Tag

Credential Theft

Posts exploring how attackers steal usernames, passwords, and authentication tokens through phishing, keylogging, brute force attacks, and credential stuffing. Includes actionable guidance on multi-factor authentication, password managers, and monitoring for compromised credentials.

posts

Phishing Prevention Tips

Phishing Prevention Tips That Actually Stop Attacks

In 2023, a single phishing email cost MGM Resorts an estimated $100 million. The threat actor didn't exploit a zero-day vulnerability or deploy exotic malware. They called the help desk, impersonated an employee found on LinkedIn, and got a password reset. That's it. If you'

Carl B. Johnson Jun 19, 2026 5 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

A $4.88 Million Problem That Starts With One Email In 2024, the average cost of a data breach hit $4.88 million globally, according to IBM's Cost of a Data Breach Report. The number one initial attack vector? Phishing. Not sophisticated zero-day exploits. Not nation-state hackers tunneling

Carl B. Johnson Jun 18, 2026 5 min read
Data Breach

What Causes a Data Breach: 7 Root Causes in 2026

In 2024, IBM's Cost of a Data Breach Report pegged the global average cost of a single breach at $4.88 million — the highest figure ever recorded. And yet, when I talk to business owners after an incident, most of them ask the same question: How did this

Carl B. Johnson Jun 18, 2026 5 min read
Executive Phishing Attacks

Executive Phishing Attacks: Why the C-Suite Is Target #1

A Single Email Cost This Company $47 Million In 2016, Austrian aerospace firm FACC lost €42 million (roughly $47 million USD) after threat actors impersonated the CEO in a carefully crafted email to the finance department. The employee who wired the money believed they were following a direct executive order.

Carl B. Johnson Jun 17, 2026 6 min read
CEO Fraud Email Scam

CEO Fraud Email Scam: How Attackers Steal Millions

A Single Email Cost This Company $47 Million In 2016, FACC, an Austrian aerospace parts manufacturer, lost €42 million (roughly $47 million USD) after an employee wired funds based on instructions that appeared to come from the CEO. The email was fake. The money vanished into accounts controlled by threat

Carl B. Johnson Jun 16, 2026 6 min read
Phishing Attacks

What Is a Phishing Attack? A Real-World Breakdown

A Single Email Cost This Company $100 Million In 2019, Toyota Boshoku Corporation — a major Toyota parts supplier — lost $37 million after employees wired funds to accounts controlled by attackers who impersonated a business partner via email. Facebook and Google collectively lost over $100 million to a Lithuanian man who

Carl B. Johnson Jun 15, 2026 6 min read
Types of Malware

Types of Malware: What Every Organization Must Know

In February 2024, Change Healthcare — one of the largest health payment processors in the U.S. — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted claims processing for hospitals and pharmacies nationwide, exposed protected health information for an estimated 100 million people, and reportedly led to a $22

Carl B. Johnson Jun 12, 2026 6 min read
SaaS Security

SaaS Security Best Practices Your Team Needs in 2026

The Average Company Runs 130 SaaS Apps — And Secures Maybe Half In early 2024, a threat actor breached Snowflake customer environments — not by exploiting a zero-day, but by using stolen credentials harvested from infostealer malware. The result? Hundreds of millions of records exposed across companies like Ticketmaster and AT&

Carl B. Johnson Jun 10, 2026 6 min read
Cloud Storage Security Risks

Cloud Storage Security Risks Your Team Is Ignoring

A Single Misconfigured S3 Bucket Exposed 540 Million Facebook Records Back in 2019, researchers at UpGuard discovered that two third-party Facebook app developers had left hundreds of millions of user records sitting in publicly accessible Amazon S3 buckets. No hacking required. No sophisticated exploit. Just wide-open cloud storage that anyone

Carl B. Johnson Jun 10, 2026 5 min read