Monthly Archives: February 2024

Seeing as this week is Valentine’s Day, I should have written something about rom coms, true love, and trusting your heart more. But this is not one of those posts. This post is about romance scams and how hard they … Read More

The U.S. Securities and Exchange Commission (SEC), through a new requirement of Item 1.05 of the 8-K, requires that all regulated companies report significant cybersecurity breaches within four business days of determining that the incident was “material”.

A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection.

Users should be wary of online romance scams ahead of Valentine’s Day, according to Imogen Byers at ESET. While in the past these scams could often be thwarted by using reverse image search on the scammers’ profile photos, criminals can … Read More

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors (BOD) a critical business requirement.

Organizations are finally dialing in on where they need to focus their cybersecurity strategies, starting with phishing. But the top four cited security risks all have one element in common.

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.

Sophisticated cybercriminals are playing the long game. Unlike the typical hit-and-run cyber attacks, they build trust before laying their traps. They create a story so believable and intertwined with trust that even the most careful individuals can get caught in … Read More

In a revelation that adds yet another chapter to the ongoing saga of international cybersecurity threats, the Dutch Ministry of Defense recently shed light on a significant security breach. Reports that state-sponsored Chinese hackers have infiltrated the internal computer network … Read More

Criminal threat actors are increasingly utilizing generative AI tools like ChatGPT to launch social engineering attacks, according to researchers at Check Point.

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements.

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.

A new scam relies on a victim’s sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials.

Check out this one line for a moment…“duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations.”

Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, targeting millions of dollars using very specific methods.

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it. 

Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.

The AP published a great article. This is your executive summary: Conspiracy theories have always been part of American culture, but advanced technology is making them more persuasive and dangerous than ever before. This was evident after the devastating Maui wildfires … Read More

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.