New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International

A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss

phishbait-surveys-rule-changes-boss

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well

Spoofing Tailored to Financial Departments

Spoofing Tailored to Financial Departments

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers say that in some cases the attackers “specifically targeted newly-selected CEOs during critical transitionary periods.” Additionally, the attackers went after executives’ assistants. “Beyond financial departments, the attackers also

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities?

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.

Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.

Cyber Insurance is might not Cover that $6 Million in Cyber Fraud

The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout.  In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its

Most Phishing Emails Are After Credentials

Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime