Tag

Social Engineering

Learn how attackers use psychological manipulation to trick people into revealing sensitive information or performing unsafe actions. Topics include pretexting, baiting, tailgating, vishing, and real-world social engineering case studies that expose common human vulnerabilities.

posts

Ransomware

How Ransomware Spreads: 5 Attack Vectors You Must Block

A Single Click Cost One Hospital $67 Million In September 2020, Universal Health Services — one of the largest healthcare providers in the U.S. — got hit by the Ryuk ransomware strain. The attack shut down systems across 400 facilities. Patients were diverted. Records went analog. The final damage? An estimated

Carl B. Johnson Mar 12, 2021 7 min read
Data Breach

What Causes a Data Breach: 7 Real Threats in 2021

In July 2020, Twitter disclosed that attackers had compromised 130 high-profile accounts — including those of Barack Obama, Elon Musk, and Apple — through a social engineering attack targeting employees with access to internal tools. The breach didn't involve some exotic zero-day exploit. It started with phone calls to Twitter

Carl B. Johnson Jan 20, 2021 7 min read
Insider Threat Awareness

Insider Threat Awareness: What Your Team Isn't Telling You

In July 2020, a 17-year-old in Florida convinced a Twitter employee to hand over internal credentials. Within hours, threat actors had hijacked 130 high-profile accounts — including those of Barack Obama, Elon Musk, and Apple — and used them to run a Bitcoin scam. The breach didn't start with a

Carl B. Johnson Dec 20, 2020 7 min read
Insider Threats

Insider Threat Examples: Real Cases That Cost Millions

In July 2020, a 17-year-old in Florida convinced a Twitter employee to hand over internal credentials. Within hours, the attacker had hijacked accounts belonging to Barack Obama, Elon Musk, Joe Biden, and Apple — tweeting a Bitcoin scam that netted over $100,000. The most sophisticated firewall in the world wouldn&

Carl B. Johnson Dec 20, 2020 7 min read
Insider Threats

Malicious Insider vs Negligent Insider: Real Threats

A Disgruntled Engineer, a Careless Accountant, and $11.45 Billion in Losses In 2018, a former Tesla employee reportedly sabotaged the company's manufacturing systems and exfiltrated sensitive data to third parties. That same year, countless organizations bled data because an employee clicked a phishing link or misconfigured a

Carl B. Johnson Dec 12, 2020 7 min read
Work From Home Cybersecurity

Work From Home Cybersecurity: A Practical Guide

In April 2020, the FBI's Internet Crime Complaint Center reported it was receiving between 3,000 and 4,000 cybersecurity complaints per day — a roughly 400% increase from pre-pandemic levels. The single biggest catalyst? Millions of employees suddenly working from home on networks and devices that no corporate

Carl B. Johnson Nov 08, 2020 7 min read
Cybersecurity for Nonprofits

Cybersecurity for Nonprofits: A Practical Defense Guide

The Breach That Cost a Children's Charity Everything In 2023, Save the Children Federation confirmed it was hit by the BianLian ransomware group, which claimed to have stolen nearly 7 GB of data including financial records, personal information, and medical data. A global nonprofit with significant resources still

Carl B. Johnson Nov 04, 2020 7 min read