W tym tygodniu doszło do publikacji dużego zbioru danych wykorzystywanych do logowania przez polskich użytkowników. W ramach tego wycieku udostępniono ponad milion unikalnych rekordów z loginem oraz hasłem do różnych stron. W związku z tym jednostki odpowiedzialne za cyberbezpieczeństwo w Polsce, w tym CERT Polska, podjęły odpowiednie działania w celu ograniczenia skutków tej sytuacji.

Nasza Lista Ostrzeżeń obchodziła w tym roku swoje trzecie urodziny. W tym czasie udało nam się ograniczyć skutki wielu różnych kampanii phishingowych celujących w polskich użytkowników Internetu. W odpowiedzi na zmieniający się krajobraz zagrożeń postanowiliśmy wprowadzić parę zmian w działaniu naszej listy, które pozwolą nam lepiej chronić użytkowników. Zapraszamy do zapoznania się z proponowanymi zmianami oraz podzielenia się swoją opinią.

Wakacje to czas wyjazdów przede wszystkim dzieci i młodzieży. Poza domem nietrudno o pechowe przygody z telefonem, takie jak zagubienie czy zniszczenie smartfona. Jeśli dziecko znajdzie się w takiej sytuacji, dość prawdopodobne jest, że będzie się kontaktować z rodzicami z innego numeru i na tym właśnie opiera się schemat opisywanego przez nas oszustwa. Bądźcie ostrożni i sprawdźcie zamieszczone przykładowe wiadomości wysyłane masowo przez cyberprzestępców!

25 sierpnia została ogłoszona ustawa z dnia 28 lipca 2023r. o zwalczaniu nadużyć w komunikacji elektronicznej (Dz. U. poz. 1703)

W CERT Polska stale pracujemy nad narzędziami które poprawiają bezpieczeństwo użytkowników internetu w Polsce. Właśnie dlatego stworzyliśmy serwis bezpiecznapoczta.cert.pl, którego celem jest ochrona użytkowników poczty elektronicznej i ułatwienie instytucjom sprawdzenia poprawności konfiguracji mechanizmów podnoszących jej bezpieczeństwo.

Rok 2023 to kolejne działania CERT Polska poprawiające bezpieczeństwo polskiego internetu. Jednym z zainicjowanych w tym czasie projektów był Artemis. Dwanaście miesięcy działania dało imponujące efekty - przeskanowaliśmy ponad 50 tys. domen i adresów IP, odkrywając blisko 180 tys. podatności lub błędnych konfiguracji.

Zespół CERT Polska oraz Służba Kontrwywiadu Wojskowego wraz z zagranicznymi partnerami wykryły, że Rosyjska Służba Wywiadu Zagranicznego (SVR) wykorzystuje podatność CVE-2023-42793 (w JetBrains TeamCity) do szeroko zakrojonych działań, skierowanych przeciwko podmiotom wytwarzającym oprogramowanie.

W aplikacji eWeLink firmy CoolKit Technology wykryto podatność pozwalającą na ominięcie ekranu blokady (CVE-2023-6998).

Jednym z kluczowych wyzwań związanych z europejskim cyberbezpieczeństwem jest zależność od danych pochodzących z krajów spoza UE. Projekt FETTA (Federated European Team for Threat Analysis, pol. Europejski Zespół Analizy Zagrożeń) ma na celu rozwiązanie tego problemu poprzez utworzenie międzynarodowego zespołu opracowującego produkty i narzędzia z zakresu Cyber Threat Intelligence (CTI).

W ostatnich tygodniach zespół CERT Polska obserwuje wzmożoną kampanię ataków z użyciem szkodliwego oprogramowania Balada Injector, które infekuje strony oparte na WordPressie korzystając z podatności w niektórych popularnych wtyczkach.

W aplikacji iZZi connect firmy INPRAX wykryto podatność polegającą na możliwości odczytania zaszytych na stałe w kodzie aplikacji danych dostępowych (CVE-2024-0390).

