Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
Email phishing needs bait… (pt 5)
We looked at some of the most common types of email phishing attacks in the last part of this Back-to-Basics mini-series and I had promised you today an article on “size matters”, but I have changed my mind. Every day I read up on the latest threats and developments in …
Email Phishing Attacks
I have published part 4 of my Back-to-Basics mini-series looking at how phishing attacks work and how they impact organisations every day, over on CyberAwake. Phishing Primer – Phishing Types (pt. 4) Here are parts 1 to 3: Phishing Primer – Social Engineering (pt. 1) Phishing Primer – Social Engineering …
When a feature becomes a cyber security liability
Microsoft’s VBScript has been over taken by both new technology and threat actors – it is time for it to go. Microsoft to start killing off VBScript in second half of 2024 – BleepingComputer I have written about the cyber security consequences of such built in functionality and what happens …
Continue reading “When a feature becomes a cyber security liability”
Phishing Primer – Social Engineering (pt. 1)
Just because it is me, I am going to start this Back-to-Basics mini-series by not talking about phishing emails but looking at a key component of a malicious email attack – social engineering. So what is Social Engineering? In its most basic form, it is the advertising we are all …
Continue reading “Phishing Primer – Social Engineering (pt. 1)”
How to deceive an LLM AI
Bruse Schneier has an excellent article on how large language model AIs are being maliciously manipulated because of an old-style vulnerability being exploited. AT&T was probably the first organisation hit by such an attack that exploits systems that use the same channel for both data and commands. Back in the …
MoD Cyber Attack
It has been reported that the UK government’s Ministry of Defence has suffered a data breach. An an armed forces payroll system was compromised and Grant Shapps MP, the Defence Secretary has reported to MPs that state involvement cannot be ruled out. MoD data breach: State involvement cannot be ruled …
