Tabletop Exercises: Transformative Impact on Companies
Tabletop Exercises: Transformative Impact on Companies Chris Swagler | April 12th, 2024The ever-evolving business landscape necessitates that companies maintain a proactive approach towards potential challenges when it comes to cyberattacks. One such strategic practice that has gained significant traction in recent years is conducting tabletop exercises. These simulations, originally used by disaster response teams, […]
Hidden Backdoor Discovered in XZ Utils Data Compression Library
Hidden Backdoor Discovered in XZ Utils Data Compression Library Chris Swagler | April 1st, 2024A recent revelation by The Hacker News has sent shockwaves across the cybersecurity community. The popular XZ Utils data compression library, a critical component of various software applications and operating systems, has been found to contain a hidden backdoor. This […]
Four Technologies To Help Against Business Email Compromise
Four Technologies To Help Against Business Email Compromise Chris Swagler | March 4th, 2024Business email compromise (BEC) is a sophisticated cybercrime that primarily targets companies, governments, and non-profit organizations. It’s a hazard that has grown rapidly in recent years. BEC schemes attempt to deceive employees into transferring payments or disclosing important sensitive information to […]
Warning About OAuth Apps Used in BEC and Cryptomining Attacks
Warning About OAuth Apps Used in BEC and Cryptomining Attacks Chris Swagler | February 26th, 2024A warning was issued by Microsoft about financially driven threat actors automating BEC and phishing attacks, pushing spam, and deploying VMs for cryptomining utilizing OAuth applications. Open Authorization, or OAuth for short, is an open standard that allows apps […]
How Threat Operators Are Phishing Users’ Credentials and Selling Them
How Threat Operators Are Phishing Users’ Credentials and Selling Them Chris Swagler | February 9th, 2024Account credentials, a common initial access vector, have become a desirable commodity in cybercrime. It can result in a single set of stolen credentials being used to compromise companies’ entire network. A 2023 Data Breach Investigation Report revealed that […]
BEC Attacks on Law Firm Rising with Threat Actors Bypassing MFA
BEC Attacks on Law Firm Rising with Threat Actors Bypassing MFA Chris Swagler | January 31st, 2024Threat actors are finding new ways to bypass multi-factor authentication (MFA) measures, putting law firms at risk of business email compromise or BEC attacks. According to a cybersecurity risk consultancy company, legal companies have been increasingly targeted in […]
How Penetration Testing Can Protect Web Apps from Cyber Threats
How Penetration Testing Can Protect Web Apps from Cyber Threats Chris Swagler | January 26th, 2024As the demand for access to services and information at any time and anywhere continues to grow, so does reliance on web apps. From companies’ strategies to customers’ requirements and even broader societal functions, there’s an application for almost […]
Fake Virus Alerts Scheme Infecting Major News Companies’ Sites
Fake Virus Alerts Scheme Infecting Major News Companies’ Sites Chris Swagler | January 22nd, 2024According to new research from a security software company, a notorious malvertising actor called ScamClub has infected some of the most widely viewed news sites with fake virus alerts using McAfee. The anti-malware vendor described how ScamClub’s latest malvertising effort […]
The Importance of Ransomware Training for Employees
The Importance of Ransomware Training for Employees Chris Swagler | December 31st, 2023According to Verizon’s “2023 Data Breach Investigations Report,” 74% of breaches involve a human factor, whether through negligence, stolen passwords, or falling prey to phishing scams. With the average overall cost of a ransomware breach is $5.13 million, companies must undergo ransomware […]
Surge in Advanced Email Attacks Poses Risk to Healthcare Sector
Surge in Advanced Email Attacks Poses Risk to Healthcare Sector Chris Swagler | December 27th, 2023In an alarming revelation, a cybersecurity company’s latest blog post has highlighted the persistent and growing menace of advanced email attacks, posing a significant threat to organizations worldwide, with healthcare institutions finding themselves in the crosshairs. The […]