Tag

Phishing Defense

Strategies and tools to identify, prevent, and respond to phishing attacks targeting individuals and organizations. Covers email filtering, URL analysis, employee training, simulated phishing campaigns, and incident response procedures for credential theft attempts.

posts

Keylogger Attack

Keylogger Attack: How They Work and How to Stop Them

In 2023, a single keylogger embedded in a phishing email gave threat actors access to credentials at over 2,000 organizations worldwide as part of the Snake Keylogger campaign. The malware silently recorded every keystroke — passwords, credit card numbers, internal messages — and exfiltrated the data before anyone noticed. A keylogger

Carl B. Johnson May 08, 2020 7 min read
Password Security Best Practices

Password Security Best Practices That Stop Breaches

The 24 Billion Stolen Passwords Nobody Talks About In 2022, researchers at Digital Shadows found over 24 billion username-and-password pairs circulating on dark web marketplaces and criminal forums. That number has only grown. If you think your organization's credentials aren't in that pile, I'd

Carl B. Johnson Nov 26, 2019 7 min read
Security for System Administrators

Security for System Administrators: A 2026 Field Guide

The Breach That Started With a Single Unpatched Server In 2023, the MOVEit Transfer vulnerability (CVE-2023-34362) let the Cl0p ransomware gang compromise thousands of organizations worldwide — including federal agencies and major financial institutions. The root cause wasn't exotic malware or a sophisticated zero-day chain. It was a known

Carl B. Johnson Feb 25, 2019 7 min read