Be a smart internet user and use caution when you receive emails requesting personal information or prompt responses. Always check the sender's identity and hover over links to view URLs before clicking to avoid falling victim to phishing scams. Create email filters to automatically categorize and label incoming messages so you can more readily identify skeptical messages.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Kroll, a provider of financial advisory solutions, recently revealed an incident where one of its employees was targeted in an intricate SIM-swapping attack. On August 19, 2023, the episode focused on the employee's T-Mobile account. Unauthorized by Kroll or the employee, T-Mobile transferred the employee's phone number to the attacker's device as per their request. This breach enabled the assailant to access specific files containing personal information about bankruptcy claimants associated with BlockFi, FTX, and Genesis.

SIM swapping, typically a harmless process, was exploited to illegitimately activate a SIM card under their control with the victim's phone number. This allowed the interception of SMS messages, calls, and MFA-related notifications controlling online account access. The attacker often gathers personal details through methods like phishing or social media to...

Personalized phishing messages pose a significant threat to our online security. Scammers utilize information gleaned from social media and other public sources to craft messages that appear genuine and tailored to individuals. To ensure our safety, we must all exercise caution and undergo training to identify such fraudulent messages. Implementing additional security measures such as two-factor authentication and email verification can provide added protection. Additionally, it is crucial to fine-tune our privacy settings on social media platforms and promptly report any suspicious messages we encounter. By staying informed and taking proactive measures, we can maintain an advantage over these cunning cyber-attacks.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Create a time-traveling vault for your data by regularly backing up your important files to secure external storage locations. With this strategy, you can withstand ransomware attacks and data disasters without succumbing to cyber extortion. To guarantee consistency and prevent forgetting to back up crucial data, automate your backup procedure.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Hello and welcome to this week's Securi-Trivia! This quiz is designed to test your knowledge and reinforce the cybersecurity tips we send out every day. Each week, we'll ask you 10 multiple-choice questions based on the daily tips and awareness we've sent out during the week. The questions will cover a range of topics, including understanding different social engineering techniques and more. To pass the quiz and receive dreampoints, you'll need to get at least an 80% passing score.

Remember, staying safe online is a shared responsibility. Answer the questions to test your knowledge. Don't worry if you don't get them all right on the first try - you can retake the quiz as many times as you like! 

Click this link to start taking the quiz: https://securitytips.cloudstaff.com/quizzes/view/71 

Maintain your privacy and reduce exposure to targeted advertising and tracking by regularly clearing your cache and browser history.  This information is used by researchers and marketers to build comprehensive user profiles and serve relevant advertising. While it might not directly present a threat to security, it degrades privacy and encourages invasive internet tracking.  

Discover the secrets of social media privacy settings to safeguard your online identity. Limit the information you share and the details you make public, as cybercriminals often exploit social media platforms to devise personalized attack methods. Since the interfaces and policies of social media networks change over time, a pro tip is to regularly assess and adjust your privacy settings.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Be cautious when exploring the world of public Wi-Fi. Restrict access to sensitive accounts and data while online, or enhance your security by concealing your connection through a virtual private network (VPN). To minimize vulnerability to potential hackers, deactivate sharing and file transfer options on your device when connected to public Wi-Fi.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

A recent study by Zimperium has uncovered a worrisome trend among threat actors. They are using obscure and unsupported compression methods in Android Package (APK) files to avoid being detected by malware analysis. These methods were found in 3,300 artifacts found in the wild. Out of these artifacts, 71 samples can be easily integrated into an operating system without any issues.

It's important to note that these apps were never available on the Google Play Store. This suggests that they were distributed through untrusted third-party app stores or through manipulative social engineering tactics that convince victims to sideload them.

Android's package structure relies on the ZIP format, which can be compressed using the DEFLATE algorithm. The discovery is that APKs using unsupported compression methods can't be installed on devices running on Android versions earlier than 9. But they work on later versions of the Android system.

Furthermore, the study has...