DISC InfoSec blog

We’re sure you’ve heard of the KISS principle: Keep It Simple and Straightforward. In cybersecurity, KISS cuts two ways. KISS improves security when your IT team avoids jargon and makes complex-but-important tasks easier to understand, but it reduces security when crooks steer clear of mistakes that would otherwise give their game away. For example, most of the phishing scams we […]

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the […]

It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call a solved game. Tic-tac-toe (noughts and […]

Microsoft has been warning of a “widespread” phishing campaign in which fraudsters use open redirect links to lure users to malicious websites to harvest Office 365 and other credentials. ITG Phishing Staff Awareness Training Program educates your staff on how to respond to these types phishing attacks 📧 Phishing Staff Awareness E-Learning Course

10 most clicked phishing email subject lines  Luke Irwin   Ironically, the most successful phishing emails of Q3 2017 told recipients that they had been victims of a data breach. This finding comes from a report from KnowBe4 that investigated the most effective phishing email subject lines. The report looked at tens of thousands of emails from simulated […]

The weakest link in computer hacking? Human error By Cliff Edwards, Olga Kharif,Michael Riley, Bloomberg News The U.S. Department of Homeland Security ran a test this year to see how hard it was for hackers to corrupt workers and gain access to computer systems. Not very, it turned out. Staff secretly dropped computer discs and […]

Source: Computer World The successful use of phishing emails to breach secure organizations like Oak Ridge National Laboratory and RSA are stark reminders of the serious threat posed by what some experts have dismissed as as a low-tech method of attack. Oak Ridge, a U.S. Department of Energy-run research lab, this week disclosed it had […]

From the LA Times China-based hackers may have been stealing sensitive information from several international oil and energy companies for as long as four years, cyber-security firm McAfee Inc. said in a report Thursday. The company said it traced the “coordinated covert and targeted cyberattacks” back to at least November 2009 and that victims included companies in […]

Image by Matthieu Dejardins, eCommerce Activist via Flickr By Microsoft.com Online threats today come in the form of attacks on you and attacks on your computer. Here are eight (8) ways for you to have a safer online shopping experience: 1. Keep your computer software up to date. Keep all software (including your web browser) […]

The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments The following are the common steps that should be taken to perform a security risk assessment. These are just basic common steps which should not be followed as is but modified based on organization assessment scope and business requirements. • Identify the […]

Image via Wikipedia By Erin Allday, SF Chronicle Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday. The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password […]

Image by sitmonkeysupreme via Flickr NZ HERALD reported that Facebook users – already being targeted in a malware campaign – are now under threat from a phishing scam. Security specialists Symantec report that the company’s systems have picked up fake messages that appear to be sent by the social networking service. Users will receive an […]

Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft Phishing is a practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization’s logo, in an attempt to steal passwords, financial or personal information. In daily life people advise to retrace your steps when you […]

Have you ever thought of losing something and you cannot live without it? Yes, that something can be your identity. Phishing is a practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization’s logo, in an attempt to steal passwords, financial or personal information. In daily […]

According to the Identity Theft Resource Center of San Diego, “the data breaches are on the rise in 2008” and with more data breaches so are the impact and amount of losses. Web 2.0 is next phase of internet creation, where huge social networks are built and citizens of the network enjoy the interactive and […]