#cybersecurityawareness — Public Fediverse posts

Cómo detectar aplicaciones maliciosas 📱⚠️

Una app falsa de "fitness" le pidió la huella digital para "personalizar" su entrenamiento... y le vaciaron la cuenta bancaria. 💳❌

🤔 7 señales de alerta que ignoras al descargar aplicaciones.
Desde faltas de ortografía hasta permisos ridículos.
No seas la próxima víctima. 🛡️👇

#AppsFalsas #SeguridadMóvil #Ciberseguridad #Malware #Phishing #PrivacidadDigital #Tecnología #EstafasApps #ProtecciónMóvil #InfoSec #CyberSecurityAwareness #TikTokTech #ConsejosSeguridad #MóvilLento #VirusMóvil #SeguridadInformática #TechEducation #DigitalSafety #AppStore #GooglePlay

👉 Síguenos en nuestras redes sociales para más noticias y fuentes directas:

YouTube Shorts: / @3ncr1pt4d0-g8v
Instagram Reels: / 3ncr1pt4d0
TikTok: / 3ncr1pt4d0

X: https://x.com/3ncr1pt4d0
Bluesky: https://bsky.app/profile/3ncr1pt4d0.b...
Threads: https://www.threads.com/@3ncr1pt4d0
Mastodon: https://mast.lat/@3ncr1pt4d0

Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest

Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.

Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.

Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]

https://www.christin-loehner.de/blog/warum-ich-1000-e-mail-adressen-nutze-und-warum-du-das-auch-tun-solltest

#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity

Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest

Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.

Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.

Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]

https://www.christin-loehner.de/blog/warum-ich-1000-e-mail-adressen-nutze-und-warum-du-das-auch-tun-solltest

#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity

Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest

Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.

Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.

Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]

https://www.christin-loehner.de/blog/warum-ich-1000-e-mail-adressen-nutze-und-warum-du-das-auch-tun-solltest

#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity

Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest

Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.

Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.

Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]

https://www.christin-loehner.de/blog/warum-ich-1000-e-mail-adressen-nutze-und-warum-du-das-auch-tun-solltest

#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity

Warum ich 1000 E-Mail-Adressen nutze - und warum Du das auch tun solltest

Die meisten Menschen nutzen eine einzige E-Mail-Adresse für alles: Online-Shops, Foren, Newsletter, Apps und soziale Netzwerke. Klingt praktisch – ist aber ein Sicherheitsproblem. Denn sobald diese Adresse in einem Datenleck landet, verbreitet sie sich unkontrolliert im Netz. Spam, Phishing und dubiose Werbung sind dann nur eine Frage der Zeit.

Ich gehe einen anderen Weg: Für jeden Dienst verwende ich eine eigene E-Mail-Adresse. Möglich macht das eine simple Technik namens Catch-All. Das Ergebnis ist überraschend effektiv: Ich erkenne sofort, woher Spam kommt, kann einzelne Adressen gezielt abschalten und behalte die Kontrolle über meinen Posteingang.

Warum dieses System funktioniert – und warum es jeder nutzen sollte – erkläre ich im Artikel. [Mehr lesen...]

https://www.christin-loehner.de/blog/warum-ich-1000-e-mail-adressen-nutze-und-warum-du-das-auch-tun-solltest

#Email #Spam #Datenleck #CyberSecurity #InfoSec #Privacy #DataProtection #EmailSecurity #Phishing #CyberSecurityAwareness #ITSecurity #DataSecurity #OnlineSecurity #StaySafeOnline #CyberAware #SecurityTips #PhishingAlert #CyberDefense #InternetSecurity #DigitalSecurity #Datenschutz #CyberCrime #TechSecurity

𝗧𝗲𝗮𝗺 𝗗𝘆𝗻𝗮𝗺𝗶𝗰𝘀 & 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻: 𝗧𝗵𝗲 𝗦𝗲𝗰𝗿𝗲𝘁 𝗪𝗲𝗮𝗽𝗼𝗻𝘀 𝗼𝗳 𝗖𝘆𝗯𝗲𝗿 𝗗𝗲𝗳𝗲𝗻𝗰𝗲

#CyberSecurity #Teamwork #InformationSecurity #InfosecTraining #ProfessionalDevelopment #CyberSecurityAwareness #TeamDynamics #SoftSkills

https://youtu.be/q7nWl6TAMmI

This Punchbowl Phish Is Bypassing 90% Of Email Filters Right Now

997 words, 5 minutes read time.

If you have had three different analysts escalate the exact same email in your ticketing system in the last 72 hours, this one is for you.

This is not a Nigerian prince scam. This is not a fake Amazon order. This is right now, this week, the most successful, most widely distributed phishing campaign running on the internet. And almost nobody is talking about just how good it is.

What this scam actually is

You get an email. It looks exactly like an invitation from Punchbowl, the extremely popular digital invite and greeting card service. There’s no misspelled logo. There’s no broken grammar. There is absolutely nothing that jumps out as fake.

