A phishing email is typically the starting point for many cyber attacks. While spam filters, whitelists, and anti-virus programs do an adequate job of keeping these emails from passing through to end users’ inboxes, there are still plenty of emails that make it through. Now, with the COVID-19 pandemic, many organizations have shifted to a… Read More
While conducting assessments and incident response exercises, I’ve talked to many clients about cyber security training, including how to avoid being a target of social engineering. Cyber security training covers a broad range of potential topics – everything from current threats to cyber hygiene to information assurance and organizational policies, and training employees and other… Read More
In this post, we’ll take look at one of the latest hacking techniques involving PowerPoint and the mouseover action. Check out our demo video to see the technique in action. The PowerPoint mouseover technique disrupts a decade’s worth of user awareness education. As security professionals, we constantly warn employees to be aware of phishing emails with malicious links… Read More
It’s no secret that people are often the weakest link in the cyber security chain. More than 50 percent of security breaches are due to human error. But is it as simple as pointing to gross carelessness or negligence for these mistakes? Oftentimes basic human nature can be exploited by social engineers who are skilled and opportunistic…. Read More