Current Events

Password Sharing is not Caring

By |2018-10-09T12:00:22+00:00October 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , |

Cybercriminals thrive on misuse of credentials, and users sharing them only makes the criminal’s job easier.  According to a recent report, password sharing is running rampant. The password has been the long-standing guardian keeping unauthorized users from accessing data, applications, and systems they shouldn’t. But, the password is only powerful when the assigned user keeps it private. [...]

Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

By |2018-10-08T16:34:13+00:00September 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained a Microsoft-issued domain and SSL certificate, making it particularly believable. Since the phishing bait was hosted in Azure blob storage, it had a Microsoft-issued [...]

One in Five Employees Share Their Email Password!

By |2018-09-04T08:57:18+00:00September 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , |

Negligent employees remain the number one cause of data breaches at small businesses across America. So why do small businesses continue to struggle with good cyber security practices and what can they do to correct those habits? Small to medium-sized businesses are hit with nearly 4,000 cyber attacks per day -- and that number is [...]

SharePoint Phishing Attack Impacts 10% of Office 365 Users

By |2018-08-17T10:58:35+00:00August 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , , , , |

The attack dubbed “PhishPoint” demonstrates the craftiness and extent cybercriminals will go to in order to harvest Office 365 credentials.   This latest attack uses several familiar aspects of Office 365 to lull potential victims into an assumption everything is above board.   Here’s how the PhishPoint attack works: The user receives the malicious email –There [...]

New Deceptive Strains of Payroll Phishing: “Because that’s where the money is…”

By |2018-07-25T10:22:17+00:00July 15th, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , |

Most readers will probably be familiar with the mythical story of bank robber Willie Sutton who, after being nailed by the cops, was asked why he robbed the bank. His answer (undoubtedly delivered in the most deadpan voice one can imagine): "Because that's where the money is." Although criminals have gone high tech since the [...]

It Saves Your Battery, But Its Social Engineering Steals Your Data

By |2018-06-26T16:55:46+00:00July 1st, 2018|Categories: Android, Google, Cyber Security, Mobile, Social Media|Tags: , , , , , , , , , , , , , , , , , |

Google Play is a walled garden, but the serpents always manage to find their way in.  There is a new snake in the grass with a tempting offer on its forked tongue: an app that "saves the battery" in your mobile device. It begins with a vaguely plausible pop-up: "Samsung clean-up might be required! Your [...]

What Is Angler Phishing And How Do I Avoid Becoming A Victim?

By |2018-06-20T08:18:40+00:00June 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , |

What is Angler Phishing? Angler phishing is the practice of masquerading as a customer service account on social media, hoping to reach a disgruntled consumer. About 55% of such attacks last year targeted customers of financial institutions, trying to lure victims into handing over access to their personal data or account credentials. How Angler Phishing Works Angler [...]

Bad Guys Are Doing More Damage Than They Used To

By |2018-06-06T09:46:32+00:00June 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , |

The ransomware plague is not letting up and rapidly getting more technically sophisticated. New strains are popping up every month, using innovative methods to spread. Worse, the ransom demands themselves are skyrocketing at the same time. This week, cyber insurance experts reported incidents with ludicrous 1 million dollar extortion attempts after attackers were able to encrypt [...]

Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

By |2018-05-16T20:19:42+00:00May 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cyber-criminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year [...]

World’s Largest Phishing Botnet Grows Evasive

By |2018-05-14T09:23:14+00:00May 1st, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , |

The notorious Necurs botnet is one of the oldest and largest spam and phishing delivery systems in existence. It controls millions of machines that the criminal botmasters use to send malicious payloads. Necurs has now adopted a retro trick to make itself more evasive and less likely to have its phishing intercepted by your filters. It's begun [...]