APWG’s Q4 2024 Phishing Activity Trends Report, published March 19 th, revealed that more than eight in ten Business Email Compromise (BEC) attacks last quarter were sent by attackers favoring Google’s free webmail service. By comparison, only 10% used Microsoft’s…
Tag: Blog RSS Feed
A Subtle Form of Siege: DDoS Smokescreens as a Cover for Quiet Data Breaches
DDoS attacks have long been dismissed as blunt instruments, favored by script kiddies and hacktivists for their ability to overwhelm and disrupt. But in today’s fragmented, hybrid-cloud environments, they’ve evolved into something far more cunning: a smokescreen. What looks like…
Assessment Frameworks for NIS Directive Compliance
According to the NIS Directive, Member States should adopt a common set of baseline security requirements to ensure a minimum level of harmonized security measures across the EU and enhance the overall level of security of operators providing essential services…
Essential Cybersecurity Controls (ECC-1:2018) – A Comprehensive Guide
Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment,…
Tripwire Patch Priority Index for April 2025
Tripwire’s April 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google. Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 11 issues including remote code execution and improper implementation…
LockBit Ransomware Gang Breached, Secrets Exposed
Oh dear, what a shame, never mind. Yes, it’s hard to feel too much sympathy when a group of cybercriminals who have themselves extorted millions of dollars from innocent victims have found themselves dealing with their own cybersecurity problem. And…
Essential Cybersecurity Controls (ECC-1:2018) – A Comprehensive Guide
Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment,…
PIVOTT Act Revived to Tackle Growing Cybersecurity Workforce Shortages
The cyber workforce gap is one of the most pressing and persistent challenges facing the cybersecurity industry. In 2024, ISC2 found that the gap amounted to 4.8 million people globally, up 19% from the previous year. Both public and private…
As Vishing Gains Momentum, It’s Time to Fight Back
The mechanisms and dangers of email phishing are well known, as are the best practices for hardening organizations against it. Its spin-off, called vishing, is nothing new, but it’s both rapidly evolving, and unlike the more mainstream counterpart, too often…
Getting Email Security Right
Let’s face it: your inbox is a warzone. Email security is a constant battle between evolving threats and the defenses designed to stop them. Every day, attackers bombard user inboxes with increasingly sophisticated phishing attempts, malware, and social engineering attacks.…