CyberSecurity

Home CyberSecurity Page 2

Cold Wallets vs. Hot Wallets: Which Offers Better Security?

0

Cryptocurrency isn’t just a buzzword anymore. By December 2024, the number of global cryptocurrency owners reached approximately 659 million, marking a 13% increase from January 2024. That might not sound like a massive chunk, but it still represents millions of individuals who want to protect their virtual holdings. Where regular banking once ruled, self-managed wallets are now front and center for those who prefer having full control of their tokens.

Part of the appeal is the chance to bypass middlemen. However, questions arise on the best way to handle security—especially for people who want quick access to their coins while also trying to avoid potential hacks. 

Hot Wallets and Why People Use Them

Hot wallets and cold wallets both serve important purposes in this field, yet they each come with a unique mix of convenience and risk. Anthony Clarke’s research on crypto storage might notice that he discusses various features of the top web3 wallets. A significant number of these are what we call “hot” wallets, which are connected to the internet at nearly all times. Plenty of enthusiasts who enjoy web-based gaming services lean on hot wallets because they often allow speedy deposits and withdrawals, leading to near-instant play. Once that gaming topic is covered, though, these wallets also appeal to traders, freelancers, or anyone who wants immediate transfers.

Hot wallets are praised for their ease of use. They’re typically tied to user-friendly apps or browser extensions, so you can send or receive tokens within seconds. While this makes day-to-day transactions painless, it also means a constant link to the internet. Hackers often eye anything that’s frequently connected, so staying sharp with two-factor authentication and strong passwords is a must. Phishing attacks are a known threat, where someone might trick you into giving away personal details or private keys.

Another consideration is how these hot solutions store your credentials. Some keep private keys on external servers, while others let you store them on your own device. Either way, the open nature of being connected leaves a bigger window for unwanted visitors to sneak through. If you’re someone who likes fast trades, though, hot wallets remain a popular choice.

 

 

Cold Wallets: Safeguarding Your Crypto Offline

While hot wallets thrive on convenience, cold wallets shut off direct access to the web. They come in the form of hardware devices that look like USB sticks, or even paper wallets with keys and QR codes printed on them. Because these storage methods aren’t plugged into the internet all the time, they present a far smaller target for hackers. Someone would need physical control of your device or printout, making it way harder for them to stage a remote break-in.

Cold wallets are known for long-term storage. If you have coins you’re holding for months or years, it makes sense to lock them away from prying eyes. Many large investors keep the bulk of their funds in offline vaults to minimize risk. However, this approach creates its own challenges. Losing the device or paper could be devastating, and there’s no customer support line that can restore lost private keys. You might want multiple backups—perhaps in separate secure locations—so one house fire or other mishap doesn’t wipe out your stash.

Though it can be more tedious to move your coins in and out of cold storage, the added security is often worth that extra step. Many people prefer a hybrid strategy: store most of your holdings offline, and keep a small portion in a hot wallet for quick trades.

Picking the Right Match for Your Needs

Hot wallets and cold wallets each have their strengths, so the choice depends on how you plan to manage your cryptocurrency. If you’re regularly trading tokens, a hot wallet feels more convenient. Just stay on your toes: never click random links or download unverified software, and consider pairing your wallet with hardware-based two-factor solutions. That level of caution is essential, because even a moment of inattention can lead to stolen funds.

On the flip side, if you’re happy to park coins for a while, cold wallets offer a sense of security that’s tough to beat. Not being connected nearly closes the door on remote hacking attempts. The downside is that you’ll have to keep track of your physical device and backups. Anyone who loses their cold wallet without a recovery phrase faces the possibility of never seeing their crypto again.

Some people take a balanced path, splitting their holdings between the two methods. A portion stays hot for day-to-day transactions, while the rest sits offline. This gives you that sweet spot of easy access and lower risk. Think of it like keeping a bit of cash in your pocket for small expenses, with the bulk of your savings safely locked away.

