Cybersecurity Starts in the Boardroom
Just because it is me, I am going to start this Back-to-Basics mini-series by not talking about phishing emails but looking at a key component of a malicious email attack – social engineering. So what is Social Engineering? In its most basic form, it is the advertising we are all …
Continue reading “Phishing Primer – Social Engineering (pt. 1)”
Microsoft has announced the end of Visual Basic scripting in Windows – this is a good thing for our cyber security as this tool is one of the most exploited by the threat actors. What started off as a good idea to provide individuals and organisations with a flexible platform …
Continue reading “Microsoft closes another door on the hackers”
We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
The white hat hacking competition Pwn2Own Toronto 2022 has revealed 63 zero-day flaws, that were there to be exploited by black hat hackers if they found them first, and collected nearly a million dollars in bounties: Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto (bleepingcomputer.com) A good news …
The hackers have the motivation to steal your personal data and credentials as it is very easy for them to monetise these types of attacks. The threat actors have their own supply chains buried within webs of security and obfuscation. The hackers will steal the personal information, using a suite …
Continue reading “Where the hackers sell your personal information and who buys it”
There is a market for hackers – that is why the cyber security is very real for large and small organisations- although many smaller organisations hit will just be collateral damage. Hackers selling access to 576 corporate networks for $4 million (bleepingcomputer.com)
Here are a couple of short articles from the Google blog that describes the different ways the company actively combats the threat actors to improve everyone’s online safety: Meet the hackers keeping you safe online (blog.google) Continuous innovation to keep you safe online (blog.google)
