Get trending information on exploits, and vulnerabilities every week to help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers
A newly-outed Trojan is exploiting iOS and Android devices, ripping iCloud credentials abusing the trusted link between phones and PCs. The attack appears to have failed in most circumstances, thanks to iOS’ sandboxing security controls, hardened modern Android operating systems, and the overt nature of the attack, and will flunk in all current attacks given the expiration of a certificate.
Cleartext passwords, real names and user names, email addresses plus and IP addresses for 2.2 million users of cash-for-surveys site ClixSense have been dumped online, with a further alleged 4.4 million up for sale. The records also include the pay outs the site has handed each breached user.
Around 324,000 users have likely had their payment records stolen either from payment processor BlueSnap or its customer Regpack; however, neither of the company has admitted a data breach. BlueSnap is a payment provider which allows websites to take payments from customers by offering merchant facilities, whereas RegPack is a global online enrollment platform that uses BlueSnap to process the financial transactions for its online enrollments.
Hackers have breached some 670,000 Pokémon gamer accounts on popular fan site Pokebip. The breach hit the French site on 28 July and includes compromised usernames, email and IP addresses, website activity, and weak MD5 passwords which can be broken in seconds. The site warns that other connected social media accounts including Skype and Facebook could be compromised.
As more attacks are directed toward employees, many organizations are unprepared to react. They are also surprised by how difficult it is to change behaviors of the people on the front lines. Here are some of the benefits of equipping your team with the skills and awareness to thwart cyber threats and help protect the company from attacks:
- Confident Staff
As technology use has exploded, a majority of employees have been left to fend largely for themselves in a wilderness of new software, social media, e-mail platforms, and more. That leads to a general feeling of uncertainty around technology in general and data security specifically. By holding official Security Awareness Training, your team can feel confident using the technology they need to. They’ll know what to do and what not to do to help protect the business.
- Better Culture
Being informed creates a better workplace culture. By establishing data security as a priority, employees can help keep each other accountable for best practices and support each other in safe technology use. Instead of a pall hanging over their heads as they navigate e-mail and the internet, there will be a sense of ownership and confidence in handling their business. Cultivating that kind of culture will pay off in a handful of ways – higher satisfaction, higher retention, and more.
- Save Money
Combining a confident team with a data security-conducive culture will save your company money. Data breaches can be expensive and having a team that’s prepared to prevent them is key to saving your business from the ruinous costs associated with them. Think of security awareness training as an investment. Any cost incurred from holding training will prevent greater cost down the line.
- Save Time
Similar to the cost saved, you’ll also save time by implementing training on security awareness. One of the hidden costs of data breaches is the time lost trying to fix it and recover. More than a financial loss alone, your business is at risk to be derailed as you scramble to control the damage. By ensuring that your team is acting vigilantly against cyber threats, you’re lessening the chance that you’ll have to face a data breach.
5. Better Security
Of course, the biggest benefit to holding a training session on security awareness is better security. Knowing your employees are prepared and acting with a focus on data security gives you unmatched peace of mind and a confidence that your business is doing everything possible to prevent data breaches. All employees need training on all aspects of their jobs. Data security can’t be neglected. Being proactive in making your team aware of security is one of the best things you can do to protect your business.