The Unintentional Insider Threat

The insiders of a company, while normally very trusted, are and always will be a high security risk. Whether this is an executive with access to a lot of sensitive data or an administrator of human resources, a doctor, or even a custodian, does not matter. The Ponemon Institute has released a study stating that 56% of security practitioners surveyed said that company insiders are the primary cause for security breaches. 72% Of these practitioners said that they were not confident that they could control employee access to sensitive information. […]

Alert: Cyber Criminals Most Likely to Attack These Companies

Cyber criminals are determined now more than ever to attack our most vulnerable companies. Organizations of all sizes are sitting in the crosshairs of cyber criminals, just waiting to be attacked. New research has come to light regarding which industries in general are most vulnerable, as well as which jobs are primarily targeted. A new study from security company Proofpoint shows that there are a few specific industries that are sitting in the spotlight. Proofpoint performs research studies like this quarterly. This time it said: 99 percent of the most heavily targeted […]

Ryuk Ransomware Haunts Newspaper Industry

A ransomware attack being identified by the name of Ryuk ransomware has caused disruption over the weekend and into the end of 2018 in printing and delivery of major US newspapers. This includes Tribune Publishing and the Los Angeles Times. Those affected by the attack include the Wall Street Journal, Los Angeles Times, New York Times, Chicago Tribune, Baltimore Sun, Post-Tribute, Lake County News-Sun, Hartford Courant, Carroll County Times, and the Capital Gazette. This strain of ransomware initially came to fruition and gained international notoriety in August of 2018, when […]

TriVault Tips – What is Social Engineering?

Social engineering is recognized as a manipulation art form. It’s the art of manipulating people with a goal for them to give up confidential information. Social engineering is often leveraged by criminals, who are seeking detailed information, or access to a computer or network. This is targeted and could be to grab financial information or to install malicious software that could give them all kinds of access and full control. Criminals often use social engineering tactics because they are easier to exploit. Criminals can leverage natural instincts in humans to […]

TriVault Platform’s Upcoming Updates

The TriVault security platform has multiple upcoming updates. TriVault is excited to announce these new releases, which will be installed automatically to the endpoint management platform on 1/1/2019 at 12:05AM. The updates and changes will take roughly 90 minutes to complete, at which time the platform will be unavailable. All agents will communicate with our old system at this time so we will still be able to monitor standard security. At the end of the update we will have a 5 minute security and monitoring downtime where we switch our […]

Amazon Sent Private Alexa Voice Files to Wrong User

  By now… We have all heard that the active listening of the Amazon Echo’s, Google Home’s, and other voice-activated products tend to record what we say. Many just believe this notion isn’t true; however, one Amazon Echo user is livid after his private, recorded conversations were sent to the wrong person! A report out of Germany says that because of an internal error, Amazon recently sent over 1,700 private Alexa voice files to an unauthorized customer. An Amazon customer followed up on his rights provided under the new EU […]

BREAKING NOW: Facebook admits to allowing Netflix and Spotify access to your private messages

  Facebook has openly acknowledged to allowing other companies, including Spotify and Netflix, access to millions of people’s private messages. The NYT submitted a report on Tuesday regarding this, and Facebook has responded with confirmation. Facebook shared user data with partners over multiple years, the company said, and had given third-party companies very extensive access to private messages. Facebook said this was to allow people to log in to services such as Spotify with their Facebook accounts and then send messages through the Spotify app itself. Facebook initially responded: “Did […]

$1 Million Scammed from Save the Children Charity

  Some criminals have no sense of boundaries… A children’s charity organization, Save the Children, has been scammed of roughly $1 million USD. News recently broke that the scam, taking place in May of 2017, was widely unknown until today. It originated as false payment documents that were shared to authorize and make money transfers from an email account that belonged to someone working for the charity organization. Save the Children, having been present in Pakistan for nearly 30 years, had allegedly purchased solar panels for health centers there. Close […]

Scam Campaign Demands $20k in Bitcoin Amid Bomb Threats

Please be advised… There is a new scam campaign that has arisen regarding bomb threats! This extortion email states that someone will detonate a bomb if the recipient does not send $20,000 USD to the attacker in Bitcoin (BTC). As of now there are reports these emails have been distributed throughout the US. We have been told the FBI is very aware and is working with authorities in cities and facilities around the country to ensure safety. These emails state that there is an explosive device made of “lead azide”, […]

Android Malware Leading to Stolen PayPal Funds & 2FA Can’t Stop It

An Android malware that disguises itself as a battery optimization tool has employed a tricky tactic to convince users to sign into their PayPal accounts. This leads to stolen money, despite two-factor authentication protection. The malware just prompts them to log into the app. The app, going by the name of Optimization Android, is available from unofficial third-party stores. Once the app is initially launched, it closes and then hides, and never does anything else. It also runs overlay attacks on Google Play, Skype, WhatsApp, Viber, Gmail, and multiple banking […]