In the modern era of technology, the methods of cyber criminals and bad actors alike continue to evolve. The topic of deepfake attacks is becoming more common in the digital ..read more

According to Workplace, in 2019, “60% of remote-capable employees spent their week working fully on-site, whereas that figure has fallen to just 20% in 2023.” Additionally, hybrid work has increased significantly, and is on the way to becoming the most prevalent work arrangement in most offices. The COVID-19 pandemic had a clear impact on the way businesses function. These effects have lasted over to post-pandemic times. Because of this, it is more important than ever that we consider exactly how our climate has changed, the threats that exist, and what we can do to remain secure in this fast ..read more

On April 3, 2024, The Healthcare Cybersecurity Coordination Center (HC3) issued an alert to the Healthcare and Public Health (HPH) Sector that threat actors are targeting their IT help desks in a sophisticated social engineering attack. In this instance, threat actors are employing vishing, or voice phishing, as their attack vector. The Vishing Attack Posing as healthcare employees in a financial role, threat actors are calling IT help desks using the pretext that their phone is broken, and they are no longer able to receive MFA (Multi Factor Authentication) tokens. The IT help desk employee ..read more

The landscape of cyber threats continues to evolve with increased complexity and sophistication. This presents unparalleled challenges for organizations, as well as individuals worldwide. Today’s cyber adversaries employ complex techniques that combine social engineering along with advanced persistent threats. These attacks often involve meticulous planning and execution. This increased complexity makes the attacks more difficult to detect, thus demanding a more proactive and strategic approach to cybersecurity. In many of these attacks, we see a multifaceted social engineering approach. The a ..read more

In the rapidly evolving digital landscape, no entity is immune to the pervasive threat of cyberattacks. The security breach at MGM Resorts highlights the vulnerability of even massive organizations. As we reflect on this incident, several key lessons emerge. These lessons urge us to reassess our approach to cybersecurity as we navigate the complexities of the year 2024. The MGM Breach: A Closer Look  MGM Resorts, a prominent casino chain with a global footprint, fell victim to a cyberattack that disrupted its operations for several days. The attackers employed sophisticated social e ..read more

SMiShing Attacks in the News In February 2024, 19.2 billion spam texts bombarded U.S citizens according to a recent report. As annoying as spam texts are, they are not always malicious. Some spam texts are from legitimate businesses, albeit unauthorized, looking for new ways to connect with their customers. However, lurking within those daily spam texts is a more sinister threat; SMiShing texts. SMiShing texts have the specific purpose of tricking recipients into revealing personal/financial information and/or downloading malware to their phone. Bad actors are taking full advantage of our r ..read more

Discover Your Vulnerabilities Before Hackers Do! In this fast-paced world, staying ahead of hackers and attackers is vital. Our personal and company’s security are more important than ever. For this blog, let’s look at the latter. Company security encompasses various things. Because of that, let’s narrow our focus to social engineering for this discussion. Malicious social engineers utilize human vulnerabilities to take advantage of your company and its data. Social engineering was behind many of the major breaches in 2023, and we continue to see this through to today. How can you discover ..read more

Cyber security isn’t just about computer systems and networks, the people who use these technologies also play an important role. Most ransomware attacks begin with the human factor – social engineering. A recent threat monitor assessment indicates that nearly one-third of employees fall victim to social engineering attacks. Malicious actors exploit human emotions to lure the unsuspecting victim into sharing sensitive personal or professional data. These scams are usually all over the news and most people are familiar with these attacks. So, why are they still effective? Let’s explore some of ..read more

Two trends are currently making waves in the cybersecurity landscape: Vishing attacks and AI. Vishing (or voice phishing) is on the rise, becoming increasingly sophisticated and harder to detect. One of the reasons for the increasing level of sophistication is the large amount of information available for cybercriminals to gather. Social media sites such as LinkedIn often provide attackers with the target company’s full organizational structure, including employee names, positions, work histories, and social connections. Information they then use to create credible and compelling pretexts. AI ..read more

In today’s complex digital landscape, where corporations are constantly navigating the ever-expanding realm of cyber threats, one danger often underestimated is that which comes from within—the insider threat. Despite the prevailing notion that external hackers are the primary perpetrators of security breaches, insiders, or employees within an organization, can pose a significant risk. In this article, we will delve deeper into the realities of insider threats, exploring how they exploit companies, their employees, and the profound effects they can have on a corporation, both financially and o ..read more