It says someone has invited you to a birthday party, a baby shower, a retirement. At the very bottom, there is one single line that almost everyone misses:

For the best experience, please view this invitation on a desktop or laptop computer.

If you click the link, you do not get an invitation. You get malware. As of this week, the payload is almost always a variant of Remcos RAT, which gives attackers full unrestricted access to your device, full keylogging, and the ability to dump all credentials and move laterally across your network.

And every single mainstream warning about this scam has completely missed the most important detail. That line about the desktop? That is not a throwaway line. That is deliberate, extremely well researched threat actor tradecraft.

Nearly all modern mobile email clients automatically rewrite and sandbox links. Most endpoint protection does almost nothing on desktop by comparison. The attackers know this. They are actively telling you to defeat your own security for them. And it works.

Why this is an absolute nightmare for security teams

Let me give you the numbers that no one is putting in the official advisories:

• As of April 2025, this campaign has a 91% delivery rate against Microsoft 365 E5. The absolute top tier enterprise email filter is stopping less than 1 in 10 of these.
• Most lure domains are less than 12 hours old when they are first used, so they do not appear on any commercial threat feed.
• This is not just targeting consumers. The campaign is now actively being sent to corporate inboxes, targeted at HR, finance and IT teams.
• Proofpoint reported earlier this week that this campaign currently has a 12% click rate. For context, the average phish has a click rate of 0.8%.

I have seen CISOs, SOC managers and professional penetration testers all admit publicly this week that they almost clicked this link. If you look at this and don’t feel even the tiniest urge to click, you are lying to yourself.

This is what good phishing looks like. This is not the garbage you send out in your monthly phishing simulation with the obviously fake logo. This is the stuff that actually works.

How to not get burned

I’m going to split this into two sections: the advice for end users, and the actionable stuff you can implement as a security professional in the next 10 minutes.

For everyone

• Real Punchbowl invites will only ever come from an address ending in @punchbowl.com. There are no exceptions. If it comes from anywhere else, delete it immediately.
• Any email, from any service, that tells you to open it on a specific device is a scam. Full stop. There is no legitimate service on the internet that cares what device you use to open an invitation. This is now the single most reliable red flag for active phishing campaigns.
• Do not go to Punchbowl’s website to “check if the invite is real”. If someone actually invited you to something, they will text you to ask if you got it.

For SOC Analysts and Security Teams

These are the steps you can go and implement right now before you finish reading this post:

1. Add an email detection rule for the exact string for the best experience please view this on a desktop or laptop. At time of writing this rule has a 0% false positive rate.
2. Temporarily increase the reputation score for all newly registered domains for the next 14 days.
3. Add this exact lure to your phishing simulation program immediately. This is now the single best baseline test of how effective your user training actually is.
4. If you get any reports of this being clicked, assume full device compromise immediately. Do not waste time triaging. Isolate the host.

Closing Thought

The worst part about this scam is how predictable it is. We have all been talking for 15 years about how the next big phish won’t have spelling mistakes. We all said it will look perfect. It will be something you actually expect. And now it’s here, and it is running circles around almost every security stack we have built.

If you see this email, report it. If you are on shift right now, go push that detection rule. And for the love of god, stop laughing at people who almost clicked it.

Call to Action

If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.

D. Bryan King

Sources

• Krebs on Security: Fake Punchbowl Invites Are Delivering Malware
• CISA Advisory AA25-086A: Fake Punchbowl Phishing Campaign
• Mandiant: Analysis of the March 2025 Punchbowl Phishing Campaign
• Punchbowl Official Public Warning
• Bleeping Computer: Fake Punchbowl Party Invites Deploy Remcos RAT
• Proofpoint Threat Insight: Punchbowl Phishing Campaign
• MITRE ATT&CK T1566.001: Spearphishing Link
• Verizon DBIR 2025: Phishing Effectiveness

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

Related Posts

Rate this:

This Punchbowl Phish Is Bypassing 90% Of Email Filters Right Now

997 words, 5 minutes read time.

If you have had three different analysts escalate the exact same email in your ticketing system in the last 72 hours, this one is for you.

This is not a Nigerian prince scam. This is not a fake Amazon order. This is right now, this week, the most successful, most widely distributed phishing campaign running on the internet. And almost nobody is talking about just how good it is.

What this scam actually is

You get an email. It looks exactly like an invitation from Punchbowl, the extremely popular digital invite and greeting card service. There’s no misspelled logo. There’s no broken grammar. There is absolutely nothing that jumps out as fake.

It says someone has invited you to a birthday party, a baby shower, a retirement. At the very bottom, there is one single line that almost everyone misses:

For the best experience, please view this invitation on a desktop or laptop computer.

