The Dangers of SIM Swapping: What You Need to Know

SIM swapping, or SIM hijacking, is a cybercrime tactic where attackers exploit vulnerabilities in mobile carrier processes to seize control of a victim's phone number. With this control, they intercept calls, text messages, and two-factor authentication (2FA) codes, gaining unauthorized access to sensitive accounts and personal information. As eSIM technology becomes more prevalent, the risks have escalated, making proactive security measures essential. How SIM Swapping Works Information Gathering Attackers collect personal details through phishing, social engineering, or dark web data purchases. Publicly shared information, like that found on social media or forums, can also be exploited. Carrier Manipulation Using the stolen data, attackers impersonate the victim and convince the mobile carrier to transfer the victim's number to a new SIM card or eSIM. Exploitation Once the transfer is complete, attackers intercept 2FA codes, enabling unauthorized access to banking, email, and social media accounts. What Makes eSIMs a Target? Unlike traditional…

0 Comments

Announcement: Promotion of Stacy Harris

We are delighted to announce the promotion of Stacy Harris from the position of Information Security Analyst to Information Security Manager. Drawing from his commendable military leadership service, Stacy has consistently demonstrated the tenacity, dedication, and skill set required for this elevated role. In his new position, he will be managing our infrastructure and leading our information security teams. We are confident that with his military background and professional expertise, Stacy will guide our teams to greater heights. Please join us in congratulating Stacy on this well-deserved promotion!

0 Comments

Johnson Controls hit with ransomware. What you should know.

Johnson Controls International recently reported a significant ransomware attack that has targeted its infrastructure. This disclosure was made public in a regulatory submission on September 27, 2023. The filing reveals that a part of the company's internal IT infrastructure and applications were compromised. Although Johnson Controls has already implemented measures to counteract the affected systems and emphasizes that many systems remained untouched, there is anticipation that certain operations will still face disruptions. Johnson Controls mentioned in the document, "We are currently evaluating the potential implications of this incident on the timely publication of our fourth quarter and overall fiscal year outcomes, and its potential financial repercussions." An article by Bleeping Computer, citing an unnamed insider, suggests the attack was initiated from a breach in Johnson Control's Asian branches. The publication mentions that the attackers, identified as the Dark Angels ransomware group, are demanding $51 million as ransom for the alleged…

0 Comments

The Importance of Cybersecurity for CEOs: Lessons and Recommendations

For CEOs, understanding and implementing strong cybersecurity practices isn't just about protecting data-it's about ensuring business continuity, fostering trust, and building a resilient organization. Drawing on recent events and challenges faced by organizations globally, this guide lays out key insights and actionable steps for CEOs. 1. Establishing Effective Communication Channels: Public perception and response play a pivotal role in the impact of a crisis. CEOs should: Proactively Communicate: Transparency with stakeholders, including the public, can mitigate panic and confusion. Effective communication isn't just about messaging; it's about timing, clarity, and consistency. Manage Group Psychology: Bank runs or shortages during global crises serve as classic examples of how unexpected public reactions can deepen a crisis. CEOs need to understand and anticipate these reactions to manage and guide public response better. 2. Collaborative Strategies with Government and External Agencies: Engaging with appropriate government bodies and external agencies can provide valuable insights and…

0 Comments