Greg Price recently submitted an article to the Troy Messenger, You are what keeps me up at night:
Exploiting the human during a cyberattack is common. In fact, statistically, over seventy percent of the reported attacks in 2017, occurred due to human error. Approximately half of those successful attacks exploited the day-to-day end-user, the remainder were errors by the IT employees.
Attacking the human is successful, in part, because of human nature. Targeting the good nature, curiosity, and, eagerness of a person is simple. We want to help, we want to engage with technology.
Read Full Article
One new article link has been added to our Related News page. PC World published an article titled Researcher releases tool that can hijack accounts on sites using Facebook Login.
A new tool allows hackers to generate URLs that can hijack accounts on sites that use Facebook Login, potentially enabling powerful phishing attacks.
The tool, dubbed Reconnect, was released last week by Egor Homakov, a researcher with security firm Sakurity. It takes advantage of a cross-site request forgery (CSRF) issue in Facebook Login, the service that allows users to log in on third-party sites using their Facebook accounts.
Homakov disclosed the issue publicly on his personal blog in January 2014, after Facebook declined to fix it because doing so would have broken compatibility with a large number of sites that used the service.
Source: PC World
One new article link has been added to our Related News page. Fox News published an article titled Don’t fall for this Google Drive phishing scam.
Usually, you can tell a legitimate Google notification from a phishing scam by reading the URL’s domain name — a message that redirects you to a non-Google address is sure to be a scam. However, a sophisticated phisher has come up with a method of stealing Google login information by using the company’s own servers against it.
Source: Fox News