Category: social engineering
Just how effective are Russian political social media ops?
There has been a lot of discussion (and hand wringing) over what seem to be concerted Russian “influence operations” aimed at US politics. Our Russian…
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…
Grindr and US national security
Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to sell its stake in gay…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…
Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000
If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other…
The ultimate outsider threat?
I know I have been blathering on about insider threats lately, so let’s go to the other extreme – the ultimate outsider threat. A pair…
The other big hack of 2016?
According to CSO Online, someone is offering for sale what they claim is a 6GB file of “data enrichment” information pertaining to over 200 million…
no, it’s not the end user’s fault
According to a survey released by endpoint security solution vendor Bromium, 79 percent of surveyed information security professionals view end users as their “number 1…
sometimes the “it department” isn’t the it department
For your social engineering reading pleasure… the take aways? First, operational security is important – this scam worked (at least for a while) because the…
