CyberSafe Chronicles
Newsletter Content
Tuque's Take on the News
X (formerly Twitter) users fed up with constant stream of malicious crypto ads
Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams.
Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user’s activity, leading to ads that match users’ interests. These scams include links to Telegram channels promoting pump and dumps, phishing pages, and links to sites hosting crypto drainers, which are malicious scripts that steal all the assets in a connected wallet.
White Tuque’s Take: With the rise of malicious ads on the X platform, users should take caution when browsing on X. It is important not to click links immediately, and its best to verify the information on a separate platform as X becomes more unstable and unreliable.
-Henry
How often and how much time should you spend training your staff? Let us help you develop a strategy that makes sense for your business, supports your goals for the future, and is meaningful to your team! Tell us more about your business: www.whitetuque.com/help.
82% of Companies Struggle to Manage Security Exposure
A substantial 82% of companies have reported a widening gap between security exposures and their ability to manage them.
The figure comes from XM Cyber’s 2024 State of Security Posture Report, which offers insights from a survey of 300 Chief Information Security Officers (CISOs) and security decision-makers from major US and UK organizations. The report explores how organizations are approaching cybersecurity challenges, shedding light on trends and issues within the industry. Read More…
White Tuque’s Take: Companies today don’t have the luxury of picking and choosing where to apply preventive security practices. It is important that practices like patching, configuration management, and intrusion prevention are viewed as functions that need to cross technology and organizational silos. Applying risk-based prioritization to fixing security gaps can be a possible solution as no company has infinite resources to address its problems.
-Laura
We have subscription-based services that can help you find and auto-close vulnerabilities, monitor threats with managed detection and response (MDR), and more! Tell us more about your concerns at www.whitetuque.com/help.
Toronto Zoo latest public body to be hit by cybersecurity attack
The Toronto Zoo announced Monday it’s been hit by a recent cybersecurity attack and as a result customer response times may be impacted.
In a news release, the zoo said it experienced a ransomware attack that was first detected last Friday. The zoo said animal wellbeing, care and support systems have not been impacted by the attack, and the zoo will continue to be open to guests. Additionally, it said its website wasn’t impacted, ticket purchases can continue online and notes that it doesn’t have any credit card information stored on hand. Read More…
White Tuque’s Take: Zoos are rather unique when you put your ‘black hat’ on and think about the value what Zoos have. What may be even scarier, is that if you consider what IT systems power at zoos, imagine being able to control critical functions like, feeding systems, HVAC, water and power. All of which if not kept online, could result in the deaths of animals, many of which cannot be replaced. That is the leverage threat actors are looking for in order to get paid.
If you rely on technology or data, bad guys want to use that against you no matter your organizations industry or cause. If your organization isn’t considering cybersecurity in 2024, maybe it is time to revisit that.
-Rob
Want to know how your industry is affected by cybersecurity and how you can secure your organization? White Tuque can help you navigate the threat landscape and develop a roadmap to mitigate your cyber risk, no matter the size of your business. Learn more at www.whitetuque.com/help.
It's Time to Take a Modern Approach to Password Management
Our world has rapidly moved towards digitalization, enabling individuals to carry out more than 90% of their daily tasks via mobile apps or web pages. From paying bills, booking flights, attending health consultations to possessing a full map of one’s DNA lineage; digital platforms have made life easier than ever before.
However, the average person owns around 35 accounts linked to a traditional string-based password, which serves as the primary, and in some cases, only way to safeguard their personal information. Read More..
White Tuque’s Take: The cyber world continues to evolve rapidly and the first thing attackers try to exploit are user passwords. They prey on the user’s nature to use repetitive and easy-to-remember passwords across applications to gain access at one point and exploit all the systems. The purpose of passwords are hence defeated, so it’s time for authentication processes to evolve. Decentralization, as the article suggests, is one such method along with password managers that can manage passwords without users having to remember long and complex passwords.
-Sree
Don’t think you have time for more training? Our approach is streamlined and refined to be relevant and tangibly useful for promoting best practices. Visit www.whitetuque.com/help to learn more.
Hear from Our Experts
Cyber Insurance – You Can’t Stop There
Many organizations have taken the leap into the cyber insurance market over the last few years. Not only for peace of mind but also because the industries they are in expect it.
But, most organizations are consistently failing to appropriately measure their overall cyber risk and what they must do in order to maintain compliance with the policy terms.
Beyond that, the process for acquiring cyber insurance is far from straightforward. Carriers are now conducting deep-dive assessments into your security posture to help determine the risk they are taking by providing a policy. What carriers find during these assessments can determine the policy terms and conditions, as well as your pricing.
White Tuque partners with SafeHouse Initiative
The SafeHouse Initiative was founded to provide education and awareness to business leaders around the concepts of Business Continuity and Cybersecurity. Coming together through an open exchange of ideas with insurance carriers, CIOs, and CTOs who feel the current technologies available are insufficient to prevent costly operational downtime and prevent cyberattacks in all forms.
“It is an honour to collaborate with the very best in cyber and technology resilience on something so important. The SafeHouse Initiative is not only an opportunity to share knowledge we have gained preparing for or dealing with ‘very bad days,’ but an active group who are working together to ensure we do our part to help keep critical infrastructure online while guiding business leaders on their resilience journey.
“On a personal note, as a lifelong crisis and incident manager, there is not much in the way of certifications, professional groups, or conferences for incident managers. Being able to represent White Tuque at this table is special. I’m really looking forward to seeing the good that SafeHouse Initiative will do through their subject matter experts’ interdisciplinary collaborations.”
– Robert D. Stewart, White Tuque Founder & CEO