Password theft – One of the easiest exploits for a cyber-criminal may be the one of the worst for the victim. The recent SolarWinds disaster (yes it is a disaster, not just hyperbola) began when a Russian cyber-ops group discovered the password to the SolarWinds update server was “protected” by the password SolarWinds123. This password is easily guessable and a terrible choice for a critical system such as an update server. ...
A quick Saturday digest of cybersecurity news articles from other sources.When the story is big enough to make the mainstream news, I really don.t need to include it here, but here are some links to other articles about SolarWinds.
‘Grave Impact’: Pervasive SolarWinds Hack Imperils U.S. Federal Agencies
Continue Reading →
Catch of the Day: LinkedIn Phishing Sim
Chef’s Special: Zoom Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples ...
Continue Reading →Catch of the Day: Betmaster’s Phish
Chef’s Special: Facebook Lottery Scam
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples ...
Continue Reading →Catch of the Day: Roundcube Version Upgrade Phish
Chef’s Special: IONOS Blocked Email Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, ...
Continue Reading →
What if you could eliminate 95% of cybersecurity exploits by doing one thing better? Would you do it? Social Engineering in its many forms accounts for 95% to 99% of common exploits that cybercriminals use to gain initial access to your information assets. There are two simple security controls that you can put in place that would virtually eliminate the threats caused by social engineering.
Social engineering is the use of ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Microsoft just released an update that includes over 100 fixes and a Zero-Day patch. The Zero Day must be a doozy, my old, out-of-support Windows 7 machine was updated too. Run your updates!
Catch of the Day: Action Required Password Expired Phish
Chef’s Special: Google Drive Alert Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to ...
Continue Reading →
Smishing, vishing, and whaling might sound ominous, but they are simply terms used to describe different types of phishing attacks. Find out how these attacks differ from the classic phishing scam. Today’s guest post by Tony Chiappetta explains how they work
Most people associate phishing attacks with those annoying emails that pop up in their inboxes. These emails might warn you about the impending closure of your bank account (even ...
Continue Reading →Catch of the Day: Fake Forex Phish
Chef’s Special: Phishing Simulations
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples of ...
Continue Reading →