Why does the Capita data breach have something to teach every organisation about cyber security? When a company has many clients for whom they do so many things, it stands to reason that threat actors will take an interest. One breach and the criminals get access to a wide range …
Email Phishing is a constantly changing threat
One of the topics covered at the cyber security conference I was at last week was how AI tools such as ChatGPT are helping threat actors refine the social engineering messages that enable the success of an email phishing attack. Our Cyber Security Awareness Training still includes looking out for …
Continue reading “Email Phishing is a constantly changing threat”
ONLY get your Windows updates via the Updates app
We write a lot about patches and updates – they are important to keep your organisation secure. But do not be tempted when browsing the web to follow a helpful advert that offers you Windows updates. That is not how it is done! Fake in-browser Windows updates push Aurora info-stealer …
Continue reading “ONLY get your Windows updates via the Updates app”
CyberAwake – Incident Follow-up
CyberAwake has published a follow-up article to my previous article on Cyber Security Culture. It looks at what you need to think about when it comes to the meetings following an incident: Cyber Security Incident Follow-up Meetings – (cyberawake.co.uk) How you approach these meeting can have a huge impact on …
The Anatomy of a Malicious Word Document
If you want to know what a malicious phishing email and Word document looks like and how it functions, have a read of this article by Xavier Mertens on SANS Internet Strom. Infostealer Embedded in a Word Document – SANS Internet Storm Center It uses a simple technique to get …