DNS is the system that translates website names (such as Google.com) into the numeric IP addresses that computers use to find each other on the internet. Poisoning is an increasingly common cyberattack where a server that normally directs users to a legitimate website is manipulated to instead redirect them to a malicious site controlled by an attacker. The fraudulent website closely resembles the legitimate one, but its purpose is to steal login credentials, credit card numbers, and other sensitive information.

Why is this important?

If the websites you access are fraudulent, attackers can easily capture sensitive and critical information. According to a recent report by International Data Corporation, a cybersecurity research firm, 88% of organizations have experienced at least one DNS-related attack.

What should you do?

Use a DNS filtering application to block access to malicious domains. These applications maintain a reliable, regularly updated list of known-bad addresses. Major vendors include Control ID, DNSFilter, and Cisco Umbrella.

Source: The Hacker News | #1 Trusted Source for Cybersecurity News

Phishing attacks, which are impersonation schemes designed to steal login credentials and financial information, are now the top cybersecurity concern for business leaders, according to the Accenture and World Economic Forum Global Cybersecurity Outlook report. The rapid advancement of AI has made these attacks significantly easier to execute, particularly by enabling non-native English speakers to craft convincing messages free of grammatical and stylistic errors.

Why is this important?

Phishing attacks are wide-reaching. In recent surveys, 62% of respondents knew someone who had been targeted by a phishing attack, and payment fraud affected 33%. An additional 17% reported awareness of romance or impersonation scams — schemes where attackers create fake social media identities to build trust with victims and ultimately defraud them.

What should you do?

Cybersecurity training is the most effective defense against phishing. Staff should be able to recognize common attack types before they become victims. CSI offers cybersecurity training to all member organizations. Submit a request on the CSI Service Request page: Service Requests – Community Security Initiative

Source: Infosecurity Magazine – Information Security & IT Security News and Resources

A new study found that several cloud-based password managers, including Bitwarden, Dashlane, and LastPass, may be vulnerable to certain cyberattacks. A cloud-based password manager is an online service that stores all your passwords in one place, accessible from any device. While these tools are designed to improve security and convenience, they are not immune to attack

Why is this important?

As password length requirements grow — NIST now recommends a minimum of 15 characters — password managers have become essential tools. That also makes them high-value targets for hackers.

What should you do?

No password manager is completely risk-free. When choosing one, research its security track record and how promptly it addresses vulnerabilities. Always install updates as soon as patches are released. In all cases, enable multifactor authentication (MFA) — a method that requires a one-time code sent to a trusted email address or mobile phone in addition to your password.

Source: The Hacker News | #1 Trusted Source for Cybersecurity News

Organizations upgrading to Windows 11 may find that some older hardware is incompatible. Running unsupported systems is strongly discouraged. Microsoft no longer issues security patches for them, leaving known vulnerabilities permanently unaddressed. When retiring these devices, proper cybersecurity practice requires secure decommissioning to ensure sensitive data cannot be recovered.

Recommended Decommissioning Procedures:

• Remove the Solid State Drives (SSDs) from the computer. An SSD is a storage component connected directly to the motherboard.
• If the drive cannot be removed, ensure it is securely wiped using approved data-erasure software so that no data remains recoverable.
• Physically destroy the storage media by drilling through the internal platters to make data recovery impossible.

Following these steps ensures that sensitive data cannot be accessed once equipment has been retired.

Questions? Please contact CSI Cyber Director, Jeremy Paulson at paulsonj@csiny.org