Any information assets you find—like USB drives—should be surrendered immediately. Never plug them into your workstation. These allegedly "lost" files and devices might contain false information or harmful software that could infect your computer and the network with spyware, which would allow for network eavesdropping or other forms of malware.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

 

Spear phishers use manipulative emails to target specific individuals, hoping to deceive them into disclosing sensitive information or infecting their computers with malware. These attackers often request personal or confidential information, or they may attempt to deceive you into installing malicious software by clicking on a link or opening an attachment. It is important to always be cautious of emails, even if they seem to come from a trusted source. When in doubt, consider calling the sender to verify if they have indeed sent the email.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

To check if your email account is active, spam emails may use the "unsubscribe" feature. Don't remove your name from mailing lists that you didn't join, as you might be prompted to opt out of receiving spam emails. Clicking on the unsubscribe link can possibly redirect you to malware. Moreover, the spammer may use your response to ascertain that your email account is active and continue sending you spam messages, or even sell your email address to another spammer. When you receive unsolicited emails, resist the urge to immediately unsubscribe. Instead, mark them as spam and let your email application handle the rest.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Your computer or mobile device could potentially be infected with malware by anyone who has access to it. Never allow family or friends to use your workstation computer or devices, as they may unwittingly introduce malware, particularly young children. If this happens, all of the data on the computer or device may be compromised.

It's also essential to be cautious if you're considering setting up a guest account or another account for them to use. Even if you do this, it's best not to allow anyone else to use your computer if it has access to information from your place of employment.

By being vigilant and mindful of these risks, you can help safeguard your devices against potential malware attacks.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Report it right away if you spot someone entering a restricted area without a badge. Intruders could physically breach security rather than digitally. Anyone acting suspiciously when in a restricted area should always be reported. Someone trying to access a facility without the proper credentials or without a badge may be attempting to steal data or tangible goods from the company.

Before accessing information about your company while working remotely, get approval and instructions first. It is always crucial to take security measures before accessing confidential and sensitive information from your company. When you're at home or on the go, your internet connection might not be as secure, providing hackers a chance to steal your data. Connect to a secure VPN ( Virtual Private Network ) connection provided by your company. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Never access work-related information on public computers. Regardless of whether you are in a café or the business center of a hotel, the computers in these public spaces might be infected with malicious malware or have other significant security flaws. Even when you're done using the computer, you could unintentionally leave behind sensitive or confidential data that can be accessed later by a stranger. If you need to work away from the office, only use your company-provided computer. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

If you suddenly stop receiving mail, it could be a warning sign of identity theft. One common tactic used by identity thieves is to file a change of address to divert your mail to themselves, allowing them to gather the information they need to steal your identity. To prevent this, regularly check your account settings for any suspicious activity and report it immediately.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Avoid falling for social media impersonation frauds involving people you know. Be on the lookout for strange emails or posts from your friend's account might have they been hacked and the hacker may be using it to send messages to all of their contacts in an effort to swindle them out of money. You might receive a message, for instance, requesting that you send money right away to a friend. Call them to confirm that the message is genuine before you do anything, such as pay money or give personal information. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.
 

Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers who uncover potential threats specific to generative artificial intelligence (AI) systems. This initiative aims to enhance AI safety and security by addressing concerns like unfair bias, model manipulation, and data misinterpretations associated with generative AI. The program covers various categories, including prompt injections, data leakage from training datasets, model manipulation, adversarial attacks, and model theft.

In addition to this, Google has established an AI Red Team to combat AI system threats under its Secure AI Framework (SAIF). They are also working to reinforce the AI supply chain by participating in open-source security initiatives like Supply Chain Levels for Software Artifacts (SLSA) and Sigstore, which provide tools for software verification and identifying...