#securityawareness — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #securityawareness, aggregated by home.social.
-
Should you leave red herrings about yourself online?
https://blog.alcazarsec.com/posts/should-you-leave-red-herrings-about-yourself-online
#HackerNews #redherrings #onlineprivacy #digitalfootprint #socialmedia #securityawareness
-
Should you leave red herrings about yourself online?
https://blog.alcazarsec.com/posts/should-you-leave-red-herrings-about-yourself-online
#HackerNews #redherrings #onlineprivacy #digitalfootprint #socialmedia #securityawareness
-
Should you leave red herrings about yourself online?
https://blog.alcazarsec.com/posts/should-you-leave-red-herrings-about-yourself-online
#HackerNews #redherrings #onlineprivacy #digitalfootprint #socialmedia #securityawareness
-
Should you leave red herrings about yourself online?
https://blog.alcazarsec.com/posts/should-you-leave-red-herrings-about-yourself-online
#HackerNews #redherrings #onlineprivacy #digitalfootprint #socialmedia #securityawareness
-
Should you leave red herrings about yourself online?
https://blog.alcazarsec.com/posts/should-you-leave-red-herrings-about-yourself-online
#HackerNews #redherrings #onlineprivacy #digitalfootprint #socialmedia #securityawareness
-
Your phishing program has great metrics. Your employees are still clicking.
At BSides312, Mr. Sprawl is sharing a proven blueprint for phishing programs that actually change behavior. One startup went from a 40% click rate to under 10% in a year. No magic tool. Just a better approach.
Professional phisher. Social engineering enthusiast.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Phishing #SocialEngineering #SecurityAwareness #Chicago -
Your phishing program has great metrics. Your employees are still clicking.
At BSides312, Mr. Sprawl is sharing a proven blueprint for phishing programs that actually change behavior. One startup went from a 40% click rate to under 10% in a year. No magic tool. Just a better approach.
Professional phisher. Social engineering enthusiast.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Phishing #SocialEngineering #SecurityAwareness #Chicago -
Your phishing program has great metrics. Your employees are still clicking.
At BSides312, Mr. Sprawl is sharing a proven blueprint for phishing programs that actually change behavior. One startup went from a 40% click rate to under 10% in a year. No magic tool. Just a better approach.
Professional phisher. Social engineering enthusiast.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Phishing #SocialEngineering #SecurityAwareness #Chicago -
Your phishing program has great metrics. Your employees are still clicking.
At BSides312, Mr. Sprawl is sharing a proven blueprint for phishing programs that actually change behavior. One startup went from a 40% click rate to under 10% in a year. No magic tool. Just a better approach.
Professional phisher. Social engineering enthusiast.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Phishing #SocialEngineering #SecurityAwareness #Chicago -
Your phishing program has great metrics. Your employees are still clicking.
At BSides312, Mr. Sprawl is sharing a proven blueprint for phishing programs that actually change behavior. One startup went from a 40% click rate to under 10% in a year. No magic tool. Just a better approach.
Professional phisher. Social engineering enthusiast.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Phishing #SocialEngineering #SecurityAwareness #Chicago -
Most phishing emails create urgency — your account is locked, a payment failed, something expires tonight. That urgency is the tell.
Legitimate services don't pressure you into clicking links. If the email is pushing you to act fast, slow down. Verify through official channels, not the link in the message.
#InfoSec #Cybersecurity #Phishing #SocialEngineering #SecurityAwareness #ThreatIntel
-
Most phishing emails create urgency — your account is locked, a payment failed, something expires tonight. That urgency is the tell.
Legitimate services don't pressure you into clicking links. If the email is pushing you to act fast, slow down. Verify through official channels, not the link in the message.
#InfoSec #Cybersecurity #Phishing #SocialEngineering #SecurityAwareness #ThreatIntel
-
Most phishing emails create urgency — your account is locked, a payment failed, something expires tonight. That urgency is the tell.
Legitimate services don't pressure you into clicking links. If the email is pushing you to act fast, slow down. Verify through official channels, not the link in the message.
#InfoSec #Cybersecurity #Phishing #SocialEngineering #SecurityAwareness #ThreatIntel
-
Most phishing emails create urgency — your account is locked, a payment failed, something expires tonight. That urgency is the tell.
Legitimate services don't pressure you into clicking links. If the email is pushing you to act fast, slow down. Verify through official channels, not the link in the message.
#InfoSec #Cybersecurity #Phishing #SocialEngineering #SecurityAwareness #ThreatIntel
-
Most phishing emails create urgency — your account is locked, a payment failed, something expires tonight. That urgency is the tell.
