“Smishing” is similar to phishing but instead of using email the cyber criminals tempt you with a text message. Still targeting the usual suspects of your personal information and money. This report on scams and attacks being distributed using sms text messaging is US centric – but what happens over …
Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”
Anatomy of a phishing email attachment – this is why we are always running training
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
National Cyber Security Centre Threat Report 22 April 2022
Weekly Threat Report 22nd April 2022 – NCSC.GOV.UK
Inside a commercial spyware company
Following the story this week that No. 10 Downing Street and the Foreign and Commonwealth Office were infected with the Pegasus spyware, Bruce Schneier put me onto this article about the NSO Group and Pegasus spyware. It provides some amazing background into the way the software has developed and how …
