DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Phishing scams can pop up anywhere, as evidenced by the U.S. Environmental Protection Agency (EPA) Office of Inspector General’s recent alert regarding fraudulent Notice of Violation letters (NOVs)....more
In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
Bluetooth Compromise Coined "BLUFFS" Allows Attackers to Conduct Adversary-in-the-Middle Attacks - Researchers at EURECOM have developed six (6) new attack packages called “BLUFFS” that break the encryption of Bluetooth...more
There are lots of package deliveries this time of year. When shopping online, companies are great about telling you when to expect the delivery of your purchase. Fraudsters know this and prey on unsuspecting victims...more
On December 7, 2023, OCR released a statement that it was settling a phishing cyber-attack investigation into Lafourche Medical Group (the Medical Group) which specializes in emergency medicine, occupational medicine, and...more
Malicious Android Apps Used to Target Iranian Banks - An ongoing Android malware campaign targeting users of Iranian financial institutions has expanded to include new abilities to target an even greater number of people...more
This article concludes K2 Integrity’s mini-series promoting the importance of Cybersecurity Awareness Month. Throughout October, we have been providing tips and solutions to organizations to commemorate the 20-year...more
This article is the third in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity has been providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and the National Cybersecurity Alliance will “focus on ways to “Secure Our...more
Cybersecurity is a top concern for all industries, particularly for the pharmaceutical and medical device industries. These industries hold some of the most sensitive data and highly valuable technology, making them prime...more
Hackers are always looking for the next opportunity to launch attacks against unsuspecting victims. According to Cybersecurity Dive, researchers at Proofpoint recently observed “a phishing campaign designed to exploit the...more
Recent Uptick in Malicious Microsoft OneNote Attachments Identified in Phishing Campaigns - Security researchers have noted a recent uptick in phishing campaigns utilizing Microsoft OneNote attachments to spread malware....more
Louisiana's Largest Medical Complex Discloses Data Breach Associated to October Attack - On December 23rd, 2022, the Lake Charles Memorial Health System (LCMHS) began sending out notifications regarding a newly discovered...more
Phishing Campaigns Identified Targeting Middle Eastern Countries Prior to World Cup - Trellix researchers have identified an increase in email-based phishing attacks targeting the Middle East during the lead up to the...more
Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new phishing scam that is unique and successful. The scam is believed to be carried out by the Luna Moth/Silent Ransom Group and is targeting...more
The concept of “security by obscurity” is officially outdated. In recent years, cyber-attacks have become increasingly sophisticated, destructive, and indiscriminate. In today’s landscape, cyber threats can come from internal...more
Cyber risk management has significantly escalated in importance, during the last couple of years, as a result of companies overcoming the operational challenges of the pandemic, transitioning to hybrid working, preparing for...more
"EvilProxy" Provides Low-Skill Threat Actors Access to Advanced Phishing Techniques - A new Phishing-as-a-Service (PaaS) platform dubbed "EvilProxy" has been discovered by Resecurity researchers. PaaS platforms allow...more
In its Mid-Year Cyberthreat Report published on August 24, 2022, cybersecurity firm Acronis reports that ransomware continues to plague businesses and governmental agencies, primarily through phishing campaigns. According...more
The Twilio and Cloudfare smishing attacks [view related post] provide a timely reminder of how sophisticated smishing attacks are and how they can affect businesses and their customers. But threat actors don’t just attack...more
Trustwave has reported a new scheme in which threat actors are using the popular Facebook Messenger platform to steal Facebook login credentials. According to the report, the threat actors are using a phishing email to...more
Spyware Vendor RCS Labs Observed Infecting Android and iOS users with Commercial Surveillance Tools - Google's Threat Analysis Group (TAG) published a report regarding RCS Labs' activity involving infecting Android and iOS...more
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes Enforcement Network issued a joint Cybersecurity Alert warning companies of the...more