Monthly Archives: July 2024

According to security researchers at Cisco Talos, emails impersonating legitimate officers at the Cyprus Securities and Exchange Commission are being sent to prior Opteck customers that offer victim’s with investment advice.

Protecting your financial information has never been more crucial. With the rise of sophisticated scams, it’s becoming increasingly difficult to distinguish between legitimate bank communications and fraudulent attempts to access your accounts. So, how can you be sure it’s really … Read More

Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report.

Incident Report Summary: Insider Threat TLDR: KnowBe4 needed a software engineer for our internal IT AI team. We posted the job, received resumes, conducted interviews, performed background checks, verified references, and hired the person. We sent them their Mac workstation, … Read More

Does the challenge of keeping up with cybersecurity trends sound familiar? You may have been told to update your antivirus software and hope for the best, only to find that your digital assets are still at risk.

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.

I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called “CEE”. As in Company Extinction Event.  Within hours of mass IT outages on Friday, a surge of new … Read More

The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously estimated, Cybersecurity Dive reports. The incident has already cost the firm nearly … Read More

Our friends at the CyberWire reported: “ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will be cyberattacks from Russia, which are “likely to take the form of DDoS attacks, … Read More

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to attacks.

According to the filing, the organization in question failed to devise controls to adequately detect, respond to, and disclose an attack that included data exfiltration and service disruption.

As cyber threats evolve, the target has become crystal clear: your data.  A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has introduced a robust free tool, BreachSim, to identify your network’s … Read More

Researchers at Malwarebytes warn that a malvertising campaign is targeting Mac users with phony Microsoft Teams ads. The ads are meant to trick users into installing Atomic Stealer, a commodity strain of malware designed to steal information from macOS systems.

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over several million in 2023. Marsh, a leader in cybersecurity insurance, … Read More

Researchers at Abnormal Security have observed a 360% increase in phishing attacks against state and local government entities over the past year.

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment … Read More

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has been targeting the technology sector in order to launch supply chain attacks.