Context During the second half of 2022, multiple RH-ISAC member analysts reported observing increases in fraud and phishing activity targeting popular social media figures and user-generated content (UGC) creators (i.e. “influencers”) leveraging member brand names as part of the scams. The fraud activity spikes observed in the past few months have been both prolific and…
Read More
On February 10, 2023, Phylum security researchers reported a resurgence in a previously seen campaign typosquatting legitimate Python PyPI packages with malicious packages to deliver a malware with cryptocurrency wallet clipboard replacing capabilities. Context In November 2022, Phylum reported a similar campaign “in which threat actors attempted to replace cryptocurrency addresses in developer clipboards with…
Read More
The term “cybersecurity” can oftentimes be ambiguous and difficult to define, no different than that of a single or multi-family office. But much like an Investment Policy Statement, identifying and defining risk down to the individual level is paramount in achieving both near-term and strategic objectives. In this blog post, we seek to shed light…
Read More
October is Cybersecurity Awareness Month, an opportunity for organizations to spend a little extra effort educating their non-security staff on security best practices. This training generally focuses on basics such as enabling MFA, strengthening passwords, and teaching the warning signs of phishing. While these actions can improve your security posture when successfully adopted, training is…
Read More
Since 2004, October has been recognized as Cybersecurity Awareness Month by organizations like the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA), which are dedicated to helping individuals better protect themselves against online threats. This year CISA and NCA are focusing on the human element of security, with the 2022 Cybersecurity…
Read More
