Blog

Blog

Top Examples of Malware Attacks

Malware is perhaps the most widely known out of all IT security threats. Since 1986, malware has become a significant concern for enterprise users, with recent examples including the Colonial Pipeline attack, Kaseya ransomware attack, and the SolarWinds Dark Halo breach. However, these attacks are just the tip of the iceberg, with many businesses falling victim to malware and ransomware attacks...
Blog

How to Build a Successful Phishing Simulation Campaign

Phishing threats are everywhere, and if your employees don’t know how to spot them, you’re putting your information at risk. Knowing how to build a successful phishing simulation is vital for identifying how well employees can spot the latest threats and ensuring they know how to spot them independently. Unfortunately, many organizations fail to offer adequate security awareness training, with...
Blog

What You Need to Know About the Kaseya Ransomware Outbreak

In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients. The Kaseya ransomware outbreak is one of the latest high-profile ransomware attacks targeting...
Blog

7 Important Takeaways from the 2021 Security Awareness Virtual Summit

On June 22nd, Terranova Security hosted the 2021 edition of the Security Awareness Virtual Summit. Sponsored by Microsoft, the virtual event boasted sessions featuring speakers from some of the cyber security industry’s most recognized entities, including the National Cyber Security Alliance (NCSA) and Gartner. The event’s lineup also featured a panel discussion featuring security awareness...
Blog

What You Need to Know About the Latest Facebook Data Leak

At the start of April, hackers leaked the data of 533 million Facebook users from 106 countries in an online hacking forum. The leaked data included the private information of Facebook users like full names, phone numbers, email addresses, locations, Facebook IDs, and biographical data. While hackers obtained the information in 2019, there are serious concerns over how cyber criminals could use...
Blog

Why Security Awareness Training is Business-Critical for the Logistics and Transportation Industries

Maintaining cyber security awareness is something that many companies struggle to maintain, particularly in the logistics and transportation sectors. Even though cyber crime poses an existential threat to these industries, awareness of threats like phishing attempts and ransomware remains low. As a critical infrastructure sector, the transportation sector is a critical component in the supply...
Blog

Security Awareness and Working From Home: What About Devices with Personal Voice Assistants?

Personal voice assistants have proven to be a great technological innovation that improves lives daily. With 4.2 billion of these devices in use in 2020, they are no longer just a novelty, and, with workers staying home for the foreseeable future, voice assistants could pose a sizeable security risk. Voice assistants are mostly known as standalone speakers that people talk to in order to execute...
Blog

How to Protect Against Identity Theft

Imagine waking up one day and the organizations you deal with – your bank, your workplace, the tax office, your educational institution – don’t recognize you as you. Sounds like science fiction, right? In its extreme version, it is. But versions of this story are playing out for people and organizations daily as incidences of identity theft occur more frequently around the world. In 2022, the...
Blog

What You Need to Know About The Office-365 Phishing Campaign Targeting C-Suite Executives

During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their credentials to sell...
Blog

How To Build a Strong Security Awareness Program in 2021

Discover security awareness trends and best practices for 2021 Your employees are your first line of defense against cyber security attacks. The strength of your security awareness program depends on every employee in your organization. As part of your organizational goals and plans for 2021, you need to prioritize building a cyber secure and aware culture. This requires an ongoing commitment...
Blog

Data Breaches in 2020: The Year in Review

The disruption caused by the Covid-19 pandemic saw enterprises across the globe rapidly adopt remote working to support social distancing and comply with quarantine restrictions implemented by national governments. Amid this chaos, many cyber criminals created new phishing scams and other online threats, leading to many high profile data breaches. One of the most alarming trends that emerged this...
Blog

Defining an Information Security Program

Every organization, regardless of size or revenue generated, needs an information security program (ISP), a collection of initiatives that form the basis for any cyber security plan involving confidential data. A well-developed information security program enables your organization to take an inclusive approach to protecting data such as protected health information (PHI), personally identifiable...
Blog

Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization

Actionable security awareness tips on how employees can prevent insider threats A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff of movies and crime...
Blog

How to Stop Your Employees Falling Victim to Shipping Notification Scams this Holiday Season

With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud. As many employees will be shopping online during working hours, cyber security leaders need to educate employees on phishing threats and teach...
Blog

7 Cyber Security Tips for Retailers

The holiday shopping season presents a target-rich environment for cybercriminals. In fact, as per the 2020 Trustwave Global Security Report, the retail industry is the most targeted sector for cyber attacks for the third year running. An increasing shift to a digital environment—a change due in no small part to the COVID-19 pandemic—isn’t making data protection easier for retailers either. ...
Blog

Examining The 2020 Healthcare Ransomware Surge

How to Protect Against Ryuk Ransomware As countries worldwide struggle to come to grips with the Covid-19 pandemic, attackers have attempted to capitalize by launching a wave of ransomware attacks on hospitals across the U.S. and Canada. These attacks have taken place in locations ranging from New York, Nebraska, Ohio, Missouri, and Michigan, to Montreal, by using Ryuk ransomware. But what is...
Blog

How To Protect Remote Financial Services Employees from Cyber Attacks

Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and security leaders need...
Blog

The 2020 Security Awareness Virtual Summit for Partners: Here’s What You Need to Know

Robust, engaging security awareness training is an essential part of strong cyber security practices, especially given the accelerated digital transformation and shift by many organizations to remote workforces. It can also be a crucial value-added product for resellers, distributors, MSSPs, OEMs partners and technology partners, who are looking to expand their portfolio, drive business growth...
Blog

3 Ways Communication Tools Can Improve Security Awareness Training

To create a truly effective security awareness training program, your organization must also build a clear, engaging internal communication structure to match. This process involves more than just sending out one or two mass emails to let employees know such a program exists. It’s about establishing a consistent drumbeat of content distribution that grows participation numbers, boosts subject...
Blog

The CRA Cyber Attack: Here’s What You Need to Know

In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB). In response to the attack, a statement released by the Office of the Chief Information Officer...