Spoofing
Spoofing What is it and how can we defend against it. Spoofing is a deceptive tactic used in cybersecurity where an attacker disguises themselves as a trusted source to gain access to sensitive information, spread malware, or manipulate systems. The goal of spoofing is to trick victims into believing that the communication or source is legitimate, […]
PUPs
PUPs What are they? PUPs stands for Potentially Unwanted Programs. These are software applications that a user may not want on their computer, even if they are not inherently malicious. They often come bundled with other software and can be installed without the user’s full understanding or consent. Common characteristics of PUPs: Bundled software: Installed alongside free […]
Red Teaming
Red Teaming What is it? Red Teaming in cybersecurity is a full-scope, multi-layered attack simulation designed to measure how well an organisation’s people, networks, applications, and physical security can withstand an attack from a real-world adversary. Key Objectives: Test detection and response capabilities Identify exploitable vulnerabilities Assess the effectiveness of security controls Improve incident response and […]
Black Swan Events
Black Swan Events What are they? A Black Swan event is a metaphor used to describe an event that is extremely rare, has a severe impact, and is often only explainable in hindsight. The term was popularised by Nassim Nicholas Taleb in his 2007 book The Black Swan: The Impact of the Highly Improbable. These events challenge our assumptions […]
Vishing (Voice Phishing)
Vishing (Voice Phishing) What is it and how can we defend against it. Vishing (short for voice phishing) is a type of social engineering attack where cybercriminals use phone calls or voice messages to trick individuals into revealing sensitive information or performing actions that compromise security. Here’s how it works: Impersonation: The attacker pretends to be someone trustworthy—like a […]
Angler Phishing
Angler Phishing What is it and how can we defend against it Angler Phishing is a type of social media-based phishing attack where cybercriminals impersonate customer service accounts or trusted brands to deceive users into giving up sensitive information. Here’s how it works: Impersonation: Attackers create fake social media profiles that closely resemble legitimate customer support accounts (e.g., […]
Pharming
Pharming What is it and how can we defend against it. Pharming is a type of cyberattack that redirects users from legitimate websites to fraudulent (fake) websites without their knowledge, even if the user types the correct URL into their browser. The goal is to steal sensitive information like login credentials, credit card numbers, or personal data. Here’s […]
Clone Phishing
Clone Phishing What is it and how can we defend against it. Clone phishing is a type of phishing attack where a legitimate and previously delivered email is used as a template to create a nearly identical – but malicious – version. The attacker replaces the original links or attachments with malicious ones and sends the cloned email […]
Smishing (SMS Phishing)
Smishing (SMS Phishing) What is it and how can we defend against it. Smishing (short for SMS phishing) is a type of cyberattack where attackers use text messages (SMS) to trick individuals into revealing personal information, downloading malware, or clicking on malicious links. Here’s how it works: Deceptive Message: You receive a text that appears to be from a […]
Spear Phishing
Spear Phishing What is it and how can we defend against them Spear phishing is a targeted form of phishing attack where cybercriminals tailor their deceptive messages to a specific individual, organisation, or business. Unlike general phishing, which casts a wide net hoping someone will fall for the scam, spear phishing is highly personalised and […]