Trust but verify your security tools are working.
BlindSPOT is a specialized breach & attack simulation tool that mimics a real-world cyber threat’s tactics & techniques safely on a customer’s production network.
Below is an overview of how BlindSPOT works and the reasons why these security tool blind spots occur in the first place. By, removing these security blind spots your organization is equipped with the knowledge you are well-equipped to face cyber security challenges in the future.
Reach out to schedule a virtual consultation today.
Does your email inbox look something like this? 1 Day Only! LAST CHANCE! It’s a Cyber Monday miracle!
Adobe Analytics forecasts shoppers will spend $34.8 billion during 2022’s Cyber Week.
While most of the emails showing up in your inbox will be legitimate, cyber criminals only need you to click on one bad link to create havoc.
Here are 6 simple ways to avoid becoming a Cyber Monday victim:
- Check the web address of any website you are on. Secure web addresses begin with “HTTPS” and not just “HTTP”.
- Never put personal or credit card information in forms on non-secure web pages. Even more important, NEVER save your credit card information after checkout.
- Stop ignoring that software update. Make sure you have antivirus software installed on your computer or mobile device, and that it is up to date.
- Be wary of the Wifi. In a survey by the Identity Theft Resource Center, 53% of respondents reported they used public Wifi at least one a week, yet half said they use a Virtual Private Network (VPN). Make sure you’re always using two-factor authentication when dealing with sensitive information.
- Password Protection. Hopefully you are not still using the same password you made in college but if you are it’s time to get a password manager. Always use a different password for every app and website you use. It might seem like a lot of work at the time, but you’ll be thankful you did it, if that password if ever compromised.
- Avoid clicking on any links in your email or to your phone. Go straight to the website instead. If the deal in the email is legitimate, the same deal should be offered on the website.
OnDefend empowers the information security industry through its proprietary technological innovations and private-labeled security force. By extending technical capabilities with solutions such as BlindSPOT along with real-time support to assist with service delivery bandwidth, OnDefend enables partners to meet market demand, scale their offering and secure our world.
JACKSONVILLE, Fla. – If you’ve ever received a message from a Facebook friend warning you not to accept a friend request from them because their account was “hacked,” you’re not alone. It’s easy to believe their page was hacked, but it’s likely their account was cloned.
News4JAX Consumer Investigator Lauren Verno sat down with OnDefend Security CEO Chris Freedman to discuss the differences between two popular social media problems circulating the cyber world: cloning and hacking.
Scammers are always “looking for a quick target to clone,” said Freedman “Let’s start with Facebook cloning. Facebook cloning is when someone creates a new Facebook account with your profile picture with information about you that they can find on the web to impersonate you to invite your friends to be their friends.”
While hacking into an account is a little trickier, cloning an account takes no work at all.
Unfortunately, a scammer can clone a profile on any platform, not just Facebook. Even being blue-checked certified doesn’t protect you from potentially experiencing a cloning or hacking situation.
JACKSONVILLE, Fla. and DENVER, Colo., June 22, 2021 — OnDefend, a leading provider of preemptive cyber defense solutions and consulting, has entered into a promotional agreement with ACI Learning, a rapidly-growing global training provider in the audit, cyber and IT learning space.
ACI Learning has a strong portfolio of audit, cyber, and IT learning solutions for enterprise, SMB, and consumer markets. This portfolio is complementary in the market to the offerings of OnDefend, which has a combined 40 years of applied experience in the security space. OnDefend has built proven security solutions to defend clients against continually evolving and persistent cyber adversaries throughout the US and around the world.
The agreement will include cross-promotional and educational events, courses, and exclusive offerings for clients of both organizations.
“OnDefend provides a crucial service to enterprises by helping them identify and mitigate vulnerabilities,” Brett Shively, CEO of ACI Learning, said. “Almost inevitably, training will be a part of that mitigation strategy, and the online, on-demand nature of the ACI On Demand platform can plug right in.”