Legitimate services don't pressure you into clicking links. If the email is pushing you to act fast, slow down. Verify through official channels, not the link in the message.
#InfoSec #Cybersecurity #Phishing #SocialEngineering #SecurityAwareness #ThreatIntel
-
„Das ist doch nur ein Kabel...“ – Ein fataler Irrtum. ⏰
Oft konzentrieren wir uns so sehr auf komplexe Schadsoftware, dass wir die physische Schnittstelle komplett vergessen. Dabei ist es erschreckend einfach, mit günstiger Hardware massiven Schaden anzurichten – besonders wenn der Angreifer bereits im Gebäude ist.
Heute Nachmittag darf ich im Rahmen der IT Security Awareness Days darüber sprechen, wie Innentäter Hardware für Spionage nutzen. Ich werde einige dieser Tools live zeigen, um für dieses oft ignorierte Risiko zu sensibilisieren.
📍 Ich freue mich über jeden, der heute um 14:00 Uhr online mit dabei ist!
🔗Alle Informationen zur Teilnahme:
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026#CyberCrime #SecurityAwareness #Hacking #Innentäter #HackingHardware #Vortrag
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026 -
„Das ist doch nur ein Kabel...“ – Ein fataler Irrtum. ⏰
Oft konzentrieren wir uns so sehr auf komplexe Schadsoftware, dass wir die physische Schnittstelle komplett vergessen. Dabei ist es erschreckend einfach, mit günstiger Hardware massiven Schaden anzurichten – besonders wenn der Angreifer bereits im Gebäude ist.
Heute Nachmittag darf ich im Rahmen der IT Security Awareness Days darüber sprechen, wie Innentäter Hardware für Spionage nutzen. Ich werde einige dieser Tools live zeigen, um für dieses oft ignorierte Risiko zu sensibilisieren.
📍 Ich freue mich über jeden, der heute um 14:00 Uhr online mit dabei ist!
🔗Alle Informationen zur Teilnahme:
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026#CyberCrime #SecurityAwareness #Hacking #Innentäter #HackingHardware #Vortrag
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026 -
„Das ist doch nur ein Kabel...“ – Ein fataler Irrtum. ⏰
Oft konzentrieren wir uns so sehr auf komplexe Schadsoftware, dass wir die physische Schnittstelle komplett vergessen. Dabei ist es erschreckend einfach, mit günstiger Hardware massiven Schaden anzurichten – besonders wenn der Angreifer bereits im Gebäude ist.
Heute Nachmittag darf ich im Rahmen der IT Security Awareness Days darüber sprechen, wie Innentäter Hardware für Spionage nutzen. Ich werde einige dieser Tools live zeigen, um für dieses oft ignorierte Risiko zu sensibilisieren.
📍 Ich freue mich über jeden, der heute um 14:00 Uhr online mit dabei ist!
🔗Alle Informationen zur Teilnahme:
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026#CyberCrime #SecurityAwareness #Hacking #Innentäter #HackingHardware #Vortrag
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026 -
„Das ist doch nur ein Kabel...“ – Ein fataler Irrtum. ⏰
Oft konzentrieren wir uns so sehr auf komplexe Schadsoftware, dass wir die physische Schnittstelle komplett vergessen. Dabei ist es erschreckend einfach, mit günstiger Hardware massiven Schaden anzurichten – besonders wenn der Angreifer bereits im Gebäude ist.
Heute Nachmittag darf ich im Rahmen der IT Security Awareness Days darüber sprechen, wie Innentäter Hardware für Spionage nutzen. Ich werde einige dieser Tools live zeigen, um für dieses oft ignorierte Risiko zu sensibilisieren.
📍 Ich freue mich über jeden, der heute um 14:00 Uhr online mit dabei ist!
🔗Alle Informationen zur Teilnahme:
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026#CyberCrime #SecurityAwareness #Hacking #Innentäter #HackingHardware #Vortrag
https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2026 -
A family password manager roundup — because yes, convincing your whole household to use one is genuinely harder than most CTF challenges. 🔐
Shared credentials, kids' accounts, grandparents onboarding… the threat model is real, and the UX bar is high. Good security tools that *everyone* actually uses beat perfect tools that only you use.
#infosec #passwords #securityawareness
https://malware.news/t/best-family-password-manager-top-10-picks/106664 -
How do you keep your employees up to date on IT security?