In the crypto world, your personal habits play a big role in choosing the best wallet type. Day traders and gamers may favor rapid moves, but that also means they should be extra cautious with security steps. Long-haul investors often breathe easier knowing their coins are tucked away in cold storage, though they accept the burden of safeguarding physical devices.

 

The post Cold Wallets vs. Hot Wallets: Which Offers Better Security? appeared first on IT Security Guru.

New Microsoft 365 Phishing Scam Tricks Users Into Calling Fake Support

0

Cybersecurity company Guardz is warning Microsoft 365 users about a new phishing scam backed by social engineering tactics making the rounds. This isn’t an average scam as attackers trick people into calling fake support numbers using Microsoft 365 infrastructure, putting their login details and accounts at risk.

How the Attack Works

Unlike typical phishing attempts using typosquatted domains, fake or misspelled email addresses, this campaign operates from within Microsoft’s cloud services. This makes the phishing attempts look convincing, easily bypassing email authentication checks like SPF, DKIM, and DMARC.

The attack also utilizes legitimate Microsoft domains (onmicrosoft.com)and manipulates tenant settings. The scammers also set up multiple Microsoft 365 organization tenants, either by creating new ones or compromising existing accounts. Each tenant has a specific role within the attack framework, allowing the threat actors to operate with anonymity.

One of these fake organizations is used to trigger actions that look like normal business activity, such as starting a subscription. Another fake organization is given a name that includes a fake warning message and a phone number. For example, the organization’s name might appear as something like, “(Microsoft Corporation) Your subscription has been successfully purchased… If you did not authorize this transaction, please call .”

The Microsoft 365 phishing email used in the scam (Screenshot credit: Guardz)

When the attackers trigger an action, like a subscription change, Microsoft 365 automatically sends out legitimate emails about it. Because of how the attackers set up their fake organizations, these official Microsoft emails can end up including the fake warning message and phone number in the sender’s information or organization details.

So, you might receive an email that looks like it’s really from Microsoft, confirming a purchase you didn’t make. The email itself is real in the sense that it came through Microsoft’s systems.

But the alarming message asking you to call a number to dispute the charge? That’s the scam. If someone calls the number, they’re connected with the attackers, who then try to steal sensitive information like passwords or trick them into installing malicious software.

Why This Scam Is Effective

This approach is effective for several reasons. Since the emails come from Microsoft’s legitimate systems, they often pass standard security checks that look for fake domains or suspicious links. The emails look official, complete with Microsoft branding. And the urgent message about an unauthorized charge can cause people to act quickly without thinking.

According to Guardz’s report shared with Hackread.com ahead of its publishing on Thursday, this attack is tricky to spot because it uses legitimate services for malicious purposes. Traditional email security measures that check sender reputations or look for fake links might miss this.

The Possible Impact

The implications of this phishing campaign could be significant. Businesses and individuals who fall victim can suffer from credential theft, financial loss, account takeovers or installing malware on their systems. The attack’s dependence on voice channels also makes it more challenging to detect and prevent, as fewer security controls exist in direct phone communications.

Protecting Yourself and Your Business

A few key steps can help prevent these scams. Be wary of unexpected emails about purchases or subscriptions, even if they appear to come from Microsoft. Never call phone numbers listed in emails if something feels off, always verify contact details on Microsoft’s official website.

Pay close attention to sender details; while an email might look legitimate, unusual organization names or urgent wording can be red flags. Also, be cautious of messages from unfamiliar “.onmicrosoft.com” domains. Most importantly, train yourself and your employees to recognize phishing tactics, especially those designed to create a sense of urgency around financial threats.

  1. Fake Facebook Copyright Notices to Hijacking Accounts
  2. Hackers Using Fake YouTube Links to Steal Login Credentials
  3. PayPal Phishing Exploits MS365 Tools, Genuine-Looking Emails
  4. Phishing Attacks Can Bypass Microsoft 365 Email Safety Warnings
  5. Astaroth Phishing Kit Bypasses 2FA, Hijacks Gmail, Microsoft Emails


Strengthening the Human Firewall: Prioritising Mental Health in Cybersecurity Teams

0

There are few places more challenging than the frontlines of war.