Za nami 27. edycja konferencji Secure. Były to dwa dni wypełnione wiedzą i ważnymi dyskusjami, ale także znakomita okazja do nawiązania kontaktów z innymi specjalistami z dziedziny cyberbezpieczeństwa. Przestrzeń naszej konferencji to miejsce, w którym mogą się spotkać różne spojrzenia, podejścia i aspekty (cyber)bezpieczeństwa.

CERT Polska obserwuje złośliwą kampanię e-mail prowadzoną przez grupę APT28 przeciwko polskim instytucjom rządowym.

CERT Polska wydał rekomendacje w związku z obserwowaną zwiększoną liczbę ataków na przemysłowe systemy sterowania (ICS/OT) dostępne bezpośrednio z internetu.

DNS4EU to element strategii cyberbezpieczeństwa opublikowanej przez Komisję Europejską. Celem projektu jest wprowadzenie prywatnego i bezpiecznego publicznego resolvera DNS w ramach Unii Europejskiej, co przyczyni się do budowania niezależności w obszarze usług cyfrowych.

W oprogramowaniu MegaBIP wykryto kolejną podatność typu SQL Injection i nadano jej identyfikator CVE-2024-6160.

We wtyczce AdmirorFrames do platformy Joomla! wykryto 3 podatności różnego typu i nadano im identyfikatory CVE-2024-5735, CVE-2024-5736 i CVE-2024-5737.

W oprogramowaniu MegaBIP wykryto kolejną podatność typu SQL Injection i nadano jej identyfikator CVE-2024-6527.

W ramach badań własnych CERT Polska znalazł 2 podatności (CVE-2024-3798 oraz CVE-2024-3799) w otwartoźródłowym projekcie Phoniebox.

Zespół CERT Polska zaobserwował w ostatnich tygodniach nowe próbki złośliwego oprogramowania na urządzenia mobilne "Joker" w Google Play Store wycelowane między innymi w polskich użytkowników.

(EMAILWIRE.COM, October 23, 2024 ) The Asset Performance Management Market is expected to grow from USD 1.91 billion in 2024 to USD 3.19 billion by 2029 at a Compound Annual Growth Rate (CAGR) of 10.8% during the forecast period. A need for optimizing cost efficiency will boost the growth of the...

They say a picture is worth a thousand words. net - Simplyukgadgets. gadgets with SearchTwice. Here's one to the kid that never finishes anything! ...

Simply UK Gadgets, Simplyukgadgets Forums. Com for full links, ... Simply UK Gadgets - Simply UKGadgets will be back shortly. ...

Simply UK Gadgets - Simply UKGadgets will be back shortly. Next All feed content are property and copyright of their relative owners. net - play free casino ...

Looking input device for simply uk gadgets - Find EXACTLY what you are looking ... Simply UK Gadgets - New Siemens SX1 With Laser Keyboard Comments: ...

Like anything in life, being an entrepreneur has its ups and downs, it has good and bad points. I happen to think the good far outweighs the bad, but not a few people disagree or learn about the bad the hard way.

complete article

From Silicon Valley to Silicon Alley, mind-numbing startup jargon is stopping for no one. It winds up in TED Talks, pitch meetings and every tech journalist’s inbox in between.

complete article

Every business owner should be forecasting sales. You may use actual numbers if you have historical financial records. But what do you do if you have nothing to refer back to? You will need to determine how many potential customers are there and how many of these potential customers are likely to buy from you, decide the average sale per customer, and then project this out for the year.

complete article

When small business owners think about getting involved in SEO, they often become intimidated (or frustrated). They see massive corporations and large businesses dominating the search engine world, and it is no secret why they are able to. They have access to tens of thousands of dollars (or more) to spend on online marketing, a highly talented full-time staff to oversee campaign management, and perhaps most importantly, they have been around for years, so they have had time to cement their authority in their respective niches.

complete article

Moving into a new city or job can be daunting, the hassle of finding accommodation, the stress of moving personal items and most especially the people or city accepting someone new might not be pleasing.

The same applies to small businesses that are launching into an industry ridden with bigger competitors. For an SMB, finding a niche can be time-consuming but rewarding on the long-term.

