This report from NCC Group about the state of cyber attacks for March 2022 shows the continuing rise of ransomware attacks across the United States and Europe. With the Hive ransomware gang emerging as one of the greatest threats. NCC Group Monthly Threat Pulse – March 2022 | NCC Group …
Lapsus$ hits T-Mobile
T-Mobile is the latest in a string of high profile organisations targeted by the Lapsus$ gang. It is reported this time that they stole valuable source code. T-Mobile hit by data breaches from Lapsus$ extortion group | TechRepublic The operation appears to have originated with a social engineering attack directed …
Theft via Instagram – just promise something “to good to be true”
Nothing complicated about this – a simple scam, abusing people’s trust to net $3m. Send a message, pretend to be someone you are not, provide a malicious link and promise the victim something “free”. Crooks steal NFTs ‘worth $3m’ in Bored Ape Yacht Club heist • The Register It could …
Continue reading “Theft via Instagram – just promise something “to good to be true””
Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”
Anatomy of a phishing email attachment – this is why we are always running training
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
