If you don’t do your utmost best to ensure that your online store is safe to use, you could end up putting your customers in real danger. From their finances being stolen to their personal data being hacked into, any kind of trouble could befall your site’s users if you do not take cyber security seriously. Make sure, then, that you take it seriously!

When it comes to improving your online store’s cybersecurity measures, the following advice makes for essential reading.

Make your mobile payments safer

One of the most burgeoning e-commerce trends is mobile payment. As stated on Oberlo’s mobile shopping trends article, this is because this kind of transaction process prioritizes comfort, and it makes the buying process a whole lot simpler. You would be foolish not to grant your customers the opportunity to pay for things on your store via their mobile devices.

Allowing this kind of payment to take place does come with its fair share of drawbacks; however, the biggest one being that it isn’t always the safest form of transaction. This doesn’t mean that you can’t strengthen your mobile payment process, though. Some of the measures that you can and should put into place in this instance include:

  • Only ever using a trusted payment platform
  • Ensuring that your payment terminals are NFC-enabled
  • Encrypting your network to ensure sensitive information cannot be sent through it

Switch to HTTPS

In this day and age, if you continue to stick with the HTTP protocol, your online store will be a sitting duck for cyber criminality. If you’re serious about safety, you must switch to HTTPS.

Created initially to safeguard the particularly sensitive elements of e-commerce sites, such as the payment process, HTTPS is now used to protect whole websites. By embracing this protocol, you will be able to be sure that your visitors’ data will remain safe at all conceivable points.

Protect your Admin Panel

Your Admin Panel is the aspect of your store that is least difficult for cybercriminals to crack. All it takes is for you to set a weak password, and hackers can have a field day when it comes to accessing all of the data you store in the backend of your site.

To protect your Admin Panel, you need to:

If they were to encounter trouble with a cybercriminal while using your online store, you can be sure that your customers will not give you a second chance. They will lose trust in you instantly, and more than likely never return to you again — and they’ll tell everybody that they know to avoid your website in the future, too, for good measure. If you don’t take cybersecurity seriously, you could also even find yourself in hot water with the authorities. The impact cyber criminality could have on your online store is something you should want to avoid at all costs, which is why you must put all of the above advice into practice as soon as possible.

It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.

Continue reading

Baseball player getting to bat

According to 2017 reporting, Major League Baseball believed that the Boston Red Sox, at the time in first place in the American League East, used the Apple Watch to illicitly steal hand signals from opposing teams.  Allegedly, the Apple Watch was used to not only “steal” hand signals from opposing catchers in games using video recording equipment, but transmit the information likely to team trainers.  The theft of such information would help determine the type of pitch that was going to be thrown.  The recording of signals is strictly forbidden by league rules.

When it comes to targeting billion-dollar sports franchises, many would assume that cyber crime would be the foremost cyber actors behind the scenes.  Based on a 2015 report that estimated the professional sports market in North America to have an expected worth of $73.5 billion by 2019, it’s easy to see why.  Indeed, there have been several incidents where cyber crime operations have focused on professional sports teams.  In April 2016, the National Basketball Association Milwaukee Bucks players had their financial documents (player addresses, Social Security Numbers, and compensation) accidentally leaked due to a team employee falling victim to an e-mail scam.  The employee released players’ 2015 IRS W-2 documents to an emailer impersonating the team’s president. Also in 2016, a crippling TeslaCrypt ransomware attack impacted a NASCAR racing team.  An estimated $2 million worth of information was potentially lost prompting payment of the ransom to the criminals.

Continue reading

Cybersecurity podcast

In the past couple of years podcast are gaining popularity and are one of the easiest and most convenient way to learn the latest news and information.

Cybersecurity podcasts didn’t have a particular influence on the boom of podcast popularity as a whole, but there are still plenty of good shows that deserve your attention. Many IT people from simple observes to some of the biggest experts in the field have used this method to provide useful advices to the audience. Even some of the major enterprises are looking for the best cybersecurity podcasts to listen and take care for their IT infrastructure.

