Whenever Clive attends a marketing seminar he is often told about the advantages of using a QR to get his message out there. It is true that QR codes are very useful but of course threat actors exploit our trust of them: QR codes used in fake parking tickets, surveys …
Tackling Push Bombing
Multi-factor authentication stands between you and a threat actor gaining access to your services – but the attackers have come up with a simple way to subvert it. Just keep bombarding you with authentication requests until you either give in or make a mistake. If the hacker has your correct …
The Anatomy of a Malicious Word Document
If you want to know what a malicious phishing email and Word document looks like and how it functions, have a read of this article by Xavier Mertens on SANS Internet Strom. Infostealer Embedded in a Word Document – SANS Internet Storm Center It uses a simple technique to get …
Phishing emails – can you recognise them?
Phishing emails with a carefully scripted social engineering message, a malicious .pdf file with links to malware stored in Firebase Storage on Google. Brad Duncan on SANS InfoSec Handlers Diary Blog has the full story including screenshots of the phishing email and the steps to infection: Recent IcedID (Bokbot) activity …
Continue reading “Phishing emails – can you recognise them?”
What would tech writers write about if ChatGPT did not exist?
ChatGPT has been used for homework, writing radio programmes, academic papers, articles, coding, hacking etc. etc. etc.. Here are some of the most recent articles examining privacy and cyber crime using artificial intelligence, of which the adapting, convincing email scams is probably the issue that organisations need to think about …
Continue reading “What would tech writers write about if ChatGPT did not exist?”