Monthly Archives: August 2022

The Small Business Cybersecurity Act, S.4701 has been introduced by U.S. Sen. Maggie Hassan, D- N.H. Designed to bolster small businesses’ cybersecurity by providing funding to Small Business Development Centers. In 2020, Senator Hassan worked to secure federal funding to … Read More

Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers believe the attack was carried out by an initial access broker with the … Read More

By Jagadish Paranthaman, CISSP, Global Cybersecurity Solutions Architect at Avanade Zero Trust is a cybersecurity model centered around an end-to-end approach for resource and data protection with a principle not to trust completely but conduct continual verification. Zero Trust assumes … Read More

Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.

Cyberattacks via SMS messaging are on the rise, and are having such an impact, the Federal Communications Commission has released an advisory on Robotext phishing attacks (or smishing).

Cyberattacks hit global companies, critical vulnerabilities discovered in top tech products and the top malware strains of 2021 make headlines this week. Here are the latest cybersecurity threats and advisories for the week of August 12, 2022. Threat Advisories and … Read More

Researchers at Trend Micro warn that a SolidBit ransomware variant is being distributed via fraudulent software targeting video game players and social media users. The malware is being packaged with a fake League of Legends account checker and an Instagram … Read More

Newer phishing scams are looking for ways to make legitimate websites do the work of delivering malicious messages to unsuspecting victims – this new scam achieves it perfectly.

New data shows that not only are email-borne threats increasing, but that current integrated cloud email security solutions do little to detect and stop advanced email-based threats.

Initial Access Brokers (IABs) are one of the new breeds of cybercrime services. But this newest PhaaS platform makes it easy for anyone to target banks for as little as $50 monthly.

Build confidence for exam day or expand your knowledge by attending Official (ISC)² Pre-Conference Training the weekend ahead of (ISC)² Security Congress. Participate by arriving in Las Vegas a couple of days early or maximize your time by joining in … Read More

North Korea’s Lazarus Group is running a new phishing campaign targeting Coinbase accounts, BleepingComputer reports. The threat actors are posing as Coinbase and targeting people with phony job offers for “Engineering Manager, Product Security.” The phishing emails contain an executable … Read More

This article is a good technical overview of DNS that can help you prevent spoofing. This is a cross-post from the EasyDMARC blog, a new KnowBe4 Ventures portfolio company. 

In late 2021, the Open Web Application Security Project® (OWASP®) Foundation released a revised list of the 10 most critical security risks to web applications. The OWASP Top 10 list is the foundation’s flagship project for guidance on securing web … Read More

If you’re a Coinbase user, you are most likely the next target of a new phishing campaign. Cybercriminals have managed to infiltrate two-factor authentication and deploying other social engineering strategies with the crypto currency exchange platform.

Cybercriminals are out there, watching and waiting for the perfect opportunity. They are gathering information about your organization and users, devising the perfect plan to infiltrate your defenses.

TradeArabia has published a report about common scams on CashApp, explaining that scammers frequently take advantage of CashApp promotions, like the weekly money giveaway, “Super Cash App Friday.” The scammers will impersonate CashApp and message users over social media, telling … Read More

On July 21, The National Institute of Standards and Technology (NIST) published revised Special Publication 800-66, “Implementing the [HIPAA] Security Rule: A Cybersecurity Resource Guide,” and is accepting comments on the revised draft guidance until September 21.  (ISC)² is encouraging members with expertise in this … Read More