Don’t Just Click on the Link!

Beware of links, especially shortened links and especially this time of year Don’t just click on the link! (Especially this time of year). Keep these ideas in mind next time you’re about to click on some random link you got over social media or email.

Cyber Security is Dead. Time to Build Our Cyber Resilience Strategy.

Cyber Resilience Strategy is not a nice-to-have. The illusion of Cyber Security is gone. Cyber Security incidents will disrupt your business. As leaders, we’re responsible to do business confidently knowing that, when Cyber Security events disrupt our business, our teammates, partners, and clients can count on us to lead the way through.

Your Defense Needs a Good Offense

WIMZKL was recently engaged in a forensic investigation. The biggest lesson? Teams that aren’t balancing their defensive practice with offensive fluency, and frequently testing their own defenses, will be no match for attackers who are iterating, evolving and learning exponentially faster.

Transform Your Weakest Links Into Your Greatest Assets.

IBM’s Threat Intelligence Index verifies that humans are still the weakest links within organizations and play the major role in making cyberattacks successful. How do we help turn this around by transforming them from our weakest links into our greatest assets for protecting our organizations against cyberattacks?

Hackers Hate When You Do This

Hackers hate and avoid organizations with a culture that values and actively promotes Cyber Resilience Awareness. Their employees don’t make mistakes easily like organizations without one.

First, the bad news. Then, the really good news.

As humans, our default instinct is to ignore things that threaten us until they impact us directly even as we are very weak and vulnerable to them. That’s why hardly anyone has an estate plan or business continuity strategy. The real problem is this: the less we care, the more vulnerable we are.

What’s Your Password?

This is funny. Sort of. When Jimmy Kimmel went streetside and asked people, “What’s your password?” in a funny, notably exaggerated way, he revealed how easy it is to manipulate people to get their private information.

Ransomeware: To pay or not to pay, that is the question.

By now, after the global spread of WannaCry, we can use ‘ransomewared’ as a transitive verb. I may be trying to make light of something nasty here because it’s nasty stuff that has ruined the day for many thousands of people. I hope I never have to help anyone ever navigate their way out of such an insidious trap ever again. Unlikely, that. So, here is some solid, step-by-step advice to take should the gods forbid you ever find yourself in that most unsavory situation.

Are Macs safe from Ransomware?

Nope. The first known ransomware attack on Macs, known as “KeRanger”, was downloaded more than 6,000 times before the threat was contained, back in early 2016. While that number is small compared to the number of ransomware attacks on computers running Windows, these threats are growing and we haven’t seen the worst of them, yet. We can expect to see more attacks on Macs. As more and more people are using them than ever before, those-so-inclined are always finding new ways to exploit Macs.

2-Factor Authentication is dead? Nah.

What is 2-factor authentication (2FA)? 2FA is an extra layer of security designed to ensure that you’re the only person who can access your accounts, even if someone knows your logins and passwords. By sending a unique, one-time code to your phone via text, only you can access your account. Even if anyone else had the…

Google Docs Scam!

Yesterday alone, I received multiple malicious links in messages sent from email accounts that had been hacked and then used to send out this latest barrage of Google Docs phishing attacks. In each of these messages was a legitimate-looking link to a shared Google Doc. Had I clicked on this link, this is what would…

FBI Phone Scam!

My wife actually received the following voicemail message last week. It’s pretty compelling but fortunately she is aware enough to suspect these kinds of things. These kinds of scams are getting harder and harder to tell apart from real inquiries. A good general rule of thumb is: always be a little bit suspicious of unsolicited…