It could happen to anyone…

The headline is eye catching: a data breach at a highly respected security training organization when an employee falls for a phishing email. It is ...
Top 3 Reasons Gaps in Microsoft and Proofpoint Email Security Are Leaving Organizations Vulnerable

Top 3 Reasons Gaps in Microsoft and Proofpoint Email Security Are Leaving Organizations Vulnerable

Email Account Takeover (ATO) attacks occur when a threat actor gains unauthorized access to an email account belonging to someone else. Cybercriminals obtain stolen user credentials through trade or purchase on the ...
Twitter confirms internal tools used in bitcoin-promoting attack ...

Cyber Security Roundup for August 2020

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, July 2020.The standout hack of July 2020, and possibly of ...
hackers

The Next Generation of Hackers

In This Issue: "The Next Generation of Hackers". Being a hacker requires curiosity, certain computer security skills, and a mindset for figuring out what criminals will do before they do it. So, ...
US DOJ Charges Three Young Men for Alleged Roles in July Twitter Hack

US DOJ Charges Three Young Men for Alleged Roles in July Twitter Hack

Last week, the US Department of Justice (DOJ) charged three men for their alleged roles in one of the largest Twitter breaches in history, which led to the hijacking of 130 high-profile ...

Social Engineering: Hacking Brains…It’s Easier than Hacking Computers

The audience in the room is weirdly quiet. The contestant is in a small plexiglass booth with nothing but a phone, a laptop computer and some notes. On a set of speakers ...
nonverbals

The Importance of Nonverbals in a Masked World

We now have a new mainstay in our wardrobes: masks. As masks block much of our face, our July blog gives us some neck-down nonverbals to add to our repertoire. The post ...
Vishing

Managing Your Vishing Defenses at Home

During the past 6 years at Social-Engineer, LLC (SECOM) we’ve made over 45,000 calls to companies all over the world. Banks, startups, tech firms, pharmaceutical companies, defense contractors, and many other organizations ...

The Big Twitter Hack, Critical Windows DNS Server Update, Email Impersonation Attacks

In episode 130 for July 20th 2020: Details on the big Twitter hack which took over high-profile accounts, a major wormable critical vulnerability in Microsoft Windows DNS Server, and how email impersonation ...
phishing risk test

Top 9 free security training tools

Cybersecurity training is one of the best defenses against cyber attacks targeting organizations and individuals alike. Although security training is a tried-and-true defense against cyber attacks... Go on to the site to ...