01May 2019 by Lucieg789 No Comments

Phishing Attacks See Massive Increases and Improvements in Execution with Social Engineering at the Helm

Management Consulting, Training, Uncategorized
With 98% of malicious emails that hit inboxes containing no malware, the evolution and future of the phish lies squarely in the hands of effective social engineering. If you were a cybercriminal and were planning on using email as the medium by which to carry out your evil plans, you quickly realize you need to fool the recipient no matter what – whether the desired action is to open a malicious attachment, click a link, or respond, you much con them into doing so. Read more
Read More
08Feb 2019 by Lucieg789 No Comments
Social Engineering Comes to Wikipedia

Social Engineering Comes to Wikipedia

Management Consulting, Training
Attackers are selectively editing Wikipedia articles to lend credibility to tech support scams, according to Rob VandenBrink at the SANS Internet Storm Center. The Wikipedia page for the SpyEye banking Trojan was changed in mid-December to include a typo-ridden paragraph which claims that only three tech companies can remove the malware, and that “Best buy, Geek squad, Office Depo will not be able to fix it at all.” VandenBrink says that the scammer made these edits to convince victims that “only we can help you fix this (fake of course) infection you have on your computer.” The edit history of the Wikipedia user who made the changes shows that the account made similar edits to the “Macro virus” Wikipedia page, but those changes have since been fixed by other users.…
Read More
01Feb 2019 by Lucieg789 No Comments

Modern Ransomware Goes After Data Backups

Management Consulting, Training
Ransomware is using a variety of methods to reduce or nullify the effectiveness of data backups, writes Maria Korolov at CSO. Restoring from a backup is one of the best strategies that organizations can use to recover from a ransomware attack, so it’s obvious why attackers would want to target this data. Ransomware has been observed attacking shared network drives, Windows shadow copies, and any files that have backup file extensions. Some ransomware variants can even sync with the victim’s cloud service and encrypt files stored there. Read more here...
Read More
28Jan 2019 by Lucieg789 No Comments

EY UK: “We’ve seen a huge proliferation of very successful phishing attacks”

Management Consulting, Training
Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the bottom: “In 2018, we saw a huge proliferation of very successful phishingcampaigns,” said Ryan Rubin, partner, UK Forensic & Integrity Services team, Ernst & Young. “Unfortunately, cyber criminals are being very effective and are getting through organisations’ defences, despite there being an increasing awareness of cyber risk and a general improvement in security controls. What we’ve seen is that businesses often focus on trying to prevent the sophisticated cyberattacks from happening, and they’re less concerned about basic low-level attacks like phishing and business email compromise. Read the full article...
Read More
21Jan 2019 by Lucieg789 No Comments

The internet’s ‘father’ says it was born with two big flaws

Management Consulting, Training
Business Insider just posted an article that confirms something I have been saying for years. There is some contrary data though. We may be looking at a light version of rewriting history. Here are the highlights they started with: Vint Cerf, one of the creators of the internet, said the network had two big flaws when he launched it.The internet didn't have room for all the devices that would eventually be connected to it, said Cerf, now Google's chief internet evangelist.It also didn't have any built-in security protocols.Even though both shortcomings proved problematic, Cerf's not certain he would have fixed them if he had to do it all over again. Read the full article here....
Read More
17Jan 2019 by Lucieg789 No Comments
Most Cyber Attacks are composed of 4 Stages…

Most Cyber Attacks are composed of 4 Stages…

Management Consulting, Training
Survey, Delivery, Breach and Attack… Security Controls at each stage of an attack, can reduce your organisations exposure to a successful cyber-attack, however your first line of defence is you employees, train them to be aware of cyber threats and this can reduce the likely hood of an attack… contact us now for a discussion on how we can help in training your .... HUMAN FIREWALL...
Read More