In the article below, I will be sharing 4 effective marketing strategies for SMBs against bigger competitors.

complete article

It is generally assumed that millennials are seeking jobs in coastal cities — New York, San Francisco, Los Angeles.

But new data from Indeed.com shows that millennials looking to work for small businesses are actually narrowing their searches toward inland cities.

Cities Where Millennials Want to Work for Small Businesses
In fact, when identifying metro areas where millennials are most often looking for work at small businesses. Oklahoma City topped the job board’s list, not L.A. or New York.

This is the latest crop of data looking at generational trends among job seekers.

complete article

The topic of emotional intelligence (EQ) continues to dominate leadership conversations. Rightly so. However, in a Harvard Business Review (HBR) article that highlighted research by Daniel Goleman and Richard Boyatzis (experts on the topic), EQ is only the beginning.

Whereas EQ has an emphasis on individual psychology, there is a more relationship-based version called social intelligence. Social Intelligence, as defined by Goleman and Boyatizis, is a set of interpersonal competencies built on specific neural circuits and responses that inspire others to be effective. In other words, based on neuroscience and biology, there are certain leadership behaviors that elicit positive emotional responses in your team members.

complete article

When looking for one of the best jobs of the future, two considerations will be crucial: what jobs are well-paying, and what jobs will expand dramatically in the next decade?

Jobs in healthcare and tech tend to tick both boxes.

The US Bureau of Labor Statistics recently released its biennial projections for job growth across hundreds of occupations between 2016 and 2026.

We took those projections and combined them with BLS estimates of the 2016 median annual earnings of those jobs -- using the geometric mean of the two numbers -- to come up with a ranking of the best jobs of the next decade.

To focus on good, high-paying jobs, we restricted our list to those with salaries higher than the 2016 median annual wage of $37,040.

complete article

Recently, I was asked to take over an existing project. And, like most people, my first inclination was to feel completely intimidated and overwhelmed.

This assignment -- along with its longstanding processes and its related team members -- was all brand new to me. And, if that wasn't enough to have me breathing into a paper bag, managing this project also required me to branch out and exercise some skills that I had previously left untapped.

My chest gets tight at the very thought. Can you relate? Being asked to take on a new work endeavor is a great thing (hey, you must be doing something right!). But, it can also plant plenty of seeds of self-doubt.

Fortunately, this recent experience opened my eyes to some better, more productive things you can do when you're tasked with a new project -- aside from just panicking.

complete article

Minimum wage increases in states across the country are helping drive up wages, although the rate of job growth at small businesses has slowed down, according to payroll giant Paychex.

The Paychex | IHS Markit Small Business Employment Watch, which Paychex compiles with the research firm IHS Markit, ended the year with a decline in small business job growth, but with wages higher compared to the previous year. The Small Business Jobs Index slipped to 99.70 in December, down 0.16 percent for the month and 0.78 percent for the year.

complete article

Enhance The Customer Experience

The term user experience or UX is often used in the context of web design, with the idea that features must be designed with the end user in mind. Customer experience or CX includes UX but also encompasses every touchpoint that customers have with your business.

complete article

Salesforce may derive a grand majority of its revenue from large customers employing 1,000 or more people. But it reached out this week to the smallest of small businesses -- 20 employees or less -- with the release of Salesforce Essentials.

The new suite of Salesforce small business cloud tools, which manage both sales and customer service/support, will replace current offerings Desk.com and SalesforceIQ. The company will retire those in 2020.

complete article

Custom handmade surf tumbled sea glass and tumbled stone designs, jewelry, hair clips and ornaments. #seaglass #tumbledstones #jewelry #handmade #homemade #dejavudesigns #smallbusiness #smallbiz #stonejewelry #seaglassjewelry

A new report is saying that almost half of people recently hired (41%) used an online job board to find work and 61% flagged automatic job alerts as helpful. What is more, a full 14% found their present job using social media. The findings from How Do People Find Jobs? published by the B2B research firm, Clutch, highlights how today’s candidates are connecting with small businesses and vice versa.

