.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Microsoft Office Add-ins, Reason for Concern?
by Adam Cravedi on February 12, 2020 at 1:00 PM
This question came into Compass IT Compliance from a client the other day: “How risky are 3rd party plugins? Should I be concerned about them?”. I had to stop and think about this for a while. In my years of working on vulnerability and penetration testing projects for Compass IT Comp …
What You Can Do to Better Prepare Yourself for Holiday Scams
by David Bienkiewicz on November 27, 2019 at 1:29 PM
It’s that time of the year again! With the holiday season upon us, many criminals will be attempting to scam people via phishing emails. This time of the year (Black Friday, Christmas) is the most lucrative for attackers due to the fact that stores are having a crazy amount of sales w …
Guide to Improving Your Security Awareness Training
by Kyle Daun on November 20, 2019 at 1:00 PM
For the past 3 years that I’ve worked at Compass IT Compliance, I’ve had the opportunity to travel the country and meet with various clients ranging from small businesses with less than 10 people to organizations with offices around the world. The main constant that I have noticed wit …
Situational Awareness Starts with You!
by Peter Fellini on October 16, 2019 at 1:00 PM
Having situational awareness can get you out of a lot of jams. Let me elaborate on what I mean by that. Have you ever received that annoying phone call from “Macrosoft Support”? This is known as a vishing attack. It’s the practice of eliciting information or attempting to influence ac …
Spear Phishing: Targeted Attacks with Higher Success Rates
by David Bienkiewicz on August 8, 2019 at 1:48 PM
Spear phishing is a deadly form of targeted social engineering. The main difference between spear phishing and traditional phishing is that spear phishing targets a certain user or users by using important facets of their life against them, while traditional phishing targets a broad g …
Vishing – A Closer Look
by Ethan Ray on June 5, 2019 at 1:00 PM
Vishing, a shortened name for voice phishing, is the act of using a telephone to trick an individual into surrendering useful information to a fraudulent caller. Vishing is a form of social engineering, and as in most social engineering attempts, the attacker will create a false ident …