Danger lurks at every corner while enemy fire is a persistent threat. It’s a hostile and stress-induced environment that demands unwavering focus, and where a single error can have disastrous consequences.

Fortunately, the frontlines of war are a place most people won’t encounter today.

But the environment isn’t too contrasting to working on the frontlines of cyber defence.

Cybersecurity professionals operate in one of the most high-pressure environments today.

Threats bombard organisations incessantly, security alerts pour in by the minute, while teams often contend with constrained resources and budgets. Despite this, they bear the immense responsibility of defending their organisations against increasingly sophisticated cyber threats.

Cybersecurity has evolved into one of the most mission-critical departments in business, acting as an organisation’s frontline defence in the increasingly hostile digital landscape.

Cyberattacks have evolved from mere technical nuisances, into threats that can threaten the solvency of an organisation, causing financial and reputational devastation. Security teams must remain constantly vigilant to ensure no attack escalates into a full-scale breach or ransomware incident.

This immense responsibility can weigh heavily on cybersecurity professionals. Many feel that the future and safety of the entire organisation, as well as its customers and stakeholders, rest solely on their shoulders.

Unsurprisingly, burnout in cybersecurity is a prevalent and growing concern.

Security teams frequently feel overwhelmed by the pressure, working long hours with limited resources, while defending against a relentless and ever-evolving threat landscape.

This level of stress is unsustainable and, if unaddressed, can lead to exhaustion, decreased performance and even serious mental health issues.

Recent data from SoSafe revealed that sixty-eight percent of security professionals in Europe are experiencing burnout, with 32% experiencing high burnout levels and 36% experiencing a moderate degree.

This data underscores the severity of burnout in cybersecurity and reinforces the need for organisations to strive to do more to better support their teams.

So, what can organisations do to strengthen their security teams, ensuring their mental health is prioritised and they themselves feel protected?

  • Encourage Open Communication: Establishing open channels for security teams to voice their concerns is essential. Employees should feel comfortable discussing feelings of stress or burnout with HR, management or colleagues. Additionally, other departments should be educated about the pressures security teams face to prevent unnecessary strain or unrealistic demands.
  • Regular Check-Ins from Leadership: Management and HR must regularly engage with cybersecurity professionals, not just to assess performance but to understand their personal well-being. These check-ins should be a structured, ongoing initiative, demonstrating a leadership commitment to mental health.
  • Identify and Address Workload Issues: If team members are feeling overwhelmed, it’s crucial to assess why. Are there bottlenecks that can be alleviated? Could additional resources be allocated? Would time off help? Understanding the root causes of stress can lead to actionable solutions.

In today’s increasingly pressured security landscape, organisations must take proactive steps to support their security teams. Failing to do so can not only jeopardise employee well-being but also expose the organisation to increased security risks.

Ignoring burnout and placing too much pressure on security teams, won’t help the organisation. Over stretched staff lead to reduced attention, increased errors, and, ultimately, compromised systems.

By supporting those on the frontlines of digital defence, we ensure stronger, more resilient organisations that are better equipped to face the evolving cyber threat landscape.

At this year’s DTX Manchester, I will be participating in a keynote panel session alongside the Office for Nuclear Regulation and Community Mental Health Services, where we will discuss how to strengthen the human firewall and prioritise mental health in cybersecurity teams.

 During the session we will discuss how managers and colleagues can identify signs of mental health struggles, provide advice on effective ways to approach, talk to, and support colleagues who may be masking or exhibiting concerning behaviour and  also discussing the strategies and resources available to foster resilience in high-pressure environments and support employee mental health.

Join me for the session, which will take place on Wednesday 2nd April from 12:10PM – 12:45PM.

By Jonathan Marnoch, Principle Cyber Architect, Jaguar Land Rover

The post Strengthening the Human Firewall: Prioritising Mental Health in Cybersecurity Teams appeared first on IT Security Guru.

Keeper Security Gives Its Partner Programme an update

0

Keeper Security has announced the launch of the updated Keeper Partner Programme. The updated programme is designed to help organisations of all sizes expand their cybersecurity offerings and unlock new revenue opportunities. 

