Are You Sending Your Password Hash When Invite Clicked?

SCMagazine has the story ” Accepting Calendar Invite Could Leak Your Password Several steps and the hacker has to create the right environment, but if they can make you click on a calendar invite with the right circumstances your password “hash” will be transferred to the hacker. A hash are a number of characters that … Read more

Are you Hiring? Resume Malware Trying to Get to You!

SCMagazine has the story “Hiring? New scam campaign means ‘resume’ downloads may contain malware” “Requiring the victim to copy and paste the malicious domain name increases the likelihood the emails will make it past secure email gateways. Plus, with unassuming domain names like “wlynch[.]com” for a candidate named William Lynch and “annetterawlings[.]com” for a candidate … Read more

How to Defend Against AI Spam Email?

So have you been assuming all spam to have spelling mistakes? Or just bad grammar? What if the email has impeccable grammar? How to defend against the bad guys using AI in their spam emails? NIST (National Institute of Science and Technology) has a definition of phishing:  https://csrc.nist.gov/glossary/term/phishing Phishing Definition: ”  A technique for attempting … Read more

Cybersecurity Practitioners Must Get More Boring?

DanielMiessler.com website Unsupervised Learning has a post SEC vs Solar Winds Cybersecurity’s Enron moment.     The problem is that Cybersecurity is still ‘magic’ to many people and it should not be. It has to be made into a boring endeavor which will make the defense of a company more likely. Making a company secure … Read more