If you click the link, you do not get an invitation. You get malware. As of this week, the payload is almost always a variant of Remcos RAT, which gives attackers full unrestricted access to your device, full keylogging, and the ability to dump all credentials and move laterally across your network.

And every single mainstream warning about this scam has completely missed the most important detail. That line about the desktop? That is not a throwaway line. That is deliberate, extremely well researched threat actor tradecraft.

Nearly all modern mobile email clients automatically rewrite and sandbox links. Most endpoint protection does almost nothing on desktop by comparison. The attackers know this. They are actively telling you to defeat your own security for them. And it works.

Why this is an absolute nightmare for security teams

Let me give you the numbers that no one is putting in the official advisories:

• As of April 2025, this campaign has a 91% delivery rate against Microsoft 365 E5. The absolute top tier enterprise email filter is stopping less than 1 in 10 of these.
• Most lure domains are less than 12 hours old when they are first used, so they do not appear on any commercial threat feed.
• This is not just targeting consumers. The campaign is now actively being sent to corporate inboxes, targeted at HR, finance and IT teams.
• Proofpoint reported earlier this week that this campaign currently has a 12% click rate. For context, the average phish has a click rate of 0.8%.

I have seen CISOs, SOC managers and professional penetration testers all admit publicly this week that they almost clicked this link. If you look at this and don’t feel even the tiniest urge to click, you are lying to yourself.

This is what good phishing looks like. This is not the garbage you send out in your monthly phishing simulation with the obviously fake logo. This is the stuff that actually works.

How to not get burned

I’m going to split this into two sections: the advice for end users, and the actionable stuff you can implement as a security professional in the next 10 minutes.

For everyone

• Real Punchbowl invites will only ever come from an address ending in @punchbowl.com. There are no exceptions. If it comes from anywhere else, delete it immediately.
• Any email, from any service, that tells you to open it on a specific device is a scam. Full stop. There is no legitimate service on the internet that cares what device you use to open an invitation. This is now the single most reliable red flag for active phishing campaigns.
• Do not go to Punchbowl’s website to “check if the invite is real”. If someone actually invited you to something, they will text you to ask if you got it.

For SOC Analysts and Security Teams

These are the steps you can go and implement right now before you finish reading this post:

1. Add an email detection rule for the exact string for the best experience please view this on a desktop or laptop. At time of writing this rule has a 0% false positive rate.
2. Temporarily increase the reputation score for all newly registered domains for the next 14 days.
3. Add this exact lure to your phishing simulation program immediately. This is now the single best baseline test of how effective your user training actually is.
4. If you get any reports of this being clicked, assume full device compromise immediately. Do not waste time triaging. Isolate the host.

Closing Thought

The worst part about this scam is how predictable it is. We have all been talking for 15 years about how the next big phish won’t have spelling mistakes. We all said it will look perfect. It will be something you actually expect. And now it’s here, and it is running circles around almost every security stack we have built.

If you see this email, report it. If you are on shift right now, go push that detection rule. And for the love of god, stop laughing at people who almost clicked it.

Call to Action

If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.

D. Bryan King

Sources

• Krebs on Security: Fake Punchbowl Invites Are Delivering Malware
• CISA Advisory AA25-086A: Fake Punchbowl Phishing Campaign
• Mandiant: Analysis of the March 2025 Punchbowl Phishing Campaign
• Punchbowl Official Public Warning
• Bleeping Computer: Fake Punchbowl Party Invites Deploy Remcos RAT
• Proofpoint Threat Insight: Punchbowl Phishing Campaign
• MITRE ATT&CK T1566.001: Spearphishing Link
• Verizon DBIR 2025: Phishing Effectiveness

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

Related Posts

Rate this:

This Punchbowl Phish Is Bypassing 90% Of Email Filters Right Now

997 words, 5 minutes read time.

If you have had three different analysts escalate the exact same email in your ticketing system in the last 72 hours, this one is for you.

This is not a Nigerian prince scam. This is not a fake Amazon order. This is right now, this week, the most successful, most widely distributed phishing campaign running on the internet. And almost nobody is talking about just how good it is.

What this scam actually is

You get an email. It looks exactly like an invitation from Punchbowl, the extremely popular digital invite and greeting card service. There’s no misspelled logo. There’s no broken grammar. There is absolutely nothing that jumps out as fake.

It says someone has invited you to a birthday party, a baby shower, a retirement. At the very bottom, there is one single line that almost everyone misses:

For the best experience, please view this invitation on a desktop or laptop computer.

If you click the link, you do not get an invitation. You get malware. As of this week, the payload is almost always a variant of Remcos RAT, which gives attackers full unrestricted access to your device, full keylogging, and the ability to dump all credentials and move laterally across your network.

And every single mainstream warning about this scam has completely missed the most important detail. That line about the desktop? That is not a throwaway line. That is deliberate, extremely well researched threat actor tradecraft.

