Tag

Threat Detection

Stay current on methods and technologies used to identify cyber threats before they escalate. Topics include intrusion detection systems, anomaly monitoring, threat intelligence feeds, endpoint detection, and behavioral analysis techniques for proactive defense.

posts

Incident Response Plan Template

Incident Response Plan Template: Build Yours in 2025

The Breach That Didn't Have to Be a Disaster In early 2024, Change Healthcare suffered a ransomware attack that disrupted pharmacy operations and claims processing across the entire U.S. healthcare system for weeks. UnitedHealth Group eventually disclosed that the breach affected roughly 100 million individuals — the largest

Carl B. Johnson Jun 14, 2025 7 min read
Incident Response

Cyber Incident Response Steps: A Practical Playbook

The 37 Minutes That Cost MGM Resorts $100 Million In September 2023, a threat actor called Scattered Spider social-engineered an MGM Resorts help desk employee. Within 37 minutes, they had enough access to cripple one of the world's largest casino and hotel operators. Slot machines went dark. Hotel

Carl B. Johnson Dec 11, 2023 7 min read
Adware vs Spyware

Adware vs Spyware: What's Actually Stealing Your Data

In February 2023, the FBI's Internet Crime Complaint Center reported that malware-related complaints had surged again, with losses running into the hundreds of millions. Buried in those numbers is a distinction most people get wrong: adware vs spyware. I've watched organizations treat adware as a minor

Carl B. Johnson Apr 10, 2023 6 min read
Incident Response Plan Template

Incident Response Plan Template: Build Yours in 2022

When Colonial Pipeline got hit with ransomware in May 2021, they paid $4.4 million within hours. Their CEO later told a Senate committee the company had an incident response plan — but executing it under pressure exposed gaps nobody anticipated. If a company running critical U.S. infrastructure can stumble,

Carl B. Johnson Feb 10, 2022 8 min read
Insider Threats

Malicious Insider vs Negligent Insider: Real Threats

One Cost the Company $3.4 Billion. The Other Just Forgot to Lock the Door. In 2020, a former Ubiquiti employee launched a devastating attack against his own employer — stealing proprietary data, attempting extortion, and then posing as a whistleblower to tank the company's stock. That's

Carl B. Johnson Jan 15, 2022 7 min read
Adware vs Spyware

Adware vs Spyware: What Security Pros Know You Don't

In March 2021, Avast researchers disclosed that at least 28 browser extensions — used by roughly three million people — were quietly harvesting browsing data and redirecting users to phishing and ad-laden sites. Some of those extensions looked like simple ad-blocking tools. Others posed as social media helpers. Under the hood, they

Carl B. Johnson Sep 16, 2021 7 min read
Cybersecurity Incident Response

Cybersecurity Incident Response: A Battle-Tested Guide

In July 2020, Twitter lost control of 130 high-profile accounts — including those of Barack Obama, Elon Musk, and Apple — in a social engineering attack that bypassed every technical control the company had. The attackers didn't use a zero-day exploit. They manipulated employees. And Twitter's cybersecurity incident

Carl B. Johnson Dec 20, 2020 7 min read
Incident Response Plan Template

Incident Response Plan Template: Build Yours Today

The SolarWinds breach discovered this month compromised at least 18,000 organizations — including multiple U.S. government agencies — and most of them had no actionable incident response plan template ready when the alerts started firing. I've watched organizations scramble through breaches with nothing but a stale PDF from

Carl B. Johnson Dec 20, 2020 7 min read
Cyber Incident Response Steps

Cyber Incident Response Steps That Actually Work

When SolarWinds disclosed in December 2020 that threat actors had compromised their Orion software update mechanism — affecting up to 18,000 organizations including multiple U.S. government agencies — it became the most significant supply chain attack in modern history. The organizations that responded effectively didn't improvise. They followed

Carl B. Johnson Dec 20, 2020 7 min read