complete article

The standards for small business success have unquestionably gone up. Todays small businesses must do a lot more to stay competitive than their predecessors. Myriad businesses, however, take this notion a bit too far. Once they discover yet another resource or strategy with the potential to elevate their success, they jump all over it. This is partially due to the many online articles urging business leaders to devote more effort to virtually every element of their businesses.

complete article

Here are three popular things that are actually not mandatory for all small businesses:

1. Aggressive Marketing

It is easy to go overboard with marketing. With so many tools available, your gut instinct is to try anything with the slightest potential. Even if you stand to lose money, you want the assurance of knowing you are doing everything you can to gain the interest of your target audience. And it is difficult to ignore a marketing tool that has worked marvelously for other small businesses. If they had to do it all over again, these businesses would likely spend 10% of their time developing their products or services and 90% marketing them.

complete article

One thing brands should never do.

But it leads to something no brand should ever do: You should never assume that your customers feel the same way about your brand that you do. Your brand is how other people feel about your company, not how you feel about it.

complete article

If you run a small business for a long time, you will probably need to navigate through a lot of major changes. Members of the online small business community are very familiar with these shifts. From getting started to deciding when to retire, here are some valuable insights for making big changes in your business.

complete article

The loyalty to the series clearly inspired a smart pitch, because it didn't take long for the Sharks to warm up to the idea. Plus, offering cold beers in customized Kanga coolers didn't hurt.

complete article

Small business pay checks are growing at a fast pace as job gains slow

complete article

The law of the jungle states, in evolutionary terms, that only the fittest survive. Before you can effectively brand an organization, you need to understand its clients/customers/donors/community and its competitors. In the marketing world, this is called a landscape analysis.

Often, companies — especially startups and nonprofits — will say they do not have competitors. Let me get this out right away: Everyone has competitors. Even nonprofits. If you think you do not have competitors, that means you don’t understand what a competitor is. A competitor is any person or organization taking business away from you.

Practice Your On-Camera Speaking Skills
Nothing is worse than having a boring presenter be it in person or on camera. Just like public speaking, presenting on camera is a learned skill anyone can achieve if they have the right guidance. Here are 10 tips to speaking on camera

Dress to Impress
Even though no one can see what you are wearing below the computer desk, you want to suit up.

Use the 8% Rule
As Michael, the CEO of Teambuilding explains Any Zoom meeting should have at least 8% of its time dedicated to non-meetings activities.

Recovery is slow: In fact, more than half (56%) have experienced a slower recovery than expected after shelter-in-place orders began to expire, with nearly half of small business owners fearing they may need to shutter their business within six months if pandemic restrictions are not lifted or if shelter-in-place orders resume in the near-term.
    
Survival requires adaptability: Yet despite fear of survival, owners are demonstrating resiliency and adaptability, with about a third (30%) creating products/services to meet new needs and half (50%) of those with an online presence increasing their digital footprint to meet the moment. And, they’re looking for help in making those changes – nearly 70 percent of female and 60 percent of male small business owners say they need one-to-one small business advice.

They depend on their community: While small businesses continue to be important facets of communities, many small business owners have noted changes in their customers and worry that people will not be able to afford doing business with them. However, half of small business owners believe that there seems to be a renewed interest in shopping locally in their area.

The former vice president won the top job, but undoing Trumps discordant legacy will not be easy.

Many of the elements of Trumps biggest legislative achievement--the Tax Cuts and Jobs Act (TCJA) of 2017--are set to expire in the next few years. To name two: the research and development tax credit, which in 2022 requires businesses to amortize expenses over five years rather than doing so immediately, as is the current case. And full expensing for short-term business investments will begin phasing out in 2023.

A survey of small businesses conducted by Appalachian State University in coordination with Selective found that cybersecurity and technology issues were growing concerns for 44% of survey respondents due to the COVID-19 pandemic. Yet, only 20% of survey respondents have cyber insurance coverage.

The findings highlight an awareness gap among small businesses about the risks they face from cybercrime. Twenty-eight percent of data breaches impact small businesses, and phishing attacks account for over 30% of breaches, making them the biggest cyber threat for small organizations.1 Cyber coverage from Selective can help small businesses manage and mitigate risks with comprehensive coverage options and cyber threat education.