A quick Saturday digest of cybersecurity news articles from other sources.
Executive Summary
- The cyber mercenary group known as Void ...
OCT
(it’s free) I’ve tried so many resources over the ...
Catch of the Day: TikTok Phish
Chef’s Special: Iranian Smishing Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples ...
Continue Reading →On June 24, 1868, Christopher Latham Sholes received a patent for something he called a “Type-Writing Machine.” The early tech resembled a piano and had 21 keys.
And the beat goes on. As researches discover more about the SolarWinds and Exchange exploits, the discovery of similar related attacks was inevitable.
Original release date: April 2, 2021
The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn ...
Continue Reading →Original release date: September 30, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive security considerations appropriate for their ...
Continue Reading →Insider threats are not viewed as seriously as external threats, like a cyber attack. But when companies had an insider threat, in general, they were much more costly than external incidents… The insider that is smart often has the right skills to hide the crime, sometimes forever.
— Dr. Larry Ponemon, on the impact ...
Continue Reading →If you bought a security camera, webcam, baby monitor, smart doorbell, digital video recorder or other IoT device manufactured in China, there is bad news. Security flaws have been discovered that can easily allow an attacker remote access, remote control, and password discovery on affected systems. These devices can also be hijacked to use in a variety exploits including eavesdropping ...
Cyber-criminals are using a botnet to send phishing emails with the apparent purpose to test a new email attachment type. Over the course of three weeks starting August 10th, this cyber-gang released seven different types of phishing emails to over 3,000 banks around the world. They appear to be testing which of these several approaches is most successful at tricking recipients into opening the email attachment.
The attachment itself is also something different – Microsoft Excel Web Query files that use ...
Continue Reading →When web bots attack, what websites are the most likely to targets? We discussed automated attacks against websites last month. Here is some new information from Distil Networks about who the main targets have been in the recent past. If your business is included in the following list, you may want to ramp up the security posture of your website and web hosting account.
The industries ...
Continue Reading →