Risk Management July 2, 2024

It all adds up: Pretexting in executive compromise

4 min read - Executives hold the keys to the corporate kingdom. If attackers can gain the trust of executives using layered social engineering techniques, they may be able to access sensitive corporate information such as intellectual property, financial data or administrative control logins…

News March 18, 2024

CISA hit by hackers, key systems taken offline

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) — responsible for cybersecurity and infrastructure protection across all levels of the United States government — has been hacked. “About a month ago, CISA identified activity indicating the exploitation of vulnerabilities in Ivanti…

News March 11, 2024

DOJ’s crackdown: A brief look at hacker group takedowns

3 min read - The Department of Justice (DOJ) is ramping up efforts focused on disrupting cyber criminal organizations operating within and outside of United States borders. The dismantling of Volt Typhoon, a prolific hacker collective, marked a turning point in the DOJ’s offensive…

Risk Management May 25, 2023

How I got started: White Hat Hacker

3 min read - White hat hackers serve as a crucial line of cyber defense, working to identify and mitigate potential threats before malicious actors can exploit them. These ethical hackers harness their skills to assess the security of networks and systems, ultimately helping…

News May 10, 2023

How the rise and fall of BreachForums impacts cybersecurity

4 min read - In mid-March 2022, the underground cyber forum BreachForums quietly made its debut. Within a year, the platform became one of the most prolific cyber crime forums in history. According to the FBI, BreachForums illegally posted hacked data pertaining to nearly…

Risk Management April 6, 2023

How to defend against extortion groups like Lapsus$

4 min read - The hacker group Lapsus$ (sometimes referred to as LAPSUS$ or simply Lapsus) is a relatively newer organization in the cyber arena. The group began to garner public attention in December 2021 after some successful attacks on major corporations, where even…

News March 20, 2023

LastPass breaches cast doubt on password manager safety

4 min read - In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a…

News March 1, 2023

50 million password heist shows info-stealing is on the rise

4 min read - On September 15, 2022, Uber employees logged on to see an unexpected message on the company’s Slack channel. It said, “Hi @here, I announce I am a hacker and Uber has suffered a data breach.” At first, many thought it…

CISO February 8, 2023

What CISOs should know about hacking in 2023

4 min read - The art of cyber crime is in a constant state of flux and evolution. Simply staying on pace with these trends is a significant part of the CISO’s job. Today’s modern CISO must ensure they are always prepared for the…

Risk Management August 30, 2022

How and why do teens become cyber criminals?

4 min read - The search to find the mastermind of the attacker group Lapsus$ led to a home outside Oxford, England. The suspected leader was a 16-year-old. He helped take down some of the world’s biggest companies, including Microsoft, from his mother’s house.…