Monthly Archives: July 2022

With record low unemployment, a tight labor market, and increasing customer demand, everyone says it is an employee’s job market out there. But it is getting tougher to get a real job and to hire a good employee these days. … Read More

Investigative reporter Brian Krebs reported today that U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein … Read More

We held our first-ever (ISC)² SECURE Singapore event earlier this month. The in-person event saw leading cybersecurity experts from around the region engaging in discussions around cybersecurity amid profound changes and disruption around the world, and a global workforce gap.  … Read More

Cryptocurrency investors have lost nearly $43 million to fraudulent cryptocurrency investment apps, according to the US Federal Bureau of Investigation (FBI).

Carey Lohrenz, one of the first U.S. female fighter pilots, will provide “Lessons in Leadership” as a keynote at (ISC)² Security Congress 2022. As a pioneer in military aviation, Carey broke barriers as the first female F-14 Tomcat Fighter Pilot … Read More

With so many Boards focused on operations, revenue, strategy, and execution, they completely are forgetting the simple fact that a single cyberattack can bring all that to a screeching halt.

At (ISC)² we are committed to positively impacting the cybersecurity industry in a big way. The board of directors and (ISC)² leadership is pleased to announce that we will provide free entry-level cybersecurity certification exams and self-paced educational program courses … Read More

The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years.

While multi-factor authentication (MFA) significantly reduces an organization’s threat surface by making the stealing of credentials much harder, a new attack takes advantage of phone calls as the second factor.

Researchers at Akamai have discovered a PayPal phishing kit that attempts to steal victims’ identities as well as their financial information. The phishing page looks identical to Paypal’s login page, and asks users to solve a captcha before entering their … Read More

When hiring managers onboard new cybersecurity staff, there is typically an expectation that some learning on the job will be necessary. This is certainly the case when new hires are entry- and junior-level practitioners. But when can you expect those … Read More

Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors … Read More

Microsoft Security recently released a report which detailed a widely successful phishing attack technique used against over 10,000 of its customers…a phishing attack that worked even if the customers were using supposedly super secure multi-factor authentication (MFA).

A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.

Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.

In less than 2 years, the most successful ransomware group to date has reached new levels of campaign and individual attack effectiveness, targeting over 160 industries worldwide.

You may want to be careful about clicking on a student loan forgiveness ad. The Tech Transparency Project reviewed the top Google searches with ‘student loan forgiveness’ and found almost 12% of the ads were showing potential malicious intent.

Scammers are continuing to abuse the QuickBooks tax accounting software to send phishing scams, according to Roger Kay at INKY.

The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions much easier than you would think. Using a regular looking phishing email, … Read More