“ACI Learning is a great fit with the services and proprietary solutions we provide,” Chris Freedman, CEO of OnDefend, said. “When we identify gaps in corporate information security, we also identify technical training opportunities for the client’s security team so that they can better defend their organization.”
Joint events, including webinar and podcast appearances, will begin in the coming weeks.
ACI Learning delivers lifetime learning to over 250,000 engaged professionals and members across six continents. ACI Learning offers learning to professionals and the enterprises that rely upon them, with the choice of multi-modal delivery. Students can select from on-demand learning, online virtual instructor-led training, on-premise training, and live classroom learning at one of ACI’s six learning hubs across the U.S. ACI Learning is owned by Philadelphia-based Private Equity Firm, Boathouse Capital. Visit acilearning.com and boathousecapital.com to learn more.
OnDefend helps companies prepare for and defend against real-world cyber adversaries by providing preventative information security services as well as its patented and proprietary cyber defense products. By working with companies ranging from Fortune 500 corporations to regional businesses, OnDefend helps strengthen the private and public sectors security posture against continually evolving and persistent cyber adversaries throughout the US and around the world. Visit ondefend.com to learn more.
Contact info: Gary Van Prooyen, email@example.com, (630) 779-2828
Originally written for news4jax.com by Jim Piggott
JACKSONVILLE, Fla. – More ransomware attacks on companies have been occurring across the country.
We’ve seen the impacts from an attack on the Colonial Pipeline and then on meat processing plants.
One of the latest attacks affected Cox Media radio and television stations, which caused some online disruption, according to multiple reports.
This follows a warning from the White House urging all companies to take steps and defend against ransomware attacks.
News4Jax talked with office workers downtown about cyber attacks.
Renata Donaldson said she and other employees have been warned to take precautions but she still is surprised to see what’s happening nationwide as companies are hit hard by cyber attacks.
“It’s kind of scary honestly because if you don’t really know what to expect. I don’t really know how to react,” Donaldson said.
At the Jacksonville Chamber of Commerce, staff told News4Jax they have had seminars in the past about ransomware attacks. The chamber has told businesses what they can do to avoid ransomware.
News4Jax also reached out to a number of businesses throughout Jacksonville asking them what steps they are taking. We spoke with financial institutions and various large companies. They all didn’t want to talk on the record, but they said they’re well aware of the problem. They are trying to take steps to protect themselves and their customers.
The White House is now telling businesses to take urgent security measures to protect against ransomware attacks.
Chris Freedman is the Founder of OnDefend a national cybersecurity company in Jacksonville. He says these latest attacks against our fuel lines, meat processing and TV and radio stations has the feds taking a harder look.
“They are going to take greater measures to protect what is our supply chain,” Freedman said.
In Jacksonville, we’ve not seen large ransomware attacks. Two smaller health care facilities were victims of a ransomware attack in October of last year.
Freedman says that could change at a moment’s notice no matter the size of the company and the target to get into the system. He said attacks usually start with regular employees.
“It is the world’s largest work from home experiment,” said Chris Freedman, founder of OnDefend, a cyber security services provider.
Freedman is accustomed to working remotely, but for many working from home this is new territory.
“In the business world, you can walk around the corner and say, ‘Joe, did you send me that email?’” he said. “In the personal world, there’s not much reference material right now.”
“They’re not necessarily targeting you as an individual, it’s kind of like a shotgun approach to get as many as possible,” Billy Steeghs, a cyber security expert who works with Freedman, said.
To show how easy it is for scammers to prey on people, Steeghs created a phishing email, or an email that’s intended to look like it came from someone else in hopes that the recipient will be duped.
For his example, Steeghs made the email look like it came from Amazon, a popular place to shop online.
“So, it’s $10 and it says apply to your Amazon account,” he explained. “Who wouldn’t fall for this?”
With emails like this, scammers can get access to your account the moment you input your credentials. Then it’s up to the cyber criminals what they decide to do with your personal information.
So, how do you spot it?
