Monthly Archives: November 2022

Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what … Read More

Merriam-Webster has announced “gaslighting” as the 2022 word of the year. One definition of gaslighting is “to manipulate (someone) into believing that he or she is going insane or that his or her perceptions are false.” As you see, gaslighting … Read More

The phenomenon known as “quiet quitting,” in which employees become disengaged from their work while formally remaining in their jobs, can lead to serious security risks, according to Tim Keary at VentureBeat. Apathetic employees are more likely to make security … Read More

We’re excited to introduce a new way for your users to engage with KnowBe4 security awareness and compliance training anytime and anywhere with the KnowBe4 Learner App. And the best part? It’s available with all training subscription levels at no … Read More

It’s easy to think of the typical online holiday scam as something that affects mostly individuals. Sad, maybe, and unfortunate, but not something that might seriously threaten a business, or another organization.

A member recap of “Achieving Data Security and Analytics with AI” presented by Glendon Schmitz at (ISC)² Security Congress 2022. By Angus Chen, CISSP, CCSP, PMP, MBA Although “data is the new oil”, there are many problems with working on … Read More

Craig Hale at Techradar reported: “A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale. 

This statistic is alarming and underscores the importance of having a robust cybersecurity program in place. According to the Ponemon Institute, the average cost of a data breach is $3.8 million. This means that organizations need to do everything they … Read More

Here is a 3-minute article that we suggest you copy/paste and send to all your users as part of your ongoing security culture campaign.  “The holiday season is a time when people are especially vulnerable to scams. This is because … Read More

The following individuals were elected to the Board and will begin their three-year term in January 2023:  Laurie-Anne Bourdain, CISSP – Belgium   Edward Farrell, SSCP, CISSP – Australia   Nalneesh Gaur, CISSP-ISSAP – United States   Guy Ngambeket, CISSP – United Arab … Read More

Using the simplest tactic of not including a single piece of content that can be considered malicious, these types of scams are making their way to inboxes every single time.

Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real thing.

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to distribute malicious installers for legitimate applications, including TeamViewer, Microsoft Teams, Adobe Flash … Read More

New data focused on emails sent through Microsoft 365 highlights the methods used to ensure a successful attack beginning with a malicious email.

Researchers at Specops Software describe a technique attackers are using to bypass multi-factor authentication (MFA). In an article for BleepingComputer, the researchers explain that attackers repeatedly attempt to login to an account protected by MFA, which spams the user with … Read More

Researchers at Trellix revealed that phishing email attacks targeting users in the Middle East doubled in October 2022 ahead of the World Cup in Qatar, as reported by The Record. The end game of these attacks include financial fraud, credential … Read More

The aftermath of a ransomware attack last month demonstrates just how bad an attack can get when the cybercriminals don’t get what they want.

Akamai researchers have discovered a new phishing campaign that targets United States consumers with fake holiday offers, TechRadar reports. Fake landing pages created by threat actors attempt to steal victim’s credit card information.