As businesses increasingly adopt PAM solutions to protect privileged credentials, secrets and remote access, Keeper’s programme provides comprehensive partner tiers, extensive training and a lucrative incentive structure to help partners accelerate growth. With distribution partners around the globe, Keeper is committed to empowering its partners with the tools they need to thrive in today’s cybersecurity landscape.

Scott Unger, Director of Global Channel Account Management at Keeper Security, said: “Keeper’s Partner Programme was built to ensure our partners have the competitive advantage they need in a rapidly evolving cybersecurity market. With brand new KeeperPAM sales, demo and implementation training through Keeper University, tiered pricing and strong financial incentives – including world-class channel marketing and proposal-based MDF programmes – partners can rapidly grow their business while delivering best-in-class privileged access management.” 

Key Benefits of the 2025 Keeper Partner Programme

With cyber threats escalating, organisations are prioritising privileged access security as a core defence strategy. The Keeper Partner Programme is designed to meet this demand while helping partners maximise revenue potential.

  • Expanded Revenue Streams: As businesses shift towards modern, zero-trust PAM solutions, Keeper provides partners – especially enterprise-focused resellers – with a high-growth, high-margin security offering.
  • Comprehensive Training & Certifications: Free access to Keeper Sales Professional (KSP), Keeper Demo Expert (KDE) and KeeperPAM Implementation (KPI) certifications to enhance both sales and technical expertise.
  • Flexible Partner Tiers: Four levels – Authorised, Silver, Gold and Platinum – offer progressively greater benefits, including tiered discounts and revenue-sharing opportunities.
  • Marketing and Growth Support: Silver-level and higher partners gain access to Market Development Funds (MDF) to fuel demand generation and drive customer acquisition. 
  • Global SPIFF Program: A structured incentive program rewarding partners for closed/won deals, with four tiers of compensation to maximise earnings.

Helping Partners Win in Cybersecurity

With best-in-class customer retention, Keeper is the trusted cybersecurity partner for organisations worldwide. Its unified PAM platform – spanning enterprise password management, secrets management, connection management, zero-trust network access and remote browser isolation – helps businesses of all sizes protect their most sensitive information and resources.

The Keeper Partner Program is now open for enrolment. Partners ready to accelerate their business and capitalise on the increasing demand for PAM solutions can apply through the Keeper Partner Portal

The post Keeper Security Gives Its Partner Programme an update appeared first on IT Security Guru.

Best WordPress Plugins for Cybersecurity 2025

0

WordPress is a great platform for building websites, but it is also a common target for hackers. Keeping your website safe is important to protect your data, visitors, and business. Cybercrime is a growing problem, with 39% of UK businesses experiencing cyber attacks in 2023.

Using security plugins can help reduce risks and keep your site safe from threats and are essential for any wordpress site, and even more so if your site has personal customer data on it. We speak with Sierra Six, a leading SEO agency in Essex to get their recommendations on the best plugins for security and to reduce cyber attacks.

Wordfence Security

Wordfence Security is one of the most popular cybersecurity plugins for WordPress. It provides a firewall that blocks malicious traffic before it reaches your website. It also has a malware scanner that checks your site for viruses and suspicious code. If anything harmful is found, Wordfence will alert you so you can take action. Another useful feature is its login protection, which helps stop hackers from guessing passwords.

Sucuri Security

Sucuri Security is another excellent plugin that protects your site from hackers. It offers a website firewall, which blocks attacks before they can do any harm. The plugin also scans your website for malware and removes it if necessary. If your site ever gets hacked, Sucuri provides help to clean it up. This is useful because recovering from a hack can be difficult without expert support.

iThemes Security

iThemes Security is designed to strengthen your WordPress site against attacks. It protects against brute force attacks, where hackers try thousands of password combinations to break into your site. The plugin also scans for vulnerabilities and fixes weak points in your website’s security. Another feature is two-factor authentication, which adds an extra layer of protection when logging in.

