Catching up with US Cybersecurity and Infrastructure Security Agency latest advisories

Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …

What are the most spoofed brands in social engineering/phishing attacks?

It is not really a surprise, with the exponential rise in home shopping and deliveries because of the pandemic, that the delivery service DHL is the most impersonated organisation when it comes to cyber attacks: DHL named most-spoofed brand in phishing • The Register Microsoft and LinkedIN are close behind. …

Why threat actors will stick with phishing attacks rather than moving onto move hi-tech attacks?

I really liked this article. I have covered various highly involved cyber attacks over the last few months, deepfakes, hacking cars, air–gap attacks but as it describes in this article, you can use technology to steal those credentials or you can just ask nicely for them: Phishing works so well …