Tag

Threat Actors

Learn about the individuals and groups behind cyberattacks, including nation-state hackers, cybercriminal organizations, hacktivists, and insider threats. These articles analyze motivations, tactics, and real-world examples to help you understand who poses risks to your digital assets.

posts

Spoof

Spoof Attacks: How Threat Actors Trick You in 2026

A Single Spoofed Email Cost This Company $47 Million In 2024, the SEC disclosed that Ubiquiti Networks lost $46.7 million after attackers used a spoof of executive email accounts to trick the finance department into wiring funds to overseas accounts. The employees thought they were following orders from the

Carl B. Johnson Jun 20, 2026 5 min read
Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Major Breaches

A Single Email Cost This Company $100 Million In 2015, Ubiquiti Networks disclosed that threat actors used carefully crafted emails impersonating company executives to trick finance employees into wiring $46.7 million to overseas accounts. The attackers didn't exploit a software vulnerability. They exploited people — with spear phishing.

Carl B. Johnson Jun 07, 2026 5 min read
Cybersecurity Definition

Cybersecurity Definition: What It Really Means in 2026

In 2023, MGM Resorts lost roughly $100 million after a social engineering phone call — a single phone call — gave threat actors the foothold they needed to deploy ransomware across the company's entire infrastructure. If you Google "cybersecurity definition," you'll get a tidy textbook answer

Carl B. Johnson Jun 04, 2026 5 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Bypass Your Defenses

In January 2024, a finance employee at a multinational engineering firm in Hong Kong wired $25 million to threat actors after a video call with what appeared to be the company's CFO. The call was a deepfake. But the attack started weeks earlier — with a single spear phishing

Carl B. Johnson Jun 02, 2026 5 min read
Spoof

Spoof Attacks: How Threat Actors Trick Your Defenses

The CEO Email That Wasn't From the CEO In early 2025, a mid-sized logistics company wired $3.1 million to a bank account in Hong Kong. The CFO had received an email — apparently from the CEO — requesting an urgent wire transfer for a confidential acquisition. The email address

Carl B. Johnson Jan 17, 2026 7 min read
What Is Cybersecurity

What Is Cybersecurity? A Practitioner's Real-World Guide

A $4.88 Million Question Nobody Asks Until It's Too Late In May 2023, the city of Dallas, Texas got hit with Royal ransomware. Emergency services disrupted. Court systems offline. Weeks of recovery. The estimated cost ran into tens of millions. And the entry point? A service account

Carl B. Johnson Nov 06, 2025 7 min read
Ransomware Examples

Ransomware Examples 2025: Real Attacks Shaping Defenses

Ransomware Isn't Slowing Down — It's Shapeshifting In February 2024, Change Healthcare suffered what became one of the most devastating ransomware attacks in U.S. history. The ALPHV/BlackCat ransomware group crippled the nation's largest health care payment processor, disrupting pharmacies, hospitals, and insurance claims

Carl B. Johnson Jul 19, 2025 7 min read
Dark Web

What Is the Dark Web? A Security Pro's Real-World Guide

Your Stolen Password Is Already For Sale Somewhere In January 2024, a dataset called "Naz.API" surfaced on dark web forums containing over 70 million unique email addresses paired with plaintext passwords. The data had been harvested from credential-stealing malware installed on everyday people's computers. If

Carl B. Johnson Feb 28, 2025 7 min read