Category: social engineering
A security use case for ChatGPT: Email Scam Robo Judge
I have been noodling around with ChatGPT recently and have found a nice little use case that I hope someone with more coding skills and…
Leaking company secrets via generative AIs like ChatGPT
For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable…
It could happen to anyone…
The headline is eye catching: a data breach at a highly respected security training organization when an employee falls for a phishing email. It is…
Aging reports – new ammo for attackers
Another reminder that attackers are getting more sophisticated and taking the time to learn about their victims and their business processes before launching their phishing…
Just how effective are Russian political social media ops?
There has been a lot of discussion (and hand wringing) over what seem to be concerted Russian “influence operations” aimed at US politics. Our Russian…
Is Business Email Compromise a “cyber attack?”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
Good privacy advice from the US DoD
The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…
Grindr and US national security
Here’s an interesting development…the US federal agency which reviews foreign investments in US companies has ordered a Chinese firm to sell its stake in gay…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…
Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000
If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other…