In May 2024, the news broke that Ascension, a St. Louis-based nonprofit healthcare system, had been hit by a ransomware attack that interrupted access to electronic records, disrupted use of other medical systems, and forced the diversion of ambulances to alternative hospitals across several states. While neither the victim nor the government have attributed the […]
Author Archives: Onsite Computing, Inc.
Longtime security chief Pamela Fusco wanted to more clearly quantify the business value that her cybersecurity program provided to her former employer, a pharmaceutical company. So, she came up with metrics that do just that. In one case, she focused on how her team’s efforts impacted the company’s speed to market, calculating how her department’s […]
Our insiders need to be better educated in the art of protecting data — and by extension their own livelihoods. Everyone knows about risks from outside an organization, that’s the primary function of cybersecurity. But insider risk has been steadily rising for years, which means someone is still not getting the message despite employee training […]
Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts. Go to Source Author: Jai Vijayan, Contributing Writer
Everyone expected some kind of cyberattack during the Olympics. If this is the best they’ve got, the bad guys don’t deserve a spot on the podium. Go to Source Author: Nate Nelson, Contributing Writer
The threat landscape moves fast. As new attack methods and social engineering techniques appear, organizations need to maintain security awareness programs that are relevant, agile and focused. Research from Proofpoint for the 2024 State of the Phish report found that most businesses used real-world threat intelligence to shape their security awareness programs in 2023. That […]
Background Last year, the Federal Trade Commission (FTC) received more than 330,000 reports of business impersonation scams and nearly 160,000 reports of government impersonation scams. This represents about half of all the fraud reported directly to the FTC. The financial losses due to email impersonation scams are staggering. They topped $1.1 billion in 2023, which […]
What happened Proofpoint recently identified a cluster of activity conducting malicious email campaigns using piano-themed messages to lure people into advance fee fraud (AFF) scams. The campaigns have occurred since at least January 2024, and are ongoing. Most of the messages target students and faculty at colleges and universities in North America, however other targeting […]
Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it’s already happening. Not long after […]
The most damaging cyber threats today don’t target machines or systems—they target humans. Today, 74% of data breaches rely on exploiting the human element. From employees clicking on malicious links to being deceived by emails posing as executives and suppliers, human-targeted attacks jeopardize businesses worldwide every day. When it comes to targeted email threats, Proofpoint […]