Cybersecurity Starts in the Boardroom
This was going to be a “weekend read” but I thought it was important enough to be part of the main news feed. For an email phishing scam to work it has to, in some way, make you trust it. This exploitation of your trust is called social engineering and …
Continue reading “Email scams – how hard is it to spot them?”
This story has gone back and forth. How can Microsoft wobble on what has been a well used attack vector, by threat actors for years and years? Microsoft to block downloaded Office macros – at last – Smart Thinking Solutions Oh No! Microsoft appears to have rolled back it’s macro …
The threat actor Roaming Mantis has been detected since February, targeting victims across Europe and the Far East. Their attacks are based around phishing text messages, Android users are directed to download a malicious app, whilst Apple users (as the Apple “walled garden” Apps store does an effective job of …
This report is from HP’s Threat Research Blog and is about a threat discovered impacting hotels in South America. But it illustrates the wide range of threats that can get to you via an email attachment and has some examples you can look at. Stealthy OpenDocument Malware Deployed Against Latin …
This post was original published on 27 June 2022 Update 14 July 2022 Here is an article from the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft 365 Defender Research Team outlining how the big phishing campaigns backed by experienced and skilled hackers can bypass the security of multi-factor authentication: …
A UK Government’s report looking at cybersecurity breaches across the country, (UK Government. 2022), prepared by Department for Digital, Culture, Media & Sport (and sport!) showed clearly email phishing is a real threat: “Of the 39% of UK businesses who identified an attack, the most common threat vector was phishing …
It may be a new cyber gang but Luna Moth are using the oldest tricks in the book – phishing with social engineering to exploit user’s trust: New ‘Luna Moth’ hackers breach orgs via fake subscription renewals (bleepingcomputer.com) What you and your team need is an awareness of what social …
Continue reading “Social Engineering to breach security – fake subscription renewals”
