FBI: Business Email Compromise: The $43 Billion Scam

According to the FBI, business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally. (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. STATISTICAL DATA The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. […]

World Password Day 2022 – Commentary

Despite employees knowing the risk of bad password habits, many continue to recycle the same passwords out of convenience. However, 95% of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts throughout the year, highlighting the need for more education on password practices.  Experts Comments May 06, 2022 Pete Caldecourt […]

Expert Advice On Colonial Pipeline Ransomware Attack Anniversary

This week is the anniversary of the Colonial Pipelines attack, which saw one of the biggest pipelines in the US temporarily shut down, following a ransomware attack by DarkSide, a ransomware-as-a-service group that is believed to be linked to Russia. Not only did the attack affect millions but heralded a new era of cybercrime. In […]

Security Advisory Issued For Critical F5 Vulnerability

It has been reported that F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. The vulnerability is tracked as CVE-2022-1388 and has a CVSS v3 severity rating of 9.8, categorized as critical. Its exploitation […]

White House Says To Prepare For Cryptography-Cracking Quantum Computers

Quantum Cryptography Company

President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement measures that would mitigate risks posed by quantum computers to US national cyber security. The NSM outlines the risks of cryptanalytically relevant quantum computers (CRQC), such as their likely ability to brake current public-key cryptography. More information: https://www.bleepingcomputer.com/news/security/white-house-prepare-for-cryptography-cracking-quantum-computers/ Memorandum: https://www.whitehouse.gov/briefing-room/statements-releases/2022/05/04/national-security-memorandum-on-promoting-united-states-leadership-in-quantum-computing-while-mitigating-risks-to-vulnerable-cryptographic-systems/  Experts Comments May 06, 2022 Francis Gaffney […]

NIST Update Supply Chain Guidance

Supply Chain Cyber Security

This morning the National Institute of Standards and Technology released new guidance on securing the supply chain against cyber-attacks. In response, please see below comments from cybersecurity expert who outlines the positive nature of this NIST guidance, exploring how supply chain attacks are becoming increasingly popular targets, and why it is more critical than ever […]

Breaking: Expert OpenSea Phishing Vulnerability

OpenSea has announced a vulnerability and is advising all to avoid clicking on a suspicious link. This is not the first time OpenSea has had a phishing-related incident and shows the need for greater care in our own security. Experts Comments May 06, 2022 David Mahdi + Follow Me – UnFollow Me Ex-Gartner Analyst and CSO […]

HHS Information Security Program ‘Not Effective’

According to the HIPPA Journal, The US Department of Health and Human Services (HHS) has failed their security audit for a fourth consecutive year.  The audits were conducted for the HHS’ Office of Inspector General (OIG) to confirm compliance with the Federal Information Security Modernization Act of 2014 (FISMA) for fiscal years 2018 through 2021. Audits […]