Monthly Archives: October 2022

Britain’s data watchdog has fined major construction group Interserve with a £4.4m fine. This was due to a cyber attack stole personal and financial details for over 113,000 employees and the company failed to stop the attack.

University student accounts are being exploited for business email compromise. Researchers at Avanan have observed a rise in attacks that compromise legitimate college student accounts in order to carry out business email compromise (BEC) attacks. “In this attack,” the researchers … Read More

As cyberthreats continue to make daily headlines, the need for security experts is at an all-time high. Yet talent is scarce. Research shows the cybersecurity workforce needs an influx of 2.7 million professionals to meet global demand. Near limitless job … Read More

A reminder to all (ISC)² certified members in good standing as of October 2, voting is now open for the amendments to the (ISC)² Bylaws. Any individual who has earned an (ISC)² certification and is an active member in good … Read More

In an interesting twist, this latest scam identified by security researchers at Avanan attempts to establish legitimacy by making the victim think the logon page is being translated.

The king of callback phishing campaigns has evolved their methods to include better phishing emails, phone call scams, and final payloads to ensure they achieve their malicious goals.

Ransomware derails big businesses as the Australian cyberattack spree and student loan forgiveness scam highlight a disturbing week in the cybersecurity world. Here are the latest threats and advisories for the week of October 21, 2022. Threat Advisories and Alerts … Read More

Ransomware derails big businesses as the Australian cyberattack spree and student loan forgiveness scam highlight a disturbing week in the cybersecurity world. Here are the latest threats and advisories for the week of October 21, 2022. Threat Advisories and Alerts … Read More

This Cybersecurity Awareness Month we are looking at three sides of mentorship from the mentor’s perspective, the mentee’s insights and reverse mentorship. Follow along with us though this three-part interview series highlighting member perspectives from varying industries. In this first … Read More

A phishing campaign is impersonating the US Social Security Administration (SSA) in an attempt to steal Social Security numbers, according to researchers at INKY.

Compliance training is often seen as a chore that organizations need to just get through. That said, compliance cannot simply be ignored. A recent report from software firm GlobalScape found that organizations lose an average of $4 million in revenue … Read More

The cybersecurity field has become larger than ever, but as the ranks of cybersecurity professionals increase, so does the workforce gap. The 2022 (ISC)² Cybersecurity Workforce Study reveals the workforce has grown to 4.7 million, an 11% increase from a … Read More

Many developing countries lack the resources to secure valuable information and data effectively. To strengthen cyber defenses in these economies, additional cybersecurity professionals are needed – with the right skills and knowledge – to defend critical assets.   Understanding the … Read More

Researchers at Trellix warn of phishing attacks targeting election workers in advance of the US midterm elections. These attacks spiked ahead of the primary elections in Arizona and Pennsylvania earlier this year, and the researchers expect this trend to continue … Read More

The Metaverse, while still a concept at the moment, consists of the possibilities that arise when you combine the advances and affordability in extended reality (XR) space with the decentralized nature and composability of Web3, crypto assets, decentralized finance (DeFi) … Read More

The UK Cyber Security Council, the self-regulatory body for the UK’s cyber security profession, today announced the commencement of a pilot project to award professional standards titles to cybersecurity professionals, up to Chartered status. (ISC)² is one of two bodies, … Read More

With ransomware attacks becoming more frequent, evasion getting more sophisticated, and ransoms increasing, new data shows organizations aren’t fighting for staff and budget.

This new credential harvesting scam impersonates a real U.S. Government COVID-related grant program to harvest credentials and personal details using a blatantly obvious google form.

The South Africa Post Office (SAPO) recently warned customers of phishing emails to portray the post office. These cybercriminals are asking for outstanding customs fees that require online payment.