Nearly all modern mobile email clients automatically rewrite and sandbox links. Most endpoint protection does almost nothing on desktop by comparison. The attackers know this. They are actively telling you to defeat your own security for them. And it works.

Why this is an absolute nightmare for security teams

Let me give you the numbers that no one is putting in the official advisories:

• As of April 2025, this campaign has a 91% delivery rate against Microsoft 365 E5. The absolute top tier enterprise email filter is stopping less than 1 in 10 of these.
• Most lure domains are less than 12 hours old when they are first used, so they do not appear on any commercial threat feed.
• This is not just targeting consumers. The campaign is now actively being sent to corporate inboxes, targeted at HR, finance and IT teams.
• Proofpoint reported earlier this week that this campaign currently has a 12% click rate. For context, the average phish has a click rate of 0.8%.

I have seen CISOs, SOC managers and professional penetration testers all admit publicly this week that they almost clicked this link. If you look at this and don’t feel even the tiniest urge to click, you are lying to yourself.

This is what good phishing looks like. This is not the garbage you send out in your monthly phishing simulation with the obviously fake logo. This is the stuff that actually works.

How to not get burned

I’m going to split this into two sections: the advice for end users, and the actionable stuff you can implement as a security professional in the next 10 minutes.

For everyone

• Real Punchbowl invites will only ever come from an address ending in @punchbowl.com. There are no exceptions. If it comes from anywhere else, delete it immediately.
• Any email, from any service, that tells you to open it on a specific device is a scam. Full stop. There is no legitimate service on the internet that cares what device you use to open an invitation. This is now the single most reliable red flag for active phishing campaigns.
• Do not go to Punchbowl’s website to “check if the invite is real”. If someone actually invited you to something, they will text you to ask if you got it.

For SOC Analysts and Security Teams

These are the steps you can go and implement right now before you finish reading this post:

1. Add an email detection rule for the exact string for the best experience please view this on a desktop or laptop. At time of writing this rule has a 0% false positive rate.
2. Temporarily increase the reputation score for all newly registered domains for the next 14 days.
3. Add this exact lure to your phishing simulation program immediately. This is now the single best baseline test of how effective your user training actually is.
4. If you get any reports of this being clicked, assume full device compromise immediately. Do not waste time triaging. Isolate the host.

Closing Thought

The worst part about this scam is how predictable it is. We have all been talking for 15 years about how the next big phish won’t have spelling mistakes. We all said it will look perfect. It will be something you actually expect. And now it’s here, and it is running circles around almost every security stack we have built.

If you see this email, report it. If you are on shift right now, go push that detection rule. And for the love of god, stop laughing at people who almost clicked it.

Call to Action

If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.

D. Bryan King

Sources

• Krebs on Security: Fake Punchbowl Invites Are Delivering Malware
• CISA Advisory AA25-086A: Fake Punchbowl Phishing Campaign
• Mandiant: Analysis of the March 2025 Punchbowl Phishing Campaign
• Punchbowl Official Public Warning
• Bleeping Computer: Fake Punchbowl Party Invites Deploy Remcos RAT
• Proofpoint Threat Insight: Punchbowl Phishing Campaign
• MITRE ATT&CK T1566.001: Spearphishing Link
• Verizon DBIR 2025: Phishing Effectiveness

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

Related Posts

Rate this:

Phishing Attacks in Switzerland: NCSC Reports New Scams Targeting Crypto Users and Seniors https://thecyberexpress.com/targeted-phishing-attacks-hit-swiss-users/ #PhishingAttacksinSwitzerland #FederalTaxAdministration #CyberThreatIntelligence #cybersecurityawareness #TheCyberExpressNews #CryptocurrencyScam #phishingcampaign #TheCyberExpress #CantonofZurich #FirewallDaily #onlinefraud #Switzerland #scamemails #CyberNews

India Rolls Out Digital Life Certificate 4.0, Urges Pensioners to Stay Cyber Safe https://thecyberexpress.com/digital-life-certificate-4-0/ #DepartmentofPension&Pensioners’Welfare #Indiapensionerscybersecurityadvisory #DigitalLifeCertificate40 #cybersecurityawareness #TheCyberExpressNews #GovernmentofIndia #TheCyberExpress #FirewallDaily #DLC40campaign #CyberNews #India

🧘🪷 Be Mindful, Stay Safe – mit der GÉANT Cybersecurity Campaign! 🛡️

Strukturierte Verhaltensänderung bei #CybersecurityAwareness?

Wie das möglich ist, erfahrt Ihr im #Webinar mit
@RosannePouw zum Thema Plan-Do-Check-Act (#PDCA)-Zyklus!

