Tag

Ransomware Prevention

Ransomware prevention content provides actionable strategies for defending against ransomware attacks before they encrypt critical data. Articles cover backup protocols, endpoint detection, network segmentation, patch management, and incident response planning tailored to ransomware scenarios.

posts

Dark Web Monitoring

Dark Web Monitoring for Businesses: A Practical Guide

In April 2024, a credentials dump containing over 26 billion records — dubbed the "Mother of All Breaches" — surfaced on dark web forums. LinkedIn, Twitter, Dropbox, Adobe, and hundreds of other platforms were represented. Within weeks, threat actors were using those credentials in automated stuffing attacks against small and

Carl B. Johnson Aug 14, 2019 7 min read
Stolen Credentials Dark Web

Stolen Credentials Dark Web: Where Your Passwords End Up

In January 2024, a massive dataset known as the "Mother of All Breaches" surfaced containing 26 billion records — credentials scraped, aggregated, and repackaged from hundreds of previous data breaches. Usernames. Passwords. Email addresses. All of it sitting on dark web forums, available to anyone willing to pay. If

Carl B. Johnson Jul 25, 2019 7 min read
Trojan Horse Malware

Trojan Horse Malware: How It Gets In and How to Stop It

The Fake Invoice That Cost a Hospital System $28 Million In 2024, Ascension Health — one of the largest healthcare systems in the United States — suffered a devastating ransomware attack that disrupted operations across 140 hospitals. The initial entry vector? A malicious file that an employee downloaded, believing it to be

Carl B. Johnson Jul 14, 2019 7 min read
Medusa Ransomware

Medusa Ransomware Gang Phishing Campaigns: What to Know

In March 2025, CISA and the FBI issued a joint advisory warning that the Medusa ransomware gang had compromised over 300 organizations across critical infrastructure sectors — healthcare, education, legal, insurance, and manufacturing. The attack vector wasn't some exotic zero-day exploit. It was phishing. Specifically, carefully crafted Medusa ransomware

Carl B. Johnson Jul 04, 2019 6 min read
Phish Food

Phish Food: What Threat Actors Serve Your Employees

Your Inbox Is a Buffet — and Attackers Are Feeding In March 2024, MGM Resorts was still tallying the damage from a social engineering attack that started with a single phone call to their help desk. The cost? Over $100 million in losses. The attacker didn't exploit a zero-day

Carl B. Johnson Apr 05, 2019 7 min read
Phishing News

Phishing News: The Attacks Reshaping 2026 Security

A Single Phishing Email Just Cost a Healthcare System $65 Million If you follow phishing news, you already know the headlines keep getting worse. Change Healthcare's 2024 breach — triggered by compromised credentials and the absence of multi-factor authentication — led to a reported $22 billion disruption across the U.

Carl B. Johnson Mar 20, 2019 7 min read
Security for System Administrators

Security for System Administrators: A 2026 Field Guide

The Breach That Started With a Single Unpatched Server In 2023, the MOVEit Transfer vulnerability (CVE-2023-34362) let the Cl0p ransomware gang compromise thousands of organizations worldwide — including federal agencies and major financial institutions. The root cause wasn't exotic malware or a sophisticated zero-day chain. It was a known

Carl B. Johnson Feb 25, 2019 7 min read
Computer Security Software

Computer Security Software: What Actually Stops Breaches

In 2023, MGM Resorts had world-class computer security software deployed across its entire infrastructure. Firewalls, endpoint detection, SIEM platforms — the works. A single social engineering phone call bypassed all of it, leading to an estimated $100 million in losses. That incident should have been a wake-up call for every organization

Carl B. Johnson Feb 02, 2019 6 min read