Compass IT Compliance Blog / Phishing (4)

Karakurt Data Extortion Group – A New Approach to Ransomware

Karakurt Data Extortion Group – A New Approach to Ransomware

You may be growing tired of hearing the word “ransomware” by now, but this critical threat is unfortunately only continuing to grow at an exponential speed. The Verizon Business 2022 Data Breach Investigations Report (2022 DBIR) notes that ransomware breaches increased by thirteen per …

Read Story

A True Story and Yet Another Cyberattack Victim

A man types in his pin at an ATM

Cybercriminals can act alone, but increasingly we are witnessing cyber gangs (who operate like a small business and are also often referred to as ransomware gangs), with leaders, developers, system administrators, intrusion experts, data exfiltration experts, and monetary experts work …

Read Story

Weighing Your Multi-Factor Authentication Options

An old metal and wood scale

At this point most of us have heard that securing our accounts with only passwords, no matter how complex, is not enough. Do not get me wrong, requiring strong passwords (14 or more characters, composed of uppercase and lowercase letters, and including symbols and numbers) is essentia …

Read Story

Receiving a Scam Text… From My Own Phone Number

Verizon Building

Throughout my years working in the IT security and compliance field I have had the opportunity to learn about dozens of different social engineering attack strategies that malicious actors will utilize to achieve their goals. This past weekend, I had the unique opportunity to witness …

Read Story

It (Should) Be an MFA World, We Are Just Living in It

It (Should) Be an MFA World, We Are Just Living in It

Last week I was working in front of my laptop (happily, for any Compass staff reading) when I got an incoming text message. It was from Verizon. They had received my service request and were working on it. It was quickly followed by another text saying I could check the status of my r …

Read Story

Recommendations from CISA's Recent “Shields Up” Warning

Recommendations from CISA's Recent “Shields Up” Warning

On February 26th, 2022, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued immediate Shields Up actions for organizations to take in response to the ongoing conflict with Russia. The basic guidelines are as follows:

Read Story

Subscribe by email