Tag

Threat Actors

Learn about the individuals and groups behind cyberattacks, including nation-state hackers, cybercriminal organizations, hacktivists, and insider threats. These articles analyze motivations, tactics, and real-world examples to help you understand who poses risks to your digital assets.

posts

Cybersecurity Glossary

Cybersecurity Glossary for Beginners: 40 Terms You Need

When the Colonial Pipeline ransomware attack shut down fuel distribution across the U.S. East Coast in May 2021, millions of people suddenly needed to understand words like "ransomware," "threat actor," and "critical infrastructure." But most glossaries online read like they were written by

Carl B. Johnson Jan 06, 2025 8 min read
SQL Injection

SQL Injection Explained: The Attack That Won't Die

A 20-Year-Old Vulnerability Still Dominating Breach Reports In 2023, the MOVEit Transfer vulnerability (CVE-2023-34362) compromised over 2,600 organizations and exposed data on more than 77 million individuals. At its core, the exploit was a SQL injection. The Cl0p ransomware gang used it to steal data from federal agencies, major

Carl B. Johnson Dec 19, 2024 7 min read
Medusa Ransomware

Medusa Ransomware Gang Phishing Campaigns Explained

A $100,000 Ransom Demand Starts With One Email In early 2024, the FBI and CISA issued a joint advisory warning that the Medusa ransomware gang had compromised over 300 organizations across critical infrastructure sectors since June 2021. The attack chain almost always starts the same way: phishing campaigns targeting

Carl B. Johnson Nov 07, 2024 7 min read
Spoofing

What Is Spoofing? The Attack Behind Most Breaches

In January 2024, a finance employee at engineering firm Arup wired $25 million to criminals after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attackers had spoofed not just an email address or

Carl B. Johnson Aug 19, 2024 8 min read
What Is Cybersecurity

What Is Cybersecurity? A Practitioner's Real-World Guide

In 2023, the FBI's Internet Crime Complaint Center received over 880,000 complaints with potential losses exceeding $12.5 billion — a 22% increase in losses from the year before. That's not a theoretical number. Those are real businesses shuttered, real retirement accounts emptied, and real hospitals

Carl B. Johnson Jul 10, 2024 6 min read
Cybersecurity Definition

Cybersecurity Definition: What It Really Means in 2024

In March 2024, a ransomware attack on Change Healthcare — one of the largest health payment processors in the U.S. — disrupted claims processing for pharmacies and hospitals nationwide. Patients couldn't fill prescriptions. Providers couldn't get paid. A single breach paralyzed a massive chunk of American healthcare

Carl B. Johnson May 13, 2024 7 min read
Ransomware Examples

Ransomware Examples: What 2024 Attacks Teach Us

The Ransomware Landscape Right Now Is Brutal In January 2024, the Hive ransomware group's infrastructure had barely been dismantled by the FBI before new ransomware gangs filled the vacuum. If you searched for ransomware examples hoping to understand what's coming next, the best place to start

Carl B. Johnson Feb 09, 2024 7 min read
Malware

What Is Malware? A Security Pro's Field Guide

In February 2023, the U.S. Marshals Service confirmed a major ransomware attack that compromised sensitive law enforcement data — including personally identifiable information and internal legal documents. A federal agency with dedicated security staff and government-grade infrastructure still got hit. If you're running a business without those resources,

Carl B. Johnson Apr 10, 2023 7 min read
Medusa Ransomware

Medusa Ransomware Gang Phishing Campaigns Explained

A Ransomware Gang That Starts With Your Inbox In 2022, the Medusa ransomware gang emerged as one of the most aggressive threat actors targeting organizations through phishing campaigns. They don't kick down the front door — they walk through it with stolen credentials, harvested from carefully crafted phishing emails

Carl B. Johnson Dec 25, 2022 6 min read
Cybersecurity Definition

Cybersecurity Definition: What It Actually Means in 2022

In March 2022, the FBI's Internet Crime Complaint Center reported that Americans lost over $6.9 billion to cybercrime in 2021 — a 64% jump from the year before. That number makes the standard cybersecurity definition you'll find in a textbook feel almost dangerously quaint. If you&

Carl B. Johnson Jun 20, 2022 6 min read