Monthly Archives: November 2022

Sometimes a social engineering campaign has a clear geographical focus, often shaped by language, holidays, or current events. In this case, the scammers are taking opportunistic advantage of a company whose service offerings have a significant share in a locally … Read More

How many business emails do the recipients actually want? Or, conversely, how many of them are unwanted? A study by Hornetsecurity looked at this question (along with a number of other security issues) and reached a conclusion that, on reflection, … Read More

What do you get when you cross a teacher with an entrepreneur who also has a passion for cybersecurity? You get Matt Lee. Matt is the Senior Director of Security and Compliance at Pax8, where he is a force multiplier … Read More

Microsoft security updates, Trojans attack Google and the SEC announces enforcement action for SolarWinds….Here are the latest threats and advisories for the week of November 11, 2022. Threat Advisories and Alerts FBI Announces That Hacktivist DDoS Attacks Can Have Minimal … Read More

In the latest FBI warning, cybercriminals are now impersonating financial institutions’ refund payment portals. This effort is to contain victims’ personal information with legitimacy.

Researchers at Avanan warn that a phishing campaign is using Microsoft’s Dynamic 365 Customer Voice feature to send malicious links. Customer Voice is designed to collect feedback from customers, but attackers are using it to send phony links claiming that … Read More

Check Point Research provides highlights that color the third quarter of 2022, painting a picture of increases in attack frequency and intensity in every single sector.

While every sector is taking strides to improve their security stances against ransomware and other cyberattacks, the latest data shows that for Manufacturing the impacts are huge and the pain is real.

Even with employees seeing cyberattacks first-hand and understanding the seriousness of such attacks, organizations have a culture problem where users just don’t care.

By Chinatu Uzuegbu, CISSP, CEO/Managing Cyber Security Consultant at RoseTech CyberCrime Solutions Ltd. (ISC)² Security Congress 2022 was a huge success with engaging speakers from around the world filled with insights. The theme of this year’s event was Empower a … Read More

Phishing via Short Message Service (SMS) texts, what is known as smishing, is becoming increasingly common (some examples are shown below). There is probably not a person on Earth who does not get at least one smishing message a month. … Read More

The Robin Banks phishing-as-a-service platform now has a feature to bypass multi-factor authentication by stealing login session cookies, according to researchers at IronNet. The phishing kit’s developer used an open-source tool to implement this feature, which targets Google, Yahoo, and … Read More

This Data wiper replaces every other 666 bytes of data with junk. Techradar reported that a new data-wiping malware has been detected, infecting more and more endpoints with each passing day – but what’s most curious is that it poses … Read More

Hospital emergency rooms around the world are fine-tuned to meet the requirements of the “Golden Hour”. The Golden Hour is a well-accepted medical fact that critically injured or ill patients fare far better when they are assessed, transported, and appropriately … Read More

We are thrilled to announce a brand-new product designed to help you develop a strong security culture. SecurityCoach enables real-time security coaching of your users in response to their risky security behavior.

Australia is the new hot spot for cyber attacks. The Australian Cyber Security Centre (ACSC) recently reported that Australia has been targeted by cybercriminals every 7 minutes, and the Australian Competition and Consumer Commission are stating that this year alone … Read More

A criminal gang is launching business email compromise (BEC) attacks by posing as “real attorneys, law firms, and debt recovery services.” The attackers send legitimate-looking invoices tailored to the targeted organization, asking for a payment of tens of thousands of … Read More

Regardless of what the economy or job market is doing, a career in cybersecurity promises near limitless possibilties. And with the current threats to cyber stability around the world, there’s never been a greater urgency for cybersecurity professionals. The latest … Read More

Steven Lee Myers at the NYT had the scoop on this typical Russian influence operation which really is social engineering at scale: “The user on Gab who identifies as Nora Berka resurfaced in August after a yearlong silence on the social media … Read More