Step-by-step approaches for teaching employees to recognize and respond to cyber threats. Posts cover program design, phishing simulations, interactive workshops, and best practices for making cybersecurity training stick long term.
posts
The Breach That Started With a Single Click In 2023, MGM Resorts lost an estimated $100 million after a threat actor called Scattered Spider social-engineered an IT help desk employee with a phone call that lasted about ten minutes. The attacker didn't exploit a zero-day vulnerability. They didn&
In December 2020, a SolarWinds employee reportedly used the password "solarwinds123" on an update server — a detail that surfaced during Congressional hearings about one of the most devastating supply chain attacks in history. Thousands of organizations, including multiple U.S. government agencies, were compromised. The root cause wasn&
The Breach That Started With a Single Click In 2023, MGM Resorts lost an estimated $100 million after a threat actor social-engineered a help desk employee with a ten-minute phone call. The attacker found an employee on LinkedIn, called the IT service desk, and convinced them to reset credentials. That&
