Email cyber attacks whilst you are off on your Christmas holidays – some advice

I have been travelling recently and have missed a couple of CISA announcements on software security updates:

Samba Releases Security Updates | CISA

Drupal Releases Security Updates to Address Vulnerabilities in H5P and File (Field) Paths | CISA

CISA also recently released a joint advisory with other US agencies, explaining a current active business email compromise cyber security threat – that steals food not money:

FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food | CISA

I have written about and offered some advice on business email compromise (BEC).

With the Christmas and New Year holidays almost here, most organisations will be changing their routines. Staff will be on leave, keeping up with email on their phones when they have to. Many organisations have excellent work from home set-ups and so are choosing to let those staff that need to work, work from home, leaving offices under-staffed. This is an opportunity for a business email compromise cyber attack, the threat actors will not be able to resist – and that is the subject of my CyberAwake article that is due to be published later this morning. It includes some simple security steps you can still implement before the holiday start:

Cyber security explanations and advice in plain language – CyberAwake

Clive Catton MSc (Cyber Security) – by-line and other articles

phishing emails
Cyber Security Experts | Awareness | Training (cyberawake.co.uk)

Please Note:

I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.

email attacks 200