Tag

Credential Theft Prevention

Addresses the tactics attackers use to steal login credentials and the countermeasures organizations can deploy. Topics include multi-factor authentication, credential monitoring, dark web surveillance, secure authentication protocols, and employee awareness training.

posts

Spoofing

What Is Spoofing? The Attack Behind 80% of Breaches

In March 2022, the FBI's Internet Crime Complaint Center reported that Business Email Compromise — a scheme built almost entirely on spoofing — cost victims over $2.4 billion in 2021 alone. That made it the single most financially devastating category of cybercrime they tracked. Not ransomware. Not cryptojacking. Spoofing-based

Carl B. Johnson Sep 04, 2022 6 min read
Spear Phishing vs Phishing

Spear Phishing vs Phishing: What Actually Gets People

In March 2022, the FBI's Internet Crime Complaint Center reported that business email compromise — a form of spear phishing — caused $2.4 billion in adjusted losses in 2021 alone. That dwarfs every other cybercrime category. Meanwhile, broad phishing campaigns still top the list as the most common attack

Carl B. Johnson May 25, 2022 7 min read
Data Breach Examples

Data Breach Examples: Lessons That Still Apply in 2022

In January 2022, the International Committee of the Red Cross disclosed that a sophisticated cyberattack compromised the personal data of more than 515,000 vulnerable people — including refugees, detainees, and missing persons. The attackers exploited an unpatched vulnerability in a single system. One missed update. Half a million of the

Carl B. Johnson Feb 24, 2022 6 min read
Password Security Best Practices

Password Security Best Practices That Actually Work

The 61% Problem You're Probably Ignoring The 2021 Verizon Data Breach Investigations Report found that 61% of all breaches involved credential data. Not sophisticated zero-day exploits. Not nation-state malware. Stolen, weak, or reused passwords. That single statistic should reshape how your organization thinks about password security best practices

Carl B. Johnson Feb 24, 2022 6 min read
Password Manager Benefits

Password Manager Benefits That Stop 80% of Breaches

The Breach That Started With "Company2019!" In January 2021, a security researcher discovered that a SolarWinds intern had used the password "solarwinds123" on a critical internal server. That detail, revealed during congressional hearings, became one of the most embarrassing footnotes in what was already one of

Carl B. Johnson Feb 15, 2022 7 min read
CEO Fraud Email Scam

CEO Fraud Email Scam: How to Stop It Cold

In March 2021, the FBI's Internet Crime Complaint Center reported that business email compromise — the category that includes every CEO fraud email scam — generated $1.8 billion in reported losses in 2020 alone. That made it the single most financially damaging cybercrime category in the entire IC3 report,

Carl B. Johnson Oct 01, 2021 7 min read
Phishing Awareness

How to Spot a Phishing Email Before It Costs You

In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida managed service provider, which cascaded into the massive Kaseya VSA ransomware attack affecting up to 1,500 businesses worldwide. One click. One employee who didn't know how to spot

Carl B. Johnson Aug 31, 2021 8 min read