Cybersecurity Starts in the Boardroom
Last week I had a prospective client take me up on our free 30 minute “ask me anything about your cyber security” Teams meeting. Things went well, she had some questions, I ran through my advice checklist with her – everyone was happy until I asked about their anti-virus – …
This one to be specific: WooCommerce admins targeted by fake security patches that hijack sites It is a phishing campaign, attacking the popular WordPress plugin WooCommerce, exploiting admins and their credentials with malicious security patches the admins think they must have – again a classic bit of threat actor social …
Continue reading “I was going to write about a WooCommerce attack…”
The scammers – sorry, cyber criminals – who masquerade as the delivery firm Evri, have been up to their old social engineering tricks again! A couple of weeks back, whilst waiting for a delivery by Evri, I received a scam text message and I wrote about that experience here: Delivery …
It’s 2025… so why are obviously malicious advertising URLs still going strong? – SANS Internet Storm Center The article by Jan Kopriva makes a number of excellent points about why threat actors continue with these types of social engineering attacks – but the bottom line is that lack of training …
Time to add another chapter to my Phishing Email Primer: It is being reported that threat actors have been using a new targeting tactic to sort through victims who have been ensnared by their social engineering attacks. When presented with the malicious credentials Window, only those high-value victims who have …
