Phishing for Answers
Cybersecurity for every audience.
Not your typical cyber blog.
Welcome to Phishing for Answers, a site that provides information about cyber news, technology policy, and information security management.
This blog is intended to inform every type of reader, from experienced professionals to those with a general interest in cybersecurity. Because online data protection is first and foremost a human problem, Phishing for Answers strives to publish content that can be consumed by everyone.
2023 in Review: Notable Cyber Trends in Latin America
Today Phishing for Answers analyzes some of the most important cybersecurity trends of 2023 in Latin America. Read our analysis of the region’s most significant threats and adversaries, as well as what to expect in 2024.
Cybersecurity Book Club: “Tracers in the Dark” by Andy Greenberg (Part 2)
This week, we introduce Part 2 of our series about Andy Greenberg’s book, Tracers in the Dark. Find out how a team of law enforcement agents used cryptocurrency analysis to take down one of the largest darknet sites in history.
Cybersecurity Book Club: “Tracers in the Dark” by Andy Greenberg (Part 1)
For years, criminals used Bitcoin to encrypt and anonymize their activities on the dark net - until investigators found a way to trace these payments. In Part 1 of our two-part series about Andy Greenberg’s book, Tracers in the Dark, we analyze how law enforcement regained the ability to hunt down digital crime lords.
The Biggest Cyberattacks of 2022
To begin the new year, Phishing for Answers analyzes some of the largest cyberattacks of 2022 and how they disrupted the industry. Read our brief rundown of this year’s major breaches, the hackers that orchestrated them, and what to expect in 2023.
#latamhackers: Week 5 - Expansion of Malware Overseas
Week 5 of our #latamhackers series discusses the expansion of regional malware to overseas operators. Today, we analyze how Latin American hackers create custom malware and then sell it to groups outside of the region. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.
#latamhackers Series: Week 4 - Geographic Targeting
Week 4 of our #latamhackers series is all about geographic targeting. This week we discuss how hackers in Latin America exploit VPNs and other tools to target victims based on location. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.
#latamhackers Series: Week 3 - Reliance on User Execution
Week 3 of our #latamhackers series is all about reliance on user execution. This week we discuss how hackers in Latin America tend to rely on user execution to spread malware. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.
#latamhackers Series: Week 2- Commodity Tools
Week 2 of our #latamhackers series is all about commodity malware. Today, we analyze how Latin American hackers rely on publicly available tooling and malware to exploit victims. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.
#latamhackers Series: Week 1 - Phishing
In the spirit of Cybersecurity Awareness Month, Phishing for Answers is launching its #latamhackers series. This is a 5-week series of posts about the most commonly observed techniques used by hackers in Latin America. Week 1 is all about phishing - find out how phishing in Latin America compares to the rest of the world!
How a Small Business Owner Recovered from a Cyberattack
Today Phishing for Answers interviews Sarah Albert, a small business owner whose Instagram accounts were hacked in May 2022. Sarah describes how fraudsters took control of her social media, messaged her contacts, and cost her weeks of lost income. Find out more about how she ultimately recovered as well as her new security practices following the cyberattack.
Relapse of LAPSUS$: A Cyber Threat Intelligence Case Study
Remember LAPSUS$, the group of teenage hackers that breached Microsoft, Okta, T-Mobile and the Brazilian Ministry of Health? Although most of LAPSUS$ leaders were arrested earlier this year, the cybersecurity community can still learn from these cybercriminals. Through the use of intelligence methodologies and cyber threat intelligence (CTI) frameworks, we explore the capabilities of this hacking unit.
Russian Threats to Critical Infrastructure: The Past, Present and Future
What would happen if hackers turned off the electricity in a major metropolitan area? Or if they tried to poison drinking water by tampering with a water treatment plant? Unfortunately, we don’t have to imagine what would happen, as these refer to real events. Today, Phishing for Answers discusses Russian threats to critical infrastructure, what happens when the cyber and physical worlds collide, and how the world can respond.
5 Things You Should Know about 5G Networks
For anyone who recently purchased a new phone, you might have noticed the phone settings reading “5G” instead of “4G.” Who cares, right? In reality, the transition to the fifth-generation (5G) wireless cellular standard is more important than one might think. The adoption of 5G technologies not only means increased bandwidth and interconnectivity, but it also presents new security risks to devices, users, and even wildlife populations.
2021 Capitol Attack: How the FBI Used Technology to Identify the Protesters
Exactly 1 year ago today, protesters attacked the US Capitol building. Since then, over 700 people have been arrested in connection to these events, but how did US law enforcement manage to track them down? Read more to find out how technology and social media aided the FBI’s investigations in the aftermath of the events at the Capitol.
The Biggest Supply Chain Attacks of 2021
As the year of 2021 draws to a close, Phishing for Answers reflects back on some of the largest cyberattacks and how they disrupted the supply chain. Read our brief rundown of this year’s major supply chain attacks and the hackers that orchestrated them.
Log4j: The Security Vulnerability that Could Affect the Entire Internet
The cybersecurity world is currently reeling following the Apache Software Foundation’s public disclosure of the vulnerabilities in its Log4j software. Hundreds of millions of devices are potentially affected and hackers are rushing to exploit this zero day. Click to learn more about what is set to go down in history as one of the world’s largest cybersecurity events.
Your Social Media Account Was Hacked - Now What?
Politicians and high-profile celebrities are not the only ones who have had their social media accounts hacked - it can happen to any user! Recent research has shown that cybercriminals are increasingly targeting social media accounts to exfiltrate data and find other users to exploit. But what should you do if you become a victim? Find out more about which social media platforms are most often targeted, what steps to take if your accounts are hacked, and how to prevent it in the future.
How to Stay Cybersafe During the Holidays
‘Tis the season…to make cybersecure decisions! As people prepare to take vacations, spend time with family, and eat delicious treats, it is crucial to remember that cybercriminals are not taking a break. In fact, cyber attacks actually increase during this time of the year. Learn more about how you can stay cybersafe during the 2021 holiday season.
5 Things You Should Know about Social Engineering
Not all cyberattacks involve hacking, sometimes it just involves human deception. Social engineering seeks to exploit user psychology to gain access to valuable information. Read 5 important characteristics of social engineering attacks - what they look like, how they trick users, and ways to avoid becoming a victim.
Trojan Malware: A Bank’s Worst Nightmare
Between June and August 2021, a Trojan malware attack compromised the accounts of many banking customers in Mexico. The attackers stole user credentials, accessed their sensitive data, and even completely emptied some of the accounts - all without being detected. How did this malware