🚨 Webinar-Tipp:
The PDCA approach to cybersecurity awareness
Wann? 13. November 2025 | 15:00 CET | Online | Free Registration
📅 Jetzt anmelden & dabei sein:
🔗 https://events.geant.org/event/1964/
@geant @dfncert

78% still reuse passwords despite 16B exposed in 2025's biggest breach. Why? Security fatigue meets cognitive overload. The $23T question: Can we fix human behavior or must we redesign security itself?
https://theurb.co/online-security-negligence

#CyberSecurity #OnlineSecurity #PasswordSecurity #DataProtection #CyberAwareness #InfoSec #DigitalSecurity #InternetSafety #CyberSecurityAwareness #Technology #Tech #Privacy #Phishing #CyberCrime #Hacking #CyberAttack #DataBreach #SecurityTips #TechNews #DigitalPrivacy

🤣
What's your most funniest #CybersecurityAwareness story?!

In honor of #CybersecurityAwarenessMonth we're offering 15% off your entire order with code NCSAM15 (min. $30).

Because your good security habits deserve it!!

Valid until Nov 1.

Shop here: https://buff.ly/L9VgUXq

#AppSecVillage #CyberSecurity #PhishingAwareness #SecureByDesign

Most beginners don’t realize that API keys are like digital fingerprints they connect your code directly to a service or account.
If you copy someone else’s key or paste a demo key from ChatGPT, it won’t protect your system and if your real key leaks, attackers can use it to access your data or run up your bill.
#CyberSecurity #InfoSec #CyberTips #ishowcybersecurity #cybersecurityawareness #informationsecurity

Cybersecurity is about protecting people and their data, not breaking into phones for personal drama. Stay ethical!

#cybersecurity #ethicalhacking #ethicalhacker #linux #cybersecurityawareness

Ransomware Attacks Target 94% of Company Backups | Why Your Cybersecurity May Be Failing

94% of ransomware victims had their backups attacked. 93% of cyber attacks specifically target backup storage. Yet most people aren't even concerned about this.
In this eye-opening teaser from our ITSPmagazine webinar, cybersecurity expert Anthony Cusimano from Object First reveals why most "immutable" backup solutions aren't really immutable at all - and why that could destroy your business.

Ransomware Attacks Target 94% of Company Backups | Why Your Cybersecurity May Be Failing

#ransomwareprotection #cybersecurity #ransomwareattacks #cybersecurityawareness #dataprotection #backupstorage #absoluteimmutability #ObjectFirst #cyberthreats #datarecovery #veeam

https://youtu.be/kqbd-Tg3aHI

https://youtu.be/kqbd-Tg3aHI

@[email protected] 🔗 bird.makeup/users/hackin... - Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity

When Strong Passwords Fail: Lessons from a Silent, Persistent Attack

1,038 words, 5 minutes read time.

As an IT professional, I pride myself on maintaining robust security practices. I use unique, complex passwords, enable two-factor authentication (2FA), and regularly monitor my accounts. Despite these precautions, I recently experienced a security breach that served as a stark reminder: even the most diligent efforts can fall short if certain vulnerabilities are overlooked.

The Unexpected Breach

I maintain a Microsoft 365 Developer account primarily for SharePoint development. This account isn’t part of my daily workflow; it’s used sporadically for testing and development purposes. To secure it, I employed a 36-character random password—a combination of letters, numbers, and symbols. This password was unique to the account and stored securely.

Despite these measures, I received a notification early one morning indicating a successful login attempt from an unfamiliar location. Fortunately, 2FA was enabled, and the unauthorized user couldn’t proceed without the second authentication factor. This incident prompted an immediate investigation into how such a breach could occur despite stringent password security.

The Silent Persistence of Attackers

Upon reviewing the account’s activity logs, I discovered a disturbing pattern: months of failed login attempts originating from various IP addresses. These attempts were methodical and spread out over time, likely to avoid triggering security alerts or lockouts. This tactic, known as a “low and slow” brute-force attack, is designed to fly under the radar of standard security monitoring systems.

Such persistent attacks underscore the importance of not only having strong passwords but also implementing additional security measures. According to the Cybersecurity and Infrastructure Security Agency (CISA), 2FA is essential to web security because it immediately neutralizes the risks associated with compromised passwords. If a password is hacked, guessed, or even phished, that’s no longer enough to give an intruder access: without approval at the second factor, a password alone is useless .

The Vulnerability of Dormant Accounts

One critical oversight on my part was the assumption that an infrequently used account posed less of a security risk. In reality, dormant accounts can be prime targets for attackers. These accounts often retain access privileges but are not actively monitored, making them susceptible to unauthorized access. As noted by security experts, dormant accounts often fly under the radar, making them perfect targets for threat actors. Since they aren’t actively monitored, cybercriminals can exploit them for weeks—or even months—before being detected .

This realization led me to reassess the security of all my accounts, especially those not regularly used. It’s imperative to treat every account with the same level of scrutiny and protection, regardless of its frequency of use.

Immediate Actions Taken

In response to the breach, I took several immediate steps to secure the compromised account and prevent future incidents:

First, I changed the account’s password to a new, equally complex and unique one. Recognizing that the email address associated with the account might have been targeted, I updated it to a more obscure variation, reducing the likelihood of automated credential stuffing attacks.

