Tag

Social Engineering

Learn how attackers use psychological manipulation to trick people into revealing sensitive information or performing unsafe actions. Topics include pretexting, baiting, tailgating, vishing, and real-world social engineering case studies that expose common human vulnerabilities.

posts

Cybersecurity Best Practices

Cybersecurity Best Practices for Employees in 2022

One Click Cost This Company Everything In March 2022, a single employee at Nvidia clicked something they shouldn't have. The Lapsus$ threat actor group walked away with over a terabyte of proprietary data, including employee credentials and source code. Nvidia isn't a small shop with weak

Carl B. Johnson Apr 04, 2022 7 min read
Cybersecurity Awareness Month

Cybersecurity Awareness Month: What Actually Works

Last October, while organizations across the country were hanging "Think Before You Click" posters in their break rooms, the FBI's Internet Crime Complaint Center was logging over 847,000 complaints representing nearly $7 billion in losses for 2021. That's roughly a 7% increase in

Carl B. Johnson Mar 21, 2022 7 min read
Ransomware

How Ransomware Spreads: 6 Attack Vectors You Must Know

In February 2022, the FBI and CISA issued a joint advisory warning that ransomware incidents against 14 of 16 U.S. critical infrastructure sectors had increased dramatically. That advisory wasn't theoretical — it followed real attacks against water treatment facilities, hospitals, and food processors. If you're searching

Carl B. Johnson Mar 18, 2022 7 min read
Data Breach

What Causes a Data Breach: 7 Root Causes Explained

In January 2022, the International Committee of the Red Cross disclosed that a sophisticated cyberattack compromised the personal data of more than 515,000 vulnerable people — including missing persons, detainees, and their families. The breach didn't happen because of some exotic zero-day exploit. It happened because of a

Carl B. Johnson Mar 18, 2022 6 min read
Cybersecurity Incident Examples

Cybersecurity Incident Examples That Changed Everything

The Breach That Cost a Pipeline Its Entire Operation In May 2021, Colonial Pipeline — the largest fuel pipeline in the United States — shut down completely after a ransomware attack. A single compromised password on a legacy VPN account gave the DarkSide threat actor group everything they needed. The company paid

Carl B. Johnson Jan 18, 2022 6 min read
Insider Threats

Malicious Insider vs Negligent Insider: Real Threats

One Cost the Company $3.4 Billion. The Other Just Forgot to Lock the Door. In 2020, a former Ubiquiti employee launched a devastating attack against his own employer — stealing proprietary data, attempting extortion, and then posing as a whistleblower to tank the company's stock. That's

Carl B. Johnson Jan 15, 2022 7 min read
Cybersecurity for Nonprofits

Cybersecurity for Nonprofits: A Practical Defense Guide

The Blackbaud Breach Should Have Been a Wake-Up Call In May 2020, a ransomware attack hit Blackbaud — one of the largest cloud computing providers serving nonprofits, hospitals, and universities. The breach exposed donor records, financial data, and Social Security numbers belonging to millions of people across hundreds of organizations. Blackbaud

Carl B. Johnson Jan 01, 2022 7 min read