving mail server validated with corresponding public key in the DNS. This is to verified the message is not…