Take the free cyber security test to get a full evaluation of your organisation’s cyber security and find out where you need to make improvements in order to get better protection. The test will only take about 10 minutes to complete and there is a substantial amount of very valuable information that can be gleaned whilst doing the test to enable you to ensure that your current security policy is sufficient for today’s cyber security threats.
94% of malware world-wide is delivered by email and you can protect your business from advanced email threats with F-Secure’s Cloud Protection for Microsoft Office 365. Powered by real-time threat intelligence and fine-tuned machine-learning techniques, F-Secure Cloud Protection protects against viruses, trojans, ransomware and other advanced malware and has an easy deployment with the highest possible detection rate for business security.
What you do in the first 24 hours of a cyber attack could make or break your business. A cyber attack is inevitable for just about every organisation. The preparations you make for incidents hold the key to ensuring a dramatic event doesn’t become a crisis. Without effective planning, you’ll simply end up playing “whack-a-mole”, according to Matt Lawrence, F-Secure’s director of detection and response. “Speed, visibility and expertise are critical,” Lawrence told security professionals during a recent webinar hosted by F-Secure.
A new F-Secure study reveals how people who used breached services — The Walking Breached — are significantly more likely to experience cybercrime. For users with children, the likelihood is even higher. Sadly, the numbers of The Walking Breached grow every day. The finding that people who use breached services, especially if they are parents, become far more likely to experience cybercrime should be a wake-up call. Securing not only their devices and accounts, but also the devices and accounts of everyone in their family, should be an immediate priority. To find out how to avoid becoming one of The Walking Breached.
The enforcement of the Protection of Personal Information (POPI) Act is commencing on 01 July 2021. The Act is essentially a code of conduct that all organisations in South Africa will need to comply with and have the necessary systems in place to manage employee, customer and supplier data that have personal information. It will also be compulsory in terms of the Act for all organisations to provide evidence of personal data protection systems having been implemented, especially in the event of a breach, in order to avoid prosecution and the substantial fines that may result from non-compliance. Fortunately, F-Secure has a substantial amount of knowledge and hands-on experience resulting from similar regulations – the General Data Protection Regulation (GDPR), implemented in May 2018 in the European Union where their head office is based. A Webinar by F-Secure together with Michalsons Attorneys who specialise in the POPI Act will be held on 24 March 2021 to discuss POPIA with interested parties. If you are interested in attending this Webinar please select the following link to register and obtain the invitation.
WhatsApp Messenger, a Facebook Inc. subsidiary since February 2014 with over 2 Billion users globally, announced an updated user privacy policy on 04 January 2021 that has caused confusion and concerns worldwide over what their intentions are regarding personal data. Users who do not comply with and accept the updated WhatsApp policy were to be blocked from utilising the service from 08 February 2021, now postponed to 15 May 2021.
WhatsApp, the Facebook Inc-owned messenger business, has seen weeks of bad publicity recently since the company updated its privacy policy on January 4, 2021 among numerous privacy concerns over how the platform would share user data with its sister companies, Facebook and Instagram, and other third-party partners. Users of the WhatsApp platform, enraged by the company’s inconsideration to their personal privacy and data, chose to take to the internet and social media to share their discontent and advised friends, family, and the public to discontinue use of WhatsApp, opting instead for more privacy-focused messaging platforms namely Signal Messenger and Telegram.
Amidst all the Corona Virus chaos, cyber hackers have yet to take a break from their malicious activities, disrupting services and stealing data from various organizations in 2021.
Mimecast, the email management and services provider, had an incident with the SolarWinds hacker group. The hacker group managed to gain access to Mimecast’s network and compromise a digital certificate used to authenticate and encrypt connections between its (Mimecast) systems and Microsoft Office 365. Mimecast advised clients of the threat on 26 January 2021 and that during their investigation it was found that some data may had been exfiltrated.
According to Mimecast: “Our investigation also showed that the threat actor accessed, and potentially exfiltrated, certain encrypted service account credentials created by customers hosted in the United States and the United Kingdom. These credentials establish connections from Mimecast tenants to on-premise and cloud services, which include LDAP, Azure Active Directory, Exchange Web Services, POP3 journaling, and SMTP-authenticated delivery routes.”
Customers using Microsoft 365 integration with Mimecast are to revoke the compromised digital certificate as soon as possible and re-authenticate the connections with a new digital certificate provided by Mimecast.
This bulletin is intended to increase the security awareness in organisations by providing useful information to help enhance security and safety when using computing devices and the Internet.
Be sure to consider some of the cyber threats out there and consider these tips for protecting yourself and your devices. Until our next mailer, you can check out all the great resources we have available on our website.
