New data polled from analysts and members of the retail industry about their security focus is this holiday season reveals the kinds of attacks every organization should be preparing for.
Monthly Archives: November 2022
Over One-Third of Companies Who Pay the Ransom are Targeted for a Second Time
Despite the somewhat logical notion that once you’ve paid the ransom, the attack is over, new data shows that paying the ransom doesn’t help you anywhere near how much you think it does.
2022 Black Friday and Cyber Monday Scams
In years gone by, Black Friday was a 24-hour rush to the shops (you remember those places with actual people and merchandise that you could touch) where there was a set time for you to grab a bargain. People arrived … Read More
Are Deepfakes Really a Security Threat? – Member Recap from (ISC)² Security Congress 2022
A member recap of Dr. Thomas Scanlon’s session at (ISC)² Security Congress 2022 by Angus Chen, CISSP, CCSP, MBA, PMP. Dr. Scanlon started his talk by showing images of women and posing a question to the audience: Can you spot … Read More
Discover 5 Major Threats to Your Digital Supply Chain and How to Reduce Your Vendor Risk
You’ve heard that vendor dependencies are ripe for malicious abuse and you have read the stories where vendors were used to exploit and infiltrate their customers. Your organization’s data is a valuable asset to its success, but this means it … Read More
Latest Cyberthreats and Advisories – November 18, 2022
Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on … Read More
Cyber Insurance Rates Begin to Stabilize as Insurers Gain Better Insight into Cyberattacks
The latest data shows that historically massive rate increases seen over the last few years are beginning to come down, primarily due to insurers having a solid understanding of the risk.
Ransomware Attacks on UK Organizations are Not Being Reported Enough, Clouding Impact
A new report from the UK’s National Cyber Security Center highlights the current state of threats in the UK, with particular focus on ransomware attacks and their impact.
Valid Accounts Rank as the Top Initial Access Infection Vector, Putting a Spotlight on Credentials
As ransomware, business email compromise, and phishing attacks continue to escalate, new data sheds light on where organizations need to focus to help put a stop to attack success.
Phishing Attacks Misuse Microsoft Dynamics 365 Customer Voice Functionality to Hide Malicious Links
Leveraging a legitimate feature of Dynamics 365, threat actors are able to obfuscate the malicious nature of the email within content that naturally requires user interaction.
Watch Out For This Tricky New Tactic Called Clone Phishing
Researchers at Vade Secure describe a type of phishing attack dubbed “clone phishing,” in which attackers follow up a legitimate email from a trusted sender with a replica, claiming that they forgot to include a link or attachment.
Holiday Package or Scam Message? Clickers Beware
As we enter the holiday season, we start getting bombarded with amazing offers and often take advantage of not only grabbing ourselves a bargain, but also stockpiling gifts for friends and family. During this time, not a day goes by … Read More
OT: The New Gold Mine for Hackers and How CDS Can Secure It
By Dr. Fulvio Arreghini, CSSLP, Head of International Sales at INFODAS GmbH. Fulvio is a CDR of the Italian Navy (reserve). He has an Master Degree in communication engineering and a PhD in Information engineering. During his active service in … Read More
Majoring In The Minorities – A Success!
Facebook Twitter Linkedin DAB Global – Blog Majoring In The Minorities – A Success!! A new firebrand of a tech conference took place yesterday at the Salt Lake Community College, Taylorsville campus. Here, Women In Cybersecurity Utah and Moms Who … Read More
[SCAM OF THE WEEK] Phishing Campaign Targets Crypto Users
Major cryptocurrency company FTX recently filed for bankruptcy, and there’s a big phishing campaign on the loose targeting FTX users.
FBI director says he’s ‘extremely concerned’ about China’s ability to weaponize TikTok
Suzanne Smalley at Cyberscoop reported: “FBI Director Christopher Wray told Congress on Tuesday he is “extremely concerned” that Beijing could weaponize data collected through TikTok, the wildly popular app owned by the Chinese company ByteDance. Wray said during a House … Read More
Fangxiao Domain-Spoofing for Revenue
Researchers at Cyjax describe a large phishing campaign being run by a China-based financially motivated threat actor called “Fangxiao.” The threat actor has been active since at least 2017, and has used more than 42,000 domains in its phishing operations.
Build Your Network with (ISC)² and BUiLT
(ISC)² recently announced an expansion of its diversity, equity and inclusion (DEI) initiative through partnerships with several organizations around the world. “It’s no secret that the cybersecurity industry isn’t nearly as diverse as it should be,” said Dwan Jones, director … Read More
[FREE Resource Kit] Stay Safe This Holiday Season with KnowBe4
It’s the best time of the year! But also, it’s the busiest time for cybercriminals. Since your users will be distracted with seasonal activities, cybercriminals will take advantage of the surges of online shopping and travel to trick your users into … Read More