Cybersecurity Starts in the Boardroom
Yesterday I wrote the opening chapter of this defence-in-depth article – I looked at how anti-virus protection can be side-stepped by threat actors and that staff cyber awareness training is needed to provide another layer to your defences. That was a human addition to your defence-in-depth and today we are …
I often write about the cyber security risk of Android apps – this is not an app issue but a iMessage phishing (smishing!) attack. USPS Phishing Scam Targeting iOS Users – SANS Internet Storm Center If the message was opened on a Mac, the anti-phishing protection redirects to the legitimate …
I am often asked this question by clients and particularly prospective clients, who think they do not need our cyber security awareness training or any of the tools in our security stack. The answer to the question is not easy, in a Word or OneNote file, through a link to …
I have not been talking about ransomware as much recently – but it has not gone away – ask Estée Lauder: Estée Lauder beauty giant breached by two ransomware gangs (bleepingcomputer.com) Follow the Money Hackers do t for money. Research from the cryptocurrency tracing firm Chainalysis shows that victims have …
Continue reading “I do not want to think ransomware has gone away…”
I’ll start this story with an example of a phishing attack run by one of the Russian sponsored hacking groups currently involved in the Russian Ukraine conflict. You are not likely to be one of their carefully selected targets but it illustrates how other threat actors operate. The group is …
Continue reading “Phishing this is how the malware gets in!”