“I’m hovering over this Amazon account, you see I’m hovering over it and this is an action you can do, and you can see to the left it doesn’t actually say Amazon.com,” Steeghs said.
Whenever you receive an email and there’s a link attached, hover over the link but don’t click it. While hovering, look at the bottom left of your screen. The website’s URL will pop up and if it doesn’t say the website it claims to be from, Steeghs said it’s a fake.
“That will always pop up,” he said. “You just have to hover over the link but don’t click.”
If you do click on a phishing email’s link, you’ll be taken to a website that looks just like the real one — all the way down to copyright at the bottom.
From there, it will ask you to put in your credentials. Once you click submit, you will be re-routed to the real website and the cyber criminals will have your login information.
“You should be lucky if it’s only taking your credentials,” Steeghs said. “It could also have loaded some malware on your computer that now starts spying on you.”
Yes, someone could be spying on your devices or computer.
Steeghs said one way to see if you are a victim of malware and someone has been inside your accounts is checking your browser history often and making sure you recognize all the websites listed there. If you think your device has been compromised, Steeghs recommends clearing your history and checking it again later.
What’s Steeghs’ top recommendation for protecting your personal information?
“I would stop storing passwords in your browser,” he said.
So the next time you see a pop-up in your browser asking if you want to remember a password, click never.
Freedman suggests making your passwords more complex. You shouldn’t use the same password for all of your logins. You should also change your passwords frequently. And if possible, use two-factor authentication.
“Let’s turn those passwords them into 12 characters letters, numbers, uppercase, lowercase symbols,” he said.
Since it’s recommended to have different passwords for everything, it’s easy to keep everything straight. Steeghs and Freedman both recommend using the app Last Pass, which provides a free standard service.
When it comes to public Wi-Fi, Freedman recommends always staying away from it and using a hotspot instead.
If you have to use Wi-Fi, he recommends connecting a secured server and never putting in any personal information.
So best to do the online shopping at home.
OnDefend, a local cybersecurity firm, has partnered with the national staffing, IT and consulting services brand Modis — one of Adecco’s brands — to offer cybersecurity solutions to its customers.
It’s the first such partnership for OnDefend. The two companies will be offering security services to Modis’ clients throughout the U.S., including vulnerability management, network and penetration testing, cloud environment security, email phishing training and more.
“It’s a natural extension,” OnDefend Managing Parter Chris Freedman said. “Primarily right now, cybersecurity is critical.”
OnDefend is focused on finding channel partners as it continues to add new cybersecurity offerings to its portfolio, Freedman said. Modis is particularly well suited for OnDefend because they have a large footprint and many clients that would benefit from these services.
They had been collaborating for months, Freedman said, as the pandemic wore on and illustrated how integral cybersecurity was in the nature of remote work.
“I think with this pandemic, the timing is really interesting, outside of us planning to partner and serve those clients, it’s really drawn out a really big need,” Freedman added.
OnDefend has reshaped its offerings to partner with national brands, Freedman said, finding its stride in focusing on business-to-business channel partnerships.
“We have built ourselves to truly add value by creating a non-invasive kind of overall solution and services for clients,” Freedman said.
This partnership was particularly exciting for Freedman because he is a Jacksonville native who remembers when the Modis sign was the biggest thing on the Jacksonville skyline.
While the pandemic caused many companies to tighten their purse strings and review their expenses, it also illustrated the importance of cybersecurity for the modern workforce, he said. Freedman believes that the pandemic will likely cause businesses to rethink the way they operate — in terms of office space and remote work — but also in their need for investing in their security.
“I think there are going to be a lot of opportunities coming out of this,” Freedman said.
Freedman said that work has already been trending in this direction and it makes sense to consider the need for cybersecurity. Modis clearly thought so, “The Modis – OnDefend partnership is an exciting combination,” Pete Broding, head of Modis consulting and academy, said in the press release. “By complementing our Modis Consulting technology capabilities with OnDefend’s portfolio of security services, we greatly enhance the impact our solutions bring to our clients’ business.”