Tag

Phishing Prevention

Delivers actionable advice on recognizing and preventing phishing attacks, including email phishing, spear phishing, smishing, and vishing. Covers detection techniques, employee training approaches, email security tools, and real-world phishing examples to strengthen your defenses.

posts

IT Security

IT Security in 2022: What Actually Stops Breaches

In March 2022, the Lapsus$ threat actor group breached Okta, Microsoft, Nvidia, and Samsung — not by exploiting sophisticated zero-day vulnerabilities, but by buying stolen credentials and socially engineering employees. A teenager-led group dismantled the IT security of some of the most well-resourced technology companies on the planet. If that doesn&

Carl B. Johnson Aug 11, 2022 7 min read
Computer Security Security

Computer Security Security: Layers That Actually Work

In March 2022, Okta confirmed that the Lapsus$ threat actor group had breached a third-party support engineer's laptop and accessed internal systems. The attack didn't exploit some exotic zero-day vulnerability. It started with compromised credentials — a single point of failure in what should have been a

Carl B. Johnson Jul 30, 2022 7 min read
Computer Security Companies

Computer Security Companies: What They Won't Tell You

The Blind Spot That Computer Security Companies Sell Around In March 2022, Okta — one of the most prominent identity management vendors in the world — confirmed that the Lapsus$ threat actor group had compromised a third-party support engineer's laptop and accessed internal systems. An identity security company, breached through

Carl B. Johnson Jul 30, 2022 7 min read
Cyber Security

Cyber Security Basics That Stop 90% of Attacks

The Breach That Started With a Single Password In May 2021, a single compromised password shut down the Colonial Pipeline and triggered fuel shortages across the Eastern United States. The attackers used a stolen VPN credential — no multi-factor authentication, no zero trust architecture, just one reused password. That's

Carl B. Johnson Jul 30, 2022 6 min read
Home Computer Security

How Can You Protect Your Home Computer in 2022

In March 2022, the FBI's Internet Crime Complaint Center reported that Americans lost over $6.9 billion to cybercrime in 2021 — a 64% increase from the year before. A staggering number of those victims weren't Fortune 500 companies. They were regular people, sitting at home computers,

Carl B. Johnson Jul 30, 2022 7 min read
Computer Virus Prevention

Computer Virus Prevention: 9 Steps That Actually Work

The Virus That Cost One Hospital Chain $67 Million In 2017, the NotPetya attack crippled organizations worldwide. Heritage Valley Health System in Pennsylvania lost access to its entire network. Surgeries were delayed. Patient records vanished. The total global damage from NotPetya exceeded $10 billion, according to the White House. And

Carl B. Johnson Jul 30, 2022 6 min read
Computer Security Service

Computer Security Service: What Actually Works in 2022

The Colonial Pipeline Fallout Changed Everything About How We Buy Security One year ago, a single compromised password shut down the largest fuel pipeline in the United States. Colonial Pipeline paid $4.4 million in ransom. Gas stations across the Southeast ran dry. And the FBI later confirmed that the

Carl B. Johnson Jun 20, 2022 7 min read
Define Cyber

Define Cyber: What It Really Means for Your Security

In May 2021, a single compromised password shut down Colonial Pipeline — the largest fuel pipeline in the United States — for six days. The company paid a $4.4 million ransom. Flights were disrupted. Gas stations ran dry across the Southeast. All because one set of credentials was exposed on the

Carl B. Johnson Jun 20, 2022 6 min read
Phishing Simulation Training

Phishing Simulation Training: Why 90% of Breaches Start Here

A Single Click Cost One County $1.3 Million In March 2022, Bernalillo County, New Mexico was still recovering from a ransomware attack that started with what investigators believe was a phishing email. The county had to close government buildings, delay jail proceedings, and shut down key services. The remediation

Carl B. Johnson May 25, 2022 7 min read
Phishing Prevention

How to Avoid Phishing Attacks: A Practical Guide

In March 2022, the threat actor group Lapsus$ breached Okta by compromising a single employee's credentials through a social engineering attack. One phished account. That's all it took to put thousands of downstream customers at risk. If you're wondering how to avoid phishing attacks,

Carl B. Johnson May 25, 2022 8 min read