Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.
New analysis of Q3 shows Emotet attacks on the rise, complete with new methods and features that have impacted governments and enterprise businesses alike.
At a time when tensions are high with questionable election results, lawsuits, and an apparent “president-elect”, makers of Qbot are taking full advantage of the opportunity.
A research paper in the Journal of Computer Information Systems says that security awareness training is a necessary complement to technical defenses and security policies, SC Magazine ...
In a recent article by Reuters, the article covers a story from The Times on Britain's eavesdropping agency GCHQ is starting a plan to take on anti-vaccine propaganda that is being spread ...
A report from the New York Department of Financial Services covering the high-profile Twitter account hack from earlier in the year reveals how little time an attack takes to be ...
Business Email Compromise appears to be back in the saddle again, as attackers use simple social engineering and domain impersonation to trick victims into paying up.
A new report from Security Researcher Vitali Kremez puts the spotlight on exactly how the group behind Ryuk ransomware is successful in infecting and obtaining payment from its victims.
Researchers at Volexity report that the Vietnamese threat actor OceanLotus has been using phony news and bogus activist websites to track users, or to trick them into downloading malware. ...
According to Bleeping Computer, ransomware operators are using malicious fake ads for Microsoft Teams updates to infect systems. The infection would deploy Cobalt Strike to compromise the ...
We all know the well-worn adage to make our passwords long and complex. Sometimes trying to do so can be completely frustrating.
October was Cyber Security Awareness Month, the month during which many organisations and individuals contributed their ideas, shared content and helped educate each other on the ...
Microsoft Office documents with malicious macros are still one of the top choices for attackers of all skill levels, according to Craig Williams from Cisco Talos. On the CyberWire’s ...
The bad guys managed to fully encrypt Brazil's Superior Court of Justice (SCJ), Ministry of Health, and Government of the DF this week. Technicians from SCJ discovered that there was a ...
I was fortunate enough to write Wiley’s Hacking Multifactor Authentication. It’s nearly 600-pages dedicated to showing attacks against various multi-factor authentication (MFA) solutions ...
Israeli news source YNet released a story about a woman who clicked on a suspicious phishing link, was fired from her job, and was accused of fraud with a criminal indictment.
Scammers are abusing a Google Drive feature to send phishing links in automated email notifications from Google, WIRED reports. By mentioning a Google user in a Drive document, the ...
A recent report from SiliconANGLE released information that cannabis company GrowDiaries suffered a data breach with details of 3.4 million users being exposed online.
Organizations need to train their employees to be on the lookout for SMS phishing (smishing), according to Jennifer Bosavage at Dark Reading. Bosavage explains that attackers exploit ...
Facts are facts, but what happens when IT security pros take myths at face value?
