Computer Security News and Insights
In March 2021, a single employee at a water treatment facility in Oldsmar, Florida clicked through a remote access session that could have poisoned an entire city's water supply. The attacker didn't use a sophisticated zero-day exploit. They used a shared TeamViewer password and the fact
In March 2021, a mid-size law firm in Atlanta lost $2.3 million to a single wire fraud attack. The attacker spoofed the managing partner's email, requested an urgent transfer, and a paralegal complied without hesitation. When the firm investigated, they discovered their annual security awareness program consisted
In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida managed service provider, which cascaded into the massive Kaseya VSA ransomware attack affecting up to 1,500 businesses worldwide. One click. One employee who didn't know how to spot
In March 2021, a massive phishing campaign impersonating Microsoft Office 365 hit over 10,000 mailboxes across the financial services sector in a single week. The emails were nearly flawless — correct logos, legitimate-looking sender domains, and urgent language about password expiration. Dozens of employees handed over their credentials before anyone
A Ransomware Group That Starts With Your Inbox In June 2021, a mid-sized manufacturer discovered every file server in their environment encrypted. The ransom note was signed "Medusa." The entry point? A single phishing email that harvested an employee's VPN credentials. The Medusa ransomware gang phishing
A Single Phish Took Down a $4 Billion Pipeline In May 2021, a single compromised password — likely harvested through a phish or credential reuse — gave attackers access to Colonial Pipeline's network. The result: a ransomware attack that shut down 5,500 miles of fuel pipeline, triggered gas shortages
In June 2021, Google disclosed that it had sent over 50,000 warnings to account holders about state-sponsored phishing and malware attempts in just the first three quarters of the year — a 33% increase over the same period in 2020. If you've received a Gmail account access warning,
A Single Fake Email Cost Facebook and Google $120 Million Between 2013 and 2015, a Lithuanian man named Evaldas Rimasauskas sent a series of fake email messages to employees at Facebook and Google. He impersonated a legitimate hardware vendor, complete with forged invoices and contracts. By the time both companies
The Inbox Is the Front Door — And It's Wide Open According to the 2021 Verizon Data Breach Investigations Report, phishing is involved in 36% of all confirmed data breaches. That number jumped 11 percentage points from the year before. Let that sink in — more than a third of
16,000 Complaints and Counting: Why the FBI Is Sounding the Alarm In February 2021, the FBI's Internet Crime Complaint Center (IC3) began tracking a dramatic spike in smishing — phishing attacks delivered via SMS text messages. The FBI warning on smishing texts wasn't hypothetical. It came
