Predictions & Challenges for 2025

By |2025-01-09T16:28:48-05:00January 9th, 2025|

What cybersecurity issues and challenges are being predicted for 2025? Here are some links to recent articles published by experts: Cybersecurity Predictions for 2025: Challenges & Opportunities (National Cyber Security Alliance)  4 Cybersecurity Trends to Watch in 2025 (Cybersecurity Dive)  Predictions for 2025 and Beyond (Cyber Security Defense Magazine) The Top 25 Security Predictions for [...]

Cybersecurity Risks to Water and Wastewater Systems

By |2024-12-16T11:15:27-05:00December 16th, 2024|

The Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) published a fact sheet providing mitigations and resources for the Water and Wastewater Systems (WWS) Sector using human machine interfaces (HMIs) to limit exposure on the internet and secure them against malicious cyber activity. HMIs enable operational technology owners and operators to [...]

Payroll Pirates Target Workday & HR Portals

By |2024-12-12T18:03:32-05:00December 12th, 2024|

Analysts began monitoring a phishing scam known as “Payroll Pirates” that involves payroll redirection and primarily targets employees of various organizations, particularly those using Workday. The threat actors use malicious SEO poisoning and spoofed Human Resources (HR) pages to trick victims into providing employee portal credentials. Once they gain account access, they change banking information [...]

End of the Year Backups

By |2024-12-12T17:49:20-05:00December 12th, 2024|

One of the best ways to protect your data and files is to make sure you are backing up your systems frequently and that your backup is stored securely offline.  Read more in this article published by the NJCCIC Backups the Cure for Viral Cyber Infection.  

Holiday Threats & Scam Warnings

By |2024-11-27T14:19:12-05:00November 27th, 2024|

Beware of the Latest Cyber Threats Targeting You This Holiday Season The holiday season presents an attractive target for financially motivated cybercriminals who seek to exploit online retailers and shoppers. Despite the challenges posed by high inflation rates, the National Retail Federation (NRF) predicts a three to four percent increase in retail sales for the [...]

TrickMo or Treat: Stealing Android PIN numbers & patterns

By |2024-12-12T17:49:39-05:00October 17th, 2024|

Security researchers have uncovered the newest tricks in TrickMo’s playbook. The latest variant of TrickMo can steal a user’s device PIN or pattern. This new feature also allows threat actors to use the device while it is locked. The malware shows an HTML page displayed in full-screen mode, designed to replicate the Android unlock screen. [...]

Google Chrome Vulnerability

By |2024-08-23T17:07:09-04:00August 23rd, 2024|

NJCCIC ADVISORY: Aug. 23, 2024CCIC Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, [...]

NJ Pension Plan “Help” Scams

By |2024-08-08T16:32:55-04:00August 8th, 2024|

NJCCIC Bulletin: August 8, 2024 Pension Plan Help Scams Threat actors continue to target pension plans and use social engineering tactics to initiate contact and appear legitimate. They may contact their targets by email, phone, text message, social media, or online advertisements and falsely claim to offer a “free” review of their pension plan savings [...]

Google Android OS Vulnerability Warning

By |2024-08-07T16:39:18-04:00August 7th, 2024|

NJCCIC ADVISORY: August 7, 2024 Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow [...]

Global IT Outage Presents Social Engineering Threat

By |2024-07-25T14:35:21-04:00July 25th, 2024|

Global IT Outage Presents Social Engineering Threat Published in the 7/25/24 NJCCIC Bulletin In the early morning of Friday, July 19, a Windows update pushed by CrowdStrike to its customers contained a defect that caused widespread global IT outages. Cyber threat actors attempt to capitalize on this event in social engineering campaigns. These cyber threat [...]

Go to Top