Monthly Archives: July 2022

It’s been 23 years of celebrating all of our fellow System Administrators! Your hard work on daily maintenance of your company’s day-to-day computer operations definitely deserves kudos.

Tech giants, major cybersecurity companies, cryptocurrency scams, and remote work fraud are in the news this week. Here are the latest cybersecurity threats and advisories for the week of July 28, 2022. Threat Advisories and Alerts Liquidity Miner Scam Robs … Read More

Check out the thirteen new pieces of training content added in July, alongside the always fresh content update highlights and new features.

Malicious USB keys have always been a problem. There is almost no professional penetration testing team that does not drop a handful of USB keys outside of any targeted organization and see success from employees plugging them in and opening … Read More

Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials are the longest data breaches to identify and contain.

New research from IBM shows four reasons why phishing attacks are still effective and remains the primary attack vector in 41% of cyberattacks.

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and then sending malware through LinkedIn messages.

A new attack uses one brand email domain to increase the chances of reaching an Inbox, while spoofing another brand to trick users into transitioning to a vishing attack.

Using a simple email containing a voice mail attachment, an ingenious phishing attack captures credentials while keeping track of the domains being attacked.

KnowBe4’s latest quarterly report on top-clicked phishing email subjects is here. We analyze ‘in the wild’ attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, and top attack vector types.

Do you know your organizations true security risk and where to prioritize your resources? A new report from Palo Alto Networks sheds some light on these questions and shows multiple insights on incident response work from security teams.

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that nine percent of all phone calls received by organizations are unwanted, and nearly half of these … Read More

On July 19, National Cyber Director Chris Inglis hosted the National Cyber Workforce and Education Summit at the White House. The event focused on “improving skills-based pathways to cyber jobs, educating Americans” and finding solutions for bridging the cyber workforce … Read More

Researchers at Malwarebytes warn that a large malvertising campaign is exploiting Google ads to redirect users to phishing sites.

We all know that big brands can be exploited by bad actors in order to execute successful phishing attacks. Now a new study is showing phishing attacks leveraging big brands Microsoft and Facebook as the top abused brands.

Just when you thought scammers couldn’t get more tricky in their attacks, this example will prove you wrong.

The Colonial Pipeline ransomware attack of 2021 put infrastructure operators on notice that they were directly in the crosshairs of big ransomware gangs. The reaction of law enforcement seems, however, to have also put the gangs on notice that their … Read More

At the last few conferences I have attended and spoken at, including our own KB4-CON 2022, I noticed a question that many people have struggled with for years rearing its ugly head again.

Cryptocurrency risks, Russian cyberattacks, and North Korean ransomware make headlines this week. Here are the latest cybersecurity threats and advisories for the week of July 21, 2022. Threat Advisories and Alerts Cybercriminals Defraud US Investors with Fake Cryptocurrency Apps Mobile … Read More