→ Phishing campaigns, Microlearning, classroom training, … - What's your go-to method?https://www.hissenit.com/en/academy
#itsecurity #securityawareness #infosec #ciso #training #riskmanagement
-
🪝 We've hooked another review 🪝
This week, Aleksandra Scalco reviews 𝙋𝙝𝙞𝙨𝙝𝙞𝙣𝙜 𝙛𝙤𝙧 𝘼𝙣𝙨𝙬𝙚𝙧𝙨: 𝙍𝙞𝙨𝙠 𝙄𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙖𝙣𝙙 𝙈𝙞𝙩𝙞𝙜𝙖𝙩𝙞𝙤𝙣 𝙎𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙚𝙨, an IET book authored by Terry Merz and Lawrence Shaw...
📝 https://cybercanon.org/phishing-for-answers-risk-identification-and-mitigation-strategies/
-
🪝 We've hooked another review 🪝
This week, Aleksandra Scalco reviews 𝙋𝙝𝙞𝙨𝙝𝙞𝙣𝙜 𝙛𝙤𝙧 𝘼𝙣𝙨𝙬𝙚𝙧𝙨: 𝙍𝙞𝙨𝙠 𝙄𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙖𝙣𝙙 𝙈𝙞𝙩𝙞𝙜𝙖𝙩𝙞𝙤𝙣 𝙎𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙚𝙨, an IET book authored by Terry Merz and Lawrence Shaw...
📝 https://cybercanon.org/phishing-for-answers-risk-identification-and-mitigation-strategies/
-
🪝 We've hooked another review 🪝
This week, Aleksandra Scalco reviews 𝙋𝙝𝙞𝙨𝙝𝙞𝙣𝙜 𝙛𝙤𝙧 𝘼𝙣𝙨𝙬𝙚𝙧𝙨: 𝙍𝙞𝙨𝙠 𝙄𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙖𝙣𝙙 𝙈𝙞𝙩𝙞𝙜𝙖𝙩𝙞𝙤𝙣 𝙎𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙚𝙨, an IET book authored by Terry Merz and Lawrence Shaw...
📝 https://cybercanon.org/phishing-for-answers-risk-identification-and-mitigation-strategies/
-
🪝 We've hooked another review 🪝
This week, Aleksandra Scalco reviews 𝙋𝙝𝙞𝙨𝙝𝙞𝙣𝙜 𝙛𝙤𝙧 𝘼𝙣𝙨𝙬𝙚𝙧𝙨: 𝙍𝙞𝙨𝙠 𝙄𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙖𝙣𝙙 𝙈𝙞𝙩𝙞𝙜𝙖𝙩𝙞𝙤𝙣 𝙎𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙚𝙨, an IET book authored by Terry Merz and Lawrence Shaw...
📝 https://cybercanon.org/phishing-for-answers-risk-identification-and-mitigation-strategies/
-
🪝 We've hooked another review 🪝
This week, Aleksandra Scalco reviews 𝙋𝙝𝙞𝙨𝙝𝙞𝙣𝙜 𝙛𝙤𝙧 𝘼𝙣𝙨𝙬𝙚𝙧𝙨: 𝙍𝙞𝙨𝙠 𝙄𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙖𝙣𝙙 𝙈𝙞𝙩𝙞𝙜𝙖𝙩𝙞𝙤𝙣 𝙎𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙚𝙨, an IET book authored by Terry Merz and Lawrence Shaw...
📝 https://cybercanon.org/phishing-for-answers-risk-identification-and-mitigation-strategies/
-
🔐 Cyber Tip: Include cybersecurity in onboarding training.
New employees are prime targets. Set expectations early and teach safe habits from day one.
-
🔐 Cyber Tip: Include cybersecurity in onboarding training.
New employees are prime targets. Set expectations early and teach safe habits from day one.
-
A Chinese national pretended to be U.S. engineers and researchers for almost five years, from 2017 to 2021, and walked away with sensitive aerospace and weapons development software from NASA, the Air Force, the Navy, and the Army. There was no hacking or breaking through firewalls. People simply emailed him what he asked for, because they believed he was someone they knew.
This worries me more than any zero-day vulnerability. The NASA OIG reported that Song Wu asked for the same software several times without explaining why he needed it. Most people miss this kind of red flag because no one teaches them to spot it. We invest millions in technology controls but spend very little on training people to pause and think like a threat actor before sending information.
Export controls are not only about legal compliance. They are also about human behavior. Your employees make export control decisions every day, often without realizing it.
When was the last time your organization ran a spear-phishing simulation aimed at your researchers, not just your finance team?