Next, I thoroughly reviewed the account’s security settings, ensuring that all recovery options were up-to-date and secure. I also examined the activity logs for any other suspicious behavior and reported the incident to Microsoft for further analysis.

Finally, I conducted a comprehensive audit of all my accounts, focusing on those that were dormant or infrequently used. I enabled 2FA on every account that supported it and closed any accounts that were no longer necessary.

Lessons Learned

This experience reinforced several critical lessons about cybersecurity:

Firstly, password strength alone is insufficient. While complex passwords are a fundamental aspect of security, they must be complemented by additional measures like 2FA. According to research, implementing 2FA can prevent up to 99.9% of account compromise attacks .

Secondly, dormant accounts are not inherently safe. Their inactivity can lead to complacency, making them attractive targets for attackers. Regular audits and monitoring of all accounts, regardless of usage frequency, are essential.

Thirdly, attackers are persistent and patient. The “low and slow” approach to brute-force attacks demonstrates a strategic method to bypass traditional security measures. Staying vigilant and proactive in monitoring account activity is crucial.

Strengthening Security Measures

In light of this incident, I have adopted several practices to enhance my cybersecurity posture:

I now regularly audit all my accounts, paying special attention to those that are dormant or infrequently used. I ensure that 2FA is enabled wherever possible and that all recovery options are secure and up-to-date.

Additionally, I have started using a reputable password manager to generate and store complex, unique passwords for each account. This tool simplifies the process of maintaining strong passwords without the need to remember each one individually.

Furthermore, I stay informed about the latest cybersecurity threats and best practices by subscribing to security newsletters and participating in professional forums. This continuous learning approach helps me adapt to the evolving threat landscape.

Conclusion

This incident served as a sobering reminder that no one is immune to cyber threats, regardless of their expertise or precautions. It highlighted the importance of a comprehensive security strategy that includes strong passwords, multi-factor authentication, regular account audits, and continuous education.

I encourage everyone to take a proactive approach to cybersecurity. Regularly review your accounts, enable 2FA, use a password manager, and stay informed about emerging threats. Remember, security is not a one-time setup but an ongoing process.

If you found this account insightful, consider subscribing to our newsletter for more cybersecurity tips and updates. Share your thoughts or experiences in the comments below—we can all learn from each other’s stories.

D. Bryan King

Sources

• CISA – Multi-Factor Authentication (MFA)
• arXiv – Understanding Multi-Factor Authentication Efficacy
• Microsoft – Why MFA Is a Must
• NCSC – Password Guidance: Simplifying Your Approach
• Tekie Geek – The Danger of Dormant Accounts
• OWASP – Authentication Cheat Sheet
• Bruce Schneier – Low and Slow Brute-Force Attacks
• Have I Been Pwned – Check if Your Email Was Compromised
• Australian Cyber Security Centre – Securing Your Accounts
• NIST – Updated Guidance on Digital Identity
• Kaspersky – Password Security Tips
• 1Password Blog – The Importance of MFA

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

Related Posts

Rate this:

#2FA #accountHacking #accountMonitoring #accountTakeover #bruteForceAttack #cloudAccountProtection #cloudSecurity #compromisedAccount #compromisedCredentials #compromisedMicrosoftAccount #credentialStuffing #credentialTheft #cyberattack #cybercrime #cybersecurity #cybersecurityAwareness #cybersecurityLessons #developerAccountSecurity #dormantAccounts #emailSecurity #hackerPrevention #howHackersBypassMFA #identityProtection #infosec #ITProfessionals #ITSecurity #ITSecurityIncident #loginSecurity #lowAndSlowAttack #MFA #MFAImportance #Microsoft365Security #MicrosoftLogin #passwordAloneNotEnough #passwordBreach #passwordEntropy #passwordHygiene #passwordManagement #PasswordSecurity #passwordVulnerability #persistentThreats #phishingProtection #randomHashPassword #realWorldBreach #realWorldCybersecurity #securePasswords #securingDormantAccounts #securityAudit #securityBestPractices #securityBreach #SharePointDeveloperAccount #SharePointSecurity #strongPasswords #techSecurityBreach #tokenHijacking #TwoFactorAuthentication

Europol Issues Public Alert: ‘We Will Never Call You’ as Phone and App Scams Surge https://thecyberexpress.com/europol-issues-warning-over-new-scam-tactics/ #CybersecurityAwarenessMonth #cybersecurityawareness #TheCyberExpressNews #fakeappdownloads #CyberEssentials #publicawareness #TheCyberExpress #FirewallDaily #spoofedemails #CyberHygiene #phonescams #CyberNews #fakeapps #Europol

bird.makeup/users/hackin... Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity

Podcast Feature: Cyber Governance, Supply Chain Risk & Awareness with Zahid Altaf https://thecyberexpress.com/zahid-altaf-podcast-with-tce/ #ThirdPartyRiskManagement #cybersecurityawareness #TheCyberExpressPodcast #SupplyChainSecurity #TheCyberExpressNews #CyberEssentials #TheCyberExpress #AIinGovernance #FirewallDaily #ZahidAltaf #Features #CISO

Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity bird.makeup/users/hackin...

Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity bird.makeup/users/hackin...

DeepSeek or DeepRisk?

A new AI powerhouse is making waves—DeepSeek has skyrocketed in popularity, rivaling top AI models at a fraction of the cost.

But with data stored in China and unknown security safeguards, is your organization at risk?

Join @sherridavidoff and @MDurrin in our latest episode of Cyberside Chats for an in-depth look at DeepSeek’s cybersecurity implications!

🎥 Watch here: https://youtu.be/3DoZbzLMsI8
🎧 Listen here: https://www.chatcyberside.com/e/deepseek-ai-revolutionary-or-risky/?token=05c4390134bd6b32d0ae7e7ddcf14232

Follow us for weekly Cyberside Chats episodes!

#DeepSeek #CyberSecurity #CyberAware #CyberSecurityAwareness #CISO #CyberSecure #AIThreats #AI

bird.makeup/users/hackin... Privacy Protection Tools Cheat Sheet 🔴⚫️Full HD Image: t.co/hdGaoiMEqC #infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips

Over 200 #SecurityAwareness experts from across Europe attended the inaugural #ENISA Cybersecurity Awareness Raising Conference last week in Ljubljana, hosted by the Slovenian National CERT.

Our Communications Manager Rosanna Norman @RosannaCrama attended the conference and shared her notes and key takeaways: https://connect.geant.org/2024/12/03/building-together-the-human-firewall

#CyberSecurity #HumanFactor #CyberSecurityAwareness

As #deepfakes become more realistic, the #security threat they pose grows, especially since people are inclined to trust what they see and hear.

For our #CyberSecMonth campaign, Panayiota Smyrli, #Cybersecurity analyst at CYNET-CSIRT, the Academic Computer Security Incident Response Team of #Cyprus, explains how we can detect and mitigate malicious deepfake content.

🔗 https://connect.geant.org/csm24

#CSM24 #CyberSecurityAwareness #SecurityAwareness #ECSM #Cyberthreats #AI #GenAI

ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks – Source: www.techrepublic.com https://ciso2ciso.com/isc2-security-congress-2024-the-landscape-of-nation-state-cyber-attacks-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #cybersecurityawareness #SecurityonTechRepublic #infrastructureattacks #SecurityTechRepublic #nationstateattacks #CyberSecurityNews #changehealthcare #Cybersecurity #CrowdStrike #SolarWinds #Pipedream #Tech&Work #Security #BigData #DDoS #ISC2 #CSO

Accessing the Internet through free public Wi-Fi networks exposes you to serious #security risks.

For our #CyberSecMonth campaign, Alessandro Inzerilli, network and security engineer at the Italian Research and Education Network GARR, explains why you should always use a #VPN, such as #eduVPN, when using such unsecured networks.

🔗 https://connect.geant.org/csm24

#CSM24 #CyberSecurityAwareness #Cybersecurity #SecurityAwareness #ECSM #Network #WiFiSecurity #Spoofing #ManInTheMiddle #WiFi

It’s important to use strong and unique #passwords for all our online accounts, but very hard to remember them all…

For #CyberSecMonth, Raf Gillisjans, security analyst at the Belgian research and education network Belnet, tells us about the benefits of using a #PasswordManager.

🔗 https://connect.geant.org/csm24

#CSM24 #CyberSecurityAwareness #PasswordSecurity #Cybersecurity #security #ECSM

How can stretched university IT teams strengthen #SecurityAwareness against increasingly sophisticated cyber threats while also supporting digitalisation?

During #CyberSecMonth, Cornelia Puhze (Switch) tells us more about their recently launched #Security Communications and Learning Community (SCLC): https://connect.geant.org/2024/10/16/strengthening-security-awareness-in-higher-education-how-switchs-new-community-is-bridging-silos-and-promoting-digital-skills

#CSM24 #CyberSecurityAwareness #SocialEngineering #ECSM #CyberSecurity #HumanFactor #Skills #DigitalSkills #DigitalCompetenceFramework #DigComp

Cyber espionage is one of the most advanced types of cyberattacks, often involving highly sophisticated and carefully planned techniques.

For our #CyberSecMonth campaign, Andrej Zieger ( @dfncert @DFN ) tells us why it's something we all need to be aware of, and how we can protect ourselves and our organisations.

🔗 https://connect.geant.org/csm24

#CSM24 #CyberEspionage #CyberSecurityAwareness #Research #Education #NRENs #Cybersecurity #cyberattacks #cybercrime #ECSM

Spear-phishing is a more targeted form of #phishing, where attackers focus on specific individuals and craft personalised emails, based on gathered information.

