Computer Security News and Insights
A Marketing Team's Slack Alternative Nearly Took Down an Entire Hospital Network In 2023, a regional healthcare system discovered that its marketing department had been using an unapproved messaging platform for over 14 months. Nobody in IT knew. The platform stored patient-adjacent data with no encryption, no access
In 2023, a single phishing email gave threat actors access to MGM Resorts' entire IT infrastructure. The attackers impersonated an employee on a help desk call — a technique they refined through information harvested from a phishing campaign. The result was over $100 million in losses and days of operational
In 2024, MGM Resorts lost an estimated $100 million after a social engineering attack that started with a single phone call to the help desk. The threat actor didn't exploit a zero-day vulnerability or deploy some exotic malware. They impersonated an employee. That's it. And it
In 2023, MGM Resorts lost an estimated $100 million after a threat actor called Scattered Spider social-engineered a help desk employee with a ten-minute phone call. That single conversation gave attackers the keys to one of the largest hospitality companies on the planet. So when someone asks me what is
A 3-Minute Email Cost One Company $37 Million In 2024, a finance employee at a multinational firm joined a deepfake video call with what appeared to be the company's CFO and several colleagues. Every person on that call was AI-generated. The employee transferred $25.6 million (approximately HK$
In 2023, Verizon's Data Breach Investigations Report found that 74% of all breaches involved the human element — and a growing percentage of those started on a mobile device. I've reviewed mobile device security policies for organizations of every size, and here's the uncomfortable truth:
The Clock Starts the Moment You See the Ransom Note In February 2024, Change Healthcare — one of the largest health payment processors in the United States — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted pharmacy operations, delayed insurance claims, and affected an estimated one-third of all Americans&
$4.88 Million Was Last Year's Average. This Year Will Be Worse. IBM's 2024 Cost of a Data Breach Report put the global average at $4.88 million — a 10% jump from the year before and the highest figure ever recorded at that point. If you
In 2023, the FBI's Internet Crime Complaint Center (IC3) received over 880,000 complaints with potential losses exceeding $12.5 billion — a 22% increase from the year before. A massive chunk of those losses traced back to malware infections that could have been stopped with basic hygiene. If
76,000 Victims and Counting — The FBI's Smishing Alert Is Serious In early 2024, the FBI and FTC issued urgent warnings about a massive smishing campaign impersonating toll collection agencies and delivery services across all 50 states. By late 2025, the IC3 had cataloged tens of thousands of
