What if you could eliminate 95% of cybersecurity exploits by doing one thing better? Would you do it? Social Engineering in its many forms accounts for 95% to 99% of common exploits that cybercriminals use to gain initial access to your information assets. There are two simple security controls that you can put in place that would virtually eliminate the threats caused by social engineering.
Social engineering is the use of deception, ...
Continue Reading →
Be sure to expand this article by clicking on the article title, so you don’t miss the funny questions below the image.
This is from an older post from McSweeny’s. We have all set up a number of these “secret security questions” like the ones one the left, and the appropriate answer. These questions are generally used for password ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Microsoft just released an update that includes over 100 fixes and a Zero-Day patch. The Zero Day must be a doozy, my old, out-of-support Windows 7 machine was updated too. Run your updates!
Catch of the Day: Action Required Password Expired Phish
Chef’s Special: Google Drive Alert Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to ...
Continue Reading →
Getting certified in an information technology, networking, cybersecurity, or other professional credential is hard work. Nobody wants to have to do them over. Hopefully you are earning the Continuing Education Units (CEU or CPE) you need to maintain your certification status. Industry certifications are typically good for three years. To keep them in force, every certificate you achieve comes with continuing education ...
Smishing, vishing, and whaling might sound ominous, but they are simply terms used to describe different types of phishing attacks. Find out how these attacks differ from the classic phishing scam. Today’s guest post by Tony Chiappetta explains how they work
Most people associate phishing attacks with those annoying emails that pop up in their inboxes. These emails might warn you about the impending closure of your bank account (even ...
Continue Reading →A great article from the Smithsonian. And a solution video from Wired. (24 minutes)
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Supercomputers are high-level computers used for managing very large databases or great amounts of computation. Tom Merritt lists the top five ranked supercomputers in the world, according to TOP500.
The ...
Continue Reading →Catch of the Day: Fake Forex Phish
Chef’s Special: Phishing Simulations
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is to provide a warning, examples of ...
Continue Reading →Did you know that wireless devices almost always present a security vulnerability? Wireless signals pass through the air and can be intercepted and read by a savvy attacker. To protect wireless communication sessions, usually the wireless link is protected with some form of encryption. Last week I was teaching a CISSP class, and we were discussing the security vulnerabilities inherent in wireless networking, when one of the students asked if wireless keyboards are secure. The research I did while answering ...
Continue Reading →