Category: social engineering
It could happen to anyone…
The headline is eye catching: a data breach at a highly respected security training organization when an employee falls for a phishing email. It is…
Aging reports – new ammo for attackers
Another reminder that attackers are getting more sophisticated and taking the time to learn about their victims and their business processes before launching their phishing…
Just how effective are Russian political social media ops?
There has been a lot of discussion (and hand wringing) over what seem to be concerted Russian “influence operations” aimed at US politics. Our Russian…
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…
Grindr and US national security
Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to sell its stake in gay…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…
Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000
If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other…
The ultimate outsider threat?
I know I have been blathering on about insider threats lately, so let’s go to the other extreme – the ultimate outsider threat. A pair…
The other big hack of 2016?
According to CSO Online, someone is offering for sale what they claim is a 6GB file of “data enrichment” information pertaining to over 200 million…