Tag

Social Engineering Defense

Focuses on recognizing and countering manipulation tactics that attackers use to exploit human trust. Covers pretexting, baiting, tailgating, impersonation scams, and organizational defenses such as verification protocols, awareness campaigns, and incident reporting procedures.

posts

Securing Employee Mobile Devices

Securing Employee Mobile Devices: A Practical Guide

In 2023, a single employee's compromised personal phone gave threat actors a foothold into MGM Resorts' corporate network. The resulting breach cost the company over $100 million. The attack didn't start with some sophisticated zero-day exploit — it started with a social engineering call to the

Carl B. Johnson Apr 11, 2026 5 min read
Securing Employee Mobile Devices

Securing Employee Mobile Devices: A Practical Guide

In 2023, Verizon's Data Breach Investigations Report found that 74% of all breaches involved the human element — and mobile devices have become the primary attack surface for exploiting that weakness. I've watched organizations spend six figures on perimeter defenses while their employees check corporate email on

Carl B. Johnson Apr 07, 2026 6 min read
Gmail Phishing Attacks

Gmail Sophisticated Attacks: FBI Phishing Warnings for 2025

The FBI Didn't Issue Gmail Warnings for Fun In late 2024, the FBI's Internet Crime Complaint Center (IC3) flagged a sharp escalation in sophisticated phishing attacks targeting Gmail users — attacks so convincing that even security-savvy professionals were getting fooled. By mid-2025, the bureau doubled down, warning

Carl B. Johnson Dec 27, 2025 7 min read
Cyber Security

Cyber Security in 2025: What Actually Works Now

The Breach That Changed How I Think About Cyber Security In February 2024, Change Healthcare — one of the largest health payment processors in the United States — was hit by a ransomware attack that disrupted pharmacies, hospitals, and insurance claims across the country for weeks. UnitedHealth Group, its parent company, later

Carl B. Johnson Nov 06, 2025 7 min read
Cybersecurity Best Practices

Cybersecurity Best Practices for Employees in 2025

In January 2025, a finance employee at a multinational firm joined a video call with what appeared to be their CFO and several colleagues. Every face on the screen was a deepfake. The employee transferred $25 million before anyone realized what happened. That incident — reported by CNN and confirmed by

Carl B. Johnson Aug 17, 2025 7 min read