On CyberDB we have created a fresh list with some of the best podcasts related to cyber and information security. Check it out next time when you have some free time or even when you are stuck in traffic and want to learn something useful. These shows cover everything from simple endpoint and data security matters to comprehensive security operations and incidents. You are about to find a great range of topics, different opinions and anything that suits your listening needs. With so many great podcasts out there it’s impossible to feature them all in our list. Feel free to contact us if you want to share with us your favorite cybersecurity podcasts and include them in our list.

Continue reading

Bay Area Cyber Security Meetups 2018

Meetups are an amazing way to get together with people who share common interests. Of course, there are many websites that do the same, but nobody except Meetup has done something to help its’ users to meet offline as well. This platform brings individuals together and helps to create communities while having fun at the same time in a non-working environment. As a result, even the simplest ideas may become powerful movements when people are ready to share knowledge and improve their communication skills in real life, but not behind the PC. Most noteworthy, the moto of Meetup is to provide a way to explore your city, build your career and get creative.

Key benefits of Cyber Security Meetups:

  • Meetup helps you finding cool groups and events based on your current location
  • You can follow the local community or even organize events with a few clicks
  • It is a great way to meet people offline
  • Easy to advertise on and reach potential customers by promoting an event on Meetup
  • The user can distinguish between an ordinary member and an event organizer profiles
  • Meetup is useful for both individuals and companies

Therefore, the website can be quite useful for people with similar backgrounds who want to create new contacts and expand their network. It is very important especially among professionals in Information Technology and especially the Cyber Security industry. Cyber Security Meetups are becoming a very popular way for such professionals that usually work and live in the Bay Area. If you are one of them or just have some interest in the Cyber Security here is the list.

Continue reading

Recently, the U.S. Federal Trade Commission (FTC) is investigating whether Facebook, Inc. used personal data by an analytics firm associated with the Trump campaign.  Specifically, the FTC is trying to determine if the company violated terms of an earlier consent decree when 50 million users’ data was transferred to  Cambridge Analytica, a data and media consultancy firm.  To date, Cambridge Analytica has been accused of misrepresenting the purpose of some of its data mining, which yielded something like 30 million Facebook profiles it could comb for data.  This calls into question how consumer information is shared with other entities, particularly when consent was not provided.

 

Social Media & GDPR

 

This revelation has called into question how social media sights harvest the personal information from their platforms.  As one article pointed out, “Some large-scale data harvesting and social manipulation is okay until the election. Some of it becomes not okay in retrospect.”  This is indeed troubling in a time when personal information is constantly used by malicious actors for monetization purposes or used in support of the conduct of other operations (e.g., social engineering, spam, phishing, credential theft, etc.).  A recent report by a content marketing agency revealed that Facebook logins can be sold for USD $5.20.  Such access provides a criminal to a compromised individual’s contact list to target other individuals.  According to the same report, an individual’s entire online identity – to include personal identifiable information and financial accounts – could be sold for USD $1,200.00.  After initially denying the claim, Facebook acknowledged the breach and promised to take action.

Continue reading

Tallinn 2.0 May Be More Useful Than Its Predecessor

In early February 2017, Tallinn Manual 2.0 was published by Cambridge University Press.  Led by the NATO Cooperative Cyber Defence Centre of Excellence, publication of the initial Tallinn Manual occurred in 2013 and focused on the applicability of international law to conventional state-authorized and operated cyber warfare.  Authored by a group of international law experts, the recent follow-up focuses on a full spectrum of international law as applicable to cyber operations conducted by and directed against nation states, ranging from peacetime legal regimes to the law of armed conflict.

Continue reading

The Cyber Coordinator: Let the Dog Bite

Former New York Mayor Rudy Giuliani has been tapped to be the President’s new “cyber security czar.”  The appointment has been met with trepidation among those in the information security business who point out Mr. Giuliani’s lack of expertise in anything cyber-related, despite being Chair of the Cybersecurity, Privacy and Crisis Management Practice at a Miami-based law firm and advising companies on information security since 2002.  In fact, critics cite recent reporting revealing that passwords used by Giuliani and 13 other top staff members have been leaked in mass breaches of websites like LinkedIn, MySpace, and others between 2012 and 2016.

Continue reading