Computer Security News and Insights
The Word Everyone Uses But Few Can Explain In March 2024, the FBI's Internet Crime Complaint Center (IC3) released its 2023 annual report showing $12.5 billion in reported cybercrime losses — a 22% jump from the year before. Politicians, news anchors, and boardroom executives all toss around the
In February 2024, NIST released version 2.0 of its Cybersecurity Framework — the biggest overhaul in a decade. Within weeks, I watched organizations scramble to figure out what changed and what they needed to do about it. Most of them were still struggling to implement version 1.1. Here'
In 2023, there were roughly 3.5 million unfilled cybersecurity jobs worldwide. That number hasn't budged much heading into 2024. Meanwhile, the average cost of a data breach hit $4.45 million according to IBM's latest report. Organizations are desperate for qualified talent, and an online
A Single Click Cost One Company $100 Million In 2019, a Lithuanian national named Evaldas Rimasauskas pleaded guilty to stealing over $100 million from Google and Facebook using nothing but phishing emails. No zero-day exploits. No advanced malware. Just carefully crafted messages that exploited human psychology. If you want to
In March 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. One employee. One convincing lure. Twenty-five million dollars gone. That's not a hypothetical — it'
In January 2024, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors — all because of a phishing email that led to a deepfake video call. That incident made global headlines, but here's what didn't: the thousands of nearly identical
One Email Cost This Company $100 Million In 2019, Toyota Boshoku Corporation — a major Toyota parts supplier — lost $37 million after an employee wired funds to a fraudster posing as a legitimate business partner. That same year, Nikkei's American subsidiary lost $29 million to a nearly identical scheme.
In January 2024, a finance employee at engineering firm Arup wired $25 million to threat actors after a deepfake video call that impersonated the company's CFO. That attack didn't start with a mass spam blast. It started with a carefully researched, individually targeted spear phishing email.
In January 2024, a finance employee at engineering firm Arup wired $25 million to threat actors after joining a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started the same way almost all
In January 2024, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. It started with a phishing email. Every catastrophic breach I've investigated over the past decade traces
