Security Policies

Keep an eye out

Call To Experiences — Apr 2024

This article is designed to provide information about Celfocus’ security policies and discover more about what’s happening in the world of cybersecurity.

In this edition, we explore recent cybersecurity attacks that have impacted well-known companies worldwide, learn how to identify phishing emails by a challenge, and finally try to spot all the risks associated with not having a concern for the clean desk policy.

Recent Attacks and Lessons Learned

Info Stealers Target Stored Browser Credentials

A cybersecurity report by ReliaQuest underscores the growing threat of unauthorized credential access through browser credential dumping, constituting 21% of security incidents among its customers in 2023. The report notes a significant increase in stolen credentials advertised on Russian-speaking cybercrime markets and highlights the prevalence of session-hijacking via web cookies in 18% of credential theft attacks. These credentials were stolen largely due to users saving their passwords on their browsers, which is not a secure method. Source

At Celfocus we urgently advise against storing passwords in browsers to safeguard personal and company data. We strongly recommend you use Passwork, our secure password manager software, as a safer alternative. Passwork ensures encrypted password storage while maintaining user-friendly accessibility. Your commitment to this best practice enhances our collective defense against cyber threats, contributing to a more secure digital workspace.

If you are interested in knowing more about Credential Theft attacks, follow the link here.

Find the Phish

The objective of this challenge is to test your ability to identify phishing emails, which are a common tactic used by cybercriminals to gain unauthorized access to sensitive information.

In this challenge, we will present you with a series of different examples of emails you may get on a regular day and your task is to try to figure out if each email is ok to reply if you should delete it or contact the IT department for clarifications.

Can You Spot the Phish?

Clean Desk Policy - How secure is your workspace?

Are you up for the challenge? Take the test! We will go over our Clean Desk policy and your role is to discover what types of sensitive data are present.

Information Security Contacts

We have a dedicated Security team that works diligently to ensure the protection of our systems, data, and the overall cybersecurity posture of the organization.
Should you have any questions, concerns, or need assistance regarding security matters, our team is here to help. Please find below the contact information for our Information Security team: