Social Engineering

2FA and telco vulnerability allows criminals to hack email accounts, reveals security researcher

When you forget your Gmail password, and have two factor authentication (2FA) enabled, Google will SMS or call you with a six to eight digit code. You enter the code (Google calls this 2-step verification) and gain access to your account.

What is a honeypot? A trap for catching hackers in the act

A honeypot is a system designed to lure hackers into revealing their origins and techniques, and they're used by security researchers and corporate IT alike.

Malicious URLs now rampant: Study

Malicious URLs are now rampant problem according to a study which found they are contained in an average of one in every 61 emails.

What is Mimikatz? And how to defend against this password stealing tool

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets.

Threadkit, Formbook exploit old Microsoft vulnerability shows an uptick: Research

In organizations where threat intelligence isn’t regularly incorporated in patch prioritization, this vulnerability will likely remain unpatched.

India is a prime target for South Korea-based eCrime actor Shadow Crane: Report

The target scope of Shadow crane's campaigns appears to primarily focus on victims in China, Japan, South Korea, Russia, India and the DPRK - particularly those involved in the government, think tanks, media, academia and NGO sectors. 

Data breaches exposed 5 billion records in 2018

New report from Risk Based Security shows a downward trend in number breaches and exposed records, Unclear if privacy regulations like GDPR are having an effect.

The phishing issue: Michael Connory demonstrates how vulnerable you really are

Security In Depth’s Michael Connory hacked his first computer, an IBM System/370 mainframe, when he was 12 years old. There were games on the machine that he wanted to play.

Spear phishing: Why targeted email attacks are so difficult to stop

A highly targeted form of phishing, spear phishing involves bespoke emails being sent to well-researched victims. It is hard to spot without close inspection and difficult to stop with technical controls alone.

Cyber criminals to use AI to anticipate executive movements: Report

Attackers will implement emerging tech to launch sophisticated phishing attacks in 2019, reveals a report by Trend Micro. 

Digital security and privacy: A must for organizations

Digital Security and privacy concerns are everyone’s challenge as technology touches every aspect of our lives today.

India ranks 12th world wide when it comes to web surfing dangers: Report

Q3 in India saw that 32.8 percent of users were attacked by web-borne threats between July and September 2018.