Monthly Archives: December 2022

Investigative reported Brian Krebs reported December 13, 2022 that “InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact … Read More

As you know, cybersecurity is a constantly changing field. In order to maintain the accuracy, relevance and excellence of (ISC)² exams, we regularly conduct Job Task Analysis (JTA) studies to review and update exam outlines. JTAs are a methodical process … Read More

On December 8th, the Cybersecurity & Infrastructure Security Agency (CISA) released a great phishing infographic about data collected, lessons learned and recommendations learned from simulated phishing attacks that CISA has done for organizations. It is a great, independent, unbiased infographic with … Read More

A U.S.-based enterprise manufacturing organization cut their Phish-prone Percentage™ (PPP) by more than 80% after five months using the KnowBe4 security awareness training and simulated phishing platform.

As organizations, applications, and users alike continue their journey toward the cloud, the demand for cybersecurity professionals with experience in cloud security increases. The knowledge and skills gap are the biggest concerns for all cloud-first organizations. According to the 2022 … Read More

ChatGPT could give Google a serious run for its money. We are not quite there yet, but the capabilities are rapidly improving. Just have a look at the command I gave it. In 5 seconds the copy rolled out. This … Read More

Chinese actors attack North America, Cuba ransomware and vendors start their predictions for 2023…. Here are the latest threats and advisories for the week of December 9, 2022. Threat Advisories and Alerts CISA Sounds the Alarm on Cuba Ransomware The … Read More

We’ve long known developers of cyberattacks to be crafty and focus a lot of energy on obfuscation, but a new attack can shift gears midstream, delivering just the right malware.

Analysis of attacks on two cellular carriers have resulted in the identification of threat actions designed to undo mitigations taken by security teams mid-attack.

A sophisticated scammer group has stolen at least €480 million from victims in France, Belgium, and Luxembourg since 2018, according to researchers at Group-IB. The gang uses a highly detailed scam kit called “CryptosLabs,” which impersonates investment portals from more … Read More

Cisco’s annual Security Outcomes Report shows executive support for a security culture is growing. The report identifies the top seven success factors that boost enterprise security resilience, with a focus on cultural, environmental, and solution-based factors that businesses leverage to … Read More

Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

Recent attacks are helping cyber insurers better understand what security strategies need to be in place and how to price policies based on the risk those policies cover.

It’s three weeks before Christmas, and the latest video game console is getting harder and harder to find in stores. You’ve checked all the large retail stores online and visited them locally as well. You’ve talked to the retail workers … Read More

A Russia-linked threat actor tracked as TAG-53 is running phishing campaigns impersonating various defense, aerospace, and logistic companies, according to The Record by Recorded Future. Recorded Future’s Insikt Group identified overlaps with a threat actor tracked by other companies as … Read More

Ransomware strikes organizations almost every two seconds. Tales of bad actors doing their worst fill the InfoSec news cycle, but what happens when the hackers get hacked?

By Dustin Perkins, CISSP, Senior Governance, Risk and Compliance Consultant for the US Region of CyberCX. Cybersecurity has proven a growing interest and concern among both the private and public sectors and, for those contracted to do business with the … Read More

CyberheistNews Vol 12 #49  |   December 6th, 2022 [Keep An Eye Out] Beware of New Holiday Gift Card Scams By Roger A. Grimes Every holiday season brings on an increase in gift card scams. Most people love to buy … Read More

A phishing campaign is impersonating Apple and informing the user that their Apple account has been suspended due to an invalid payment method, according to researchers at Armorblox.