SMEs – A Growing Cyber Target
Published Apr 25 2025 8:53 AM
Small – Medium Enterprises often think they are too small to be of interest to cyber attackers. But this is far from the case. They have long been targets and interest in them is growing. This Insight looks at why and what to do to be safer.
SMEs are big targets for cybercriminals
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credential
Published Apr 25 2025 8:50 AM
Cyber attackers have found they can send phishing emails from real Google sites. The fact that the emails do originate from a Google site makes people trust them and more apt to click that link or follow the instructions.
Message is from Google site but still a scam
State-sponsored hackers embrace ClickFix social engineering tactic
Published Apr 25 2025 8:47 AM
ClickFix is a hacking technique that displays a message saying a download or other install didn’t work. It requests that you run a script fix the problem. But all that does is install malware. It is an effective technique that is being used by state sponsored North Korean cyber groups.
Problem message may be a scam
4 in 10 Americans Have Lost Money to Fraud, AARP Survey Finds
Published Apr 25 2025 8:39 AM
Fraud is more pervasive and widespread than many like to admit. New research shows that 40% of Americans have suffered financial losses due to fraud. The number may be higher as many people hesitate to report it for fear of being embarrassed.
Financial fraud is pervasive
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
Published Apr 25 2025 8:36 AM
Darcula is a phishing-as-a-service provider. This means they provide all the materials and technology needed to go into the phishing business. Now they have enhanced their toolkit with AI to make the phishing emails even more believable and harder to identify.
AI enhanced phishing service
Another AI Threat – Slopsquatting
Published Apr 18 2025 11:36 AM
Slopsquatting is another form of AI hallucinations. This time tied to code development that can infect the output of the AI system. The AI systems hallucinated over 20% of the repository dependencies. Very dangerous.
More AI hallucinations=more risks
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
Published Apr 18 2025 11:33 AM
Another attack on software developers uses job ads. When someone replies, they are sent an infected assignment. Opening it compromises and infects their systems!
Developers beware
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Published Apr 18 2025 11:28 AM
A new RAT, Remote Access Trojan, has been found allowing attackers to penetrate and take control of systems. Phishing emails are how it arrives. Healthcare and pharmaceuticals are current targets.
New RAT discovered
MITRE Hackers’ Backdoor Has Targeted Windows for Years
Published Apr 18 2025 11:21 AM
The same technique that was used to compromise MITRE has been found to have been used against Windows systems for a few years. It is a complex sophisticated attack.
Windows backdoor attack going on for years
Man Helped Chinese Nationals Get Jobs Involving Sensitive US Government Projects
Published Apr 18 2025 11:16 AM
Much was written about North Koreans being unknowingly hired by many US companies. Now Chinese nationals are getting into US companies through someone who lied and scammed the companies. Vetting new hires is getting more difficult but is more important than ever.
Chinese nationals infiltrate American companies
Insider Threats – Growing More Dangerous
Published Apr 14 2025 8:16 AM
Insiders are always under attack through phishing, smishing, vishing and more. Why? Because attackers know insiders are users that already have access to the desired data. Learn more about this in this Insight.
Insiders can be the worst threats
Threat Actors Use 'Spam Bombing' Technique to Hide Malicious Motives
Published Apr 11 2025 2:56 PM
Spam after spam after spam after spam after spam after spam, etc. That is a new technique attackers are using as a lead in to social engineering attacks.
Spam to social enginnering attacks
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
Published Apr 11 2025 2:53 PM
Another big month for Microsoft patches. Be sure to determine which of your systems and applications are affected, the risk for each, then begin installing. Do not delay.
Big month for Microsoft patches
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Published Apr 11 2025 2:51 PM
Actively exploited vulnerabilities are those that cyberattackers are using now to get into systems. Be sure to install the update sooner rather than later.
Actively exploited vulns in Android
10 Bugs Found in Perplexity AI's Chatbot Android App
Published Apr 11 2025 2:46 PM
AI Chatbots come with many vulnerabilities and issues. Now the Android AI Perplexity chatbot was found to have 10 bugs. This makes it less secure than chatbots from ChatGPT and DeepSeek.
Bugs in AI Chatbot