All In One WP Security & Firewall

This plugin is great for beginners who want an easy way to secure their website. It comes with a firewall to block suspicious traffic and a login lockdown feature to stop repeated failed login attempts. The plugin also scans for weak passwords and forces users to create stronger ones. Since weak passwords are responsible for 81% of hacking-related breaches, this is an important feature.

Conclusion

Cyber threats are increasing, and UK businesses must take website security seriously. Using security plugins like Wordfence, Sucuri, iThemes Security, and All In One WP Security can help protect your WordPress site from hackers and malware. Regular updates and strong passwords also play a key role in keeping your site safe. By taking these steps, you can reduce the risk of cyber attacks and keep your website secure.

The post Best WordPress Plugins for Cybersecurity 2025 appeared first on IT Security Guru.

Symantec Demonstrates OpenAI’s Operator Agent in PoC Phishing Attack

0

Symantec’s threat hunters have demonstrated how AI agents like OpenAI’s recently launched Operator could be abused for cyberattacks. While AI agents are designed to boost productivity by automating routine tasks, Symantec’s research shows they could also execute complex attack sequences with minimal human input.

This is a big change from older AI models, which could only provide limited help in making harmful content. Symantec’s research came just a day after Tenable Research revealed that the AI chatbot DeepSeek R1 can be misused to generate code for keyloggers and ransomware.

In Symantec’s experiment, the researchers tested Operator’s capabilities by requesting it to:

  • Obtain their email address
  • Create a malicious PowerShell script
  • Send a phishing email containing the script
  • Find a specific employee within their organization

According to Symantec’s blog post, though the Operator initially refused these tasks citing privacy concerns, researchers found that simply stating they had authorization was enough to bypass these ethical safeguards. The AI agent then successfully:

  • Composed and sent a convincing phishing email
  • Determined the email address through pattern analysis
  • Located the target’s information through online searches
  • Created a PowerShell script after researching online resources

Watch as it’s done:

J Stephen Kowski, Field CTO at SlashNext Email Security+, notes that this development requires organizations to strengthen their security measures: “Organizations need to implement robust security controls that assume AI will be used against them, including enhanced email filtering that detects AI-generated content, zero-trust access policies, and continuous security awareness training.”

While current AI agents’ capabilities may seem basic compared to skilled human attackers, their rapid evolution suggests more sophisticated attack scenarios could soon become reality. This might include automated network breaches, infrastructure setup, and prolonged system compromises – all with minimal human intervention.

This research shows that companies need to update their security strategies because AI tools designed to boost productivity can be misused for harmful purposes.


Best Practices to Prevent Theft and Fraud

0

Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets and staying safe online.

The cryptocurrency market is changing and growing daily, with new coins created weekly. While the broader market is struggling with weak demand and remains at a critical juncture, Cardano’s ADA is among the top-performing altcoins.

The 8th largest cryptocurrency by market cap has made a breakout of the local support of $0.6638 and could test the $0.70 zone soon, according to U.Today. When discussing the bullish outlook for the ADA price prediction, it’s essential to understand that the Securities and Exchange Commission’s potential approval of Grayscale’s Cardano ETF filing can impact liquidity and trading volumes. 

Investors and traders aren’t the only ones interested in cryptocurrency. Hackers are thrilled with the idea of unregulated money, which opens new attack vectors and allows them to disappear, leaving no trace. ADA and other cryptocurrency transactions can’t be reversed, altered, or cancelled.

Once transactions have been written to the blockchain – in other words, confirmed – they become immutable. If threat actors get access to or transfer funds from a victim’s wallet, the money is lost forever. Neither transactions nor accounts are connected to real-world identities, so it’s easy for hackers to remain unidentified when they use cryptocurrency, 

Cyberattacks Are An Ever-Present Threat, And The Crypto World Is No Exception 

No threat facing the world has grown so fast, or in a way as difficult to understand, as the danger from cyberattacks. Investors and traders must understand that the inherent risk is increasing; cybercriminals are getting smarter, and their tactics are becoming more sophisticated. There are multiple types of cyberattacks where malicious actors take advantage of cryptocurrencies, such as: 