If your security awareness program doesn't cover identity deception and unusual software requests, it is not thorough enough.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html
#Cybersecurity #NationalSecurity #Espionage #SecurityAwareness #InfoSec #security #privacy #cloud #infosec -
A Chinese national pretended to be U.S. engineers and researchers for almost five years, from 2017 to 2021, and walked away with sensitive aerospace and weapons development software from NASA, the Air Force, the Navy, and the Army. There was no hacking or breaking through firewalls. People simply emailed him what he asked for, because they believed he was someone they knew.
This worries me more than any zero-day vulnerability. The NASA OIG reported that Song Wu asked for the same software several times without explaining why he needed it. Most people miss this kind of red flag because no one teaches them to spot it. We invest millions in technology controls but spend very little on training people to pause and think like a threat actor before sending information.
Export controls are not only about legal compliance. They are also about human behavior. Your employees make export control decisions every day, often without realizing it.
When was the last time your organization ran a spear-phishing simulation aimed at your researchers, not just your finance team?
If your security awareness program doesn't cover identity deception and unusual software requests, it is not thorough enough.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html
#Cybersecurity #NationalSecurity #Espionage #SecurityAwareness #InfoSec #security #privacy #cloud #infosec -
A Chinese national pretended to be U.S. engineers and researchers for almost five years, from 2017 to 2021, and walked away with sensitive aerospace and weapons development software from NASA, the Air Force, the Navy, and the Army. There was no hacking or breaking through firewalls. People simply emailed him what he asked for, because they believed he was someone they knew.
This worries me more than any zero-day vulnerability. The NASA OIG reported that Song Wu asked for the same software several times without explaining why he needed it. Most people miss this kind of red flag because no one teaches them to spot it. We invest millions in technology controls but spend very little on training people to pause and think like a threat actor before sending information.
Export controls are not only about legal compliance. They are also about human behavior. Your employees make export control decisions every day, often without realizing it.
When was the last time your organization ran a spear-phishing simulation aimed at your researchers, not just your finance team?
If your security awareness program doesn't cover identity deception and unusual software requests, it is not thorough enough.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html
#Cybersecurity #NationalSecurity #Espionage #SecurityAwareness #InfoSec #security #privacy #cloud #infosec -
A Chinese national pretended to be U.S. engineers and researchers for almost five years, from 2017 to 2021, and walked away with sensitive aerospace and weapons development software from NASA, the Air Force, the Navy, and the Army. There was no hacking or breaking through firewalls. People simply emailed him what he asked for, because they believed he was someone they knew.
This worries me more than any zero-day vulnerability. The NASA OIG reported that Song Wu asked for the same software several times without explaining why he needed it. Most people miss this kind of red flag because no one teaches them to spot it. We invest millions in technology controls but spend very little on training people to pause and think like a threat actor before sending information.
Export controls are not only about legal compliance. They are also about human behavior. Your employees make export control decisions every day, often without realizing it.
When was the last time your organization ran a spear-phishing simulation aimed at your researchers, not just your finance team?
If your security awareness program doesn't cover identity deception and unusual software requests, it is not thorough enough.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html
#Cybersecurity #NationalSecurity #Espionage #SecurityAwareness #InfoSec #security #privacy #cloud #infosec -
A Chinese national pretended to be U.S. engineers and researchers for almost five years, from 2017 to 2021, and walked away with sensitive aerospace and weapons development software from NASA, the Air Force, the Navy, and the Army. There was no hacking or breaking through firewalls. People simply emailed him what he asked for, because they believed he was someone they knew.
This worries me more than any zero-day vulnerability. The NASA OIG reported that Song Wu asked for the same software several times without explaining why he needed it. Most people miss this kind of red flag because no one teaches them to spot it. We invest millions in technology controls but spend very little on training people to pause and think like a threat actor before sending information.
Export controls are not only about legal compliance. They are also about human behavior. Your employees make export control decisions every day, often without realizing it.
When was the last time your organization ran a spear-phishing simulation aimed at your researchers, not just your finance team?
If your security awareness program doesn't cover identity deception and unusual software requests, it is not thorough enough.
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html
#Cybersecurity #NationalSecurity #Espionage #SecurityAwareness #InfoSec #security #privacy #cloud #infosec -
We told employees to "be suspicious" of links they needed for work. Now we're adding "be careful with AI" to the awareness curriculum. Teaching when to escalate works better than teaching what to fear.
-
We told employees to "be suspicious" of links they needed for work. Now we're adding "be careful with AI" to the awareness curriculum. Teaching when to escalate works better than teaching what to fear.