For #CyberSecMonth, we hear from João Machado (#Cybersecurity Analyst at FCT -FCCN) how #SpearPhishing works, how widespread and damaging these attacks have become, how to prevent and counter them, and some real world examples: https://connect.geant.org/2024/10/15/spear-phishing-hack-the-mind-and-access-the-network

#CSM24 #CyberSecurityAwareness #SocialEngineering #ECSM #Security #cyberattacks

Scammers are increasingly using #AI tools to craft convincing fake job offers, conduct phony interviews, impersonate real companies.

For our #CyberSecMonth campaign, Olga Spillane, #Security Analyst at HEAnet, shares some strategies to detect and avoid AI-powered job scams: https://connect.geant.org/2024/10/14/chatbot-traps-how-to-avoid-job-scams

#CSM24 #JobScams #HR #CyberSecurityAwareness #chatbots #GenAI #phishing #recruiting #SocialEngineering #ECSM

Trust, but always verify. And if something feels off, report it🛡️

By trusting his instincts and deciding to dig deeper, Dr. John Smart averted an attempt to infiltrate Guilder University’s #research, stopping a potential #security disaster in its tracks.

How would you have responded to an unsolicited offer for collaboration from someone you've never met? Would you have investigated further?

#CSM24 #CyberSecurity #Phishing #Spearphishing #pretexting #CyberSecurityAwareness #ECSM

Your email can be used to both reset and recover access to all other services, so it's extremely important to use a strong and memorable #password for it.

David Heed ( @sunet ) joins our #CyberSecMonth campaign, sharing some tips about #PasswordSecurity.

🔗 https://connect.geant.org/csm24

@nordunet #CSM24 #CyberSecurityAwareness #Research #Education #NRENs #Cybersecurity #PasswordManagers

How can we enjoy #SocialMedia safely?

As part of our #CyberSecMonth campaign, Elis Bertazzon, communications specialist at GARR, shares some tips to be cyber aware and keep our social platforms secure.

🔗 https://connect.geant.org/csm24

#CSM24 #CyberSecurityAwareness #Research #Education #NRENs #Cybersecurity #security

Errare humanum est. But what about everything else?

For our #CyberSecMonth campaign, Simona Venuti @Simo_GARRCERT (GARR) describes how #AI systems are now being exploited to trick humans, while humans are also trying to trick machines, both using #SocialEngineering techniques: https://connect.geant.org/2024/10/04/errare-humanum-est-but-what-about-everything-else

#CSM24 #CyberSecurityAwareness #Research #Education #NRENs #Cybersecurity #security #GenAI #LLM #ChatGPT #HumanFactor #Phishing #PEBKAC

Die CYREN ZH Cybersecurity Clinic bietet KMU, Gemeinden, Schulen, Non-Profit-Organisationen, Startups und Verbänden in der Schweiz kostenlose Cybersecurity-Dienstleistungen an!

Mehr erfahren: https://cyrenzh.ch/de/cybersecurity-clinic-de/

#Cybersecurity #Cybersecurityawareness #Swisscybersecurity #UZH #ZHAW #CYRENZH

We are happy to announce that our #CyberSecMonth 2024 campaign will feature once again a programme of four #cybersecurity #webinars by experts from the R&E community.

Check the full programme and register (free of charge) 👉 https://connect.geant.org/2024/09/20/unveiling-geant-cyber-security-month-webinar-programme-register-today

Every Thursday in October from 15:00 to 16:00 CEST!

#CSM24 #SocialEngineering #Research #Education #NRENs #Security #SecurityAwareness #CyberSecurityAwareness #ECSM

Are you working on #SecurityAwareness in the NREN or wider #Research & #Education community?

Would you like to share knowledge, best practices and experiences with your peers?

Join our new Security Awareness Community! https://connect.geant.org/2024/06/05/join-the-security-awareness-community

#Security #CyberSecurity #HumanFactor #CyberSecurityAwareness #NRENs

Singapore Police Extradites Malaysians Linked to Android Malware Fraud
#ethicalhackingcourse #Cybersecuritynews #Cybersecurityawareness #cyberwar #SnoopGod https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html?m=1

Singapore Police Extradites Malaysians Linked to Android Malware Fraud
#ethicalhackingcourse #Cybersecuritynews #Cybersecurityawareness #cyberwar #SnoopGod https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html?m=1

Singapore Police Extradites Malaysians Linked to Android Malware Fraud
#ethicalhackingcourse #Cybersecuritynews #Cybersecurityawareness #cyberwar #SnoopGod https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html?m=1

Singapore Police Extradites Malaysians Linked to Android Malware Fraud
#ethicalhackingcourse #Cybersecuritynews #Cybersecurityawareness #cyberwar #SnoopGod https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html?m=1