  • Ransomware: When ransomware occurs in the crypto space, malware encrypts files containing the victim’s private keys or digital wallet, making them unreadable. The attacker demands a ransom to provide the encryption key. As a rule, hackers demand payment in the form of cryptocurrency. Infection methods include phishing emails, malicious websites, and compromised accounts. 
  • DDoS extorsion: Threat actors blackmail crypto exchanges or blockchain networks by asking them to pay ADA or any other cryptocurrency to avoid their site or service being disrupted by a DDoS attack. The system may struggle to process transactions. Plus, legitimate users can’t connect to network resources.
  • Crypto hijacking: The computing power of a compromised device is used to mine cryptocurrency without the owner’s knowledge (Also called cryptomining). Smartphones, servers, and computers are vulnerable to crypto hijacking. Applications may be able to access data and information from the device or other applications. Unlike malware, control is camouflaged in the background. 

We Suggest These Steps To Secure Your Cryptocurrency 

Transfer Crypto From A Centralized Exchange To A Self-Custody Wallet 

If you wish to own Cardano’s ADA, you can choose from among the many crypto exchanges that provide this service. Of course, you must give priority to the security features. Otherwise, you risk losing your hard-earned savings. Crypto exchanges are some of the most targeted in terms of cyberattacks, and while most attempts by hackers have been successfully mitigated, there have been several reports of damaging attacks. Find a reliable exchange with strong security measures and strong DDoS prevention tools. 

Better yet, withdraw your funds to a secure wallet to stay in control of your assets. Due to the difficulty of effectively implementing safety measures, crypto exchanges can’t fully guarantee protection. Whether they call it withdrawing, sending, or transferring, crypto exchanges let you move your funds to a wallet that is compatible with the asset you’re relocating.

A self-custody wallet puts you in complete control of your cryptocurrency, so you must take full responsibility for the security. Lock your account when not in use to make it harder for others to access your account. 

Keep Safe Backups Of Everything 

No matter what type of wallet you use, having a backup of your data ensures quick recovery and minimizes information loss. Go to your wallet’s settings and select the backup option or the export keys option; encrypt your backups to protect against unauthorized access. If you lose your wallet’s private keys, you’ve permanently lost your cryptocurrency. Keep multiple backups on different devices, such as USB drives and paper, which aren’t prone to failure. This way, you have alternate recovery paths. 

When Dealing With Unsolicited Messages, Be Careful 

One of the most prevalent social engineering techniques, phishing, involves sending deceptive messages that seem to be from legitimate sources. Don’t reply without investigating. Most importantly, never confront the sender of a phishing message yourself because it could result in you being targeted specifically. The sender doesn’t even know if your number is active.

Refrain from opening attachments or clicking on links from unidentified sources even if the sender seems familiar, as you can potentially infect your phone. A phishing link can direct you to a website containing malicious code. You can always use a free site like VirusTotal to scan for malicious files and links before executing/opening them.

Replying to unsolicited messages increases the chances of receiving more spam, so you should block the number. It requires a few adjustments in your settings. Android phones allow for freedom when it comes to customization, so the process will vary from device to device.

Many phones have built-in options to filter out messages from unknown senders or mark texts as spam. Be cautious when sharing your phone number online with unfamiliar organizations because it exposes you to other social engineering-based tactics, such as pretexting, quid pro quo, or vishing. 

In Closing 

Cyberattacks have become increasingly targeted and complex due to sophisticated pieces of malware. Individual users are more vulnerable than ever before since hackers have adapted their strategies to exploit weaknesses in smart contracts, wallets, and decentralized finance (DeFi) platforms. As such, it’s necessary to take personal responsibility and protect yourself. Acquire new skills, expand your knowledge, and, above all, shift your perspective.

Image credits: Free Vector | Realistic cardano coin illustration


Popular Posts

My Favorites

LockBit Developer Rostislav Panev Extradited from Israel to the US

0
The US extradites LockBit ransomware developer, Rostislav Panev, from Israel. Learn how his arrest impacts the fight against cybercrime and understand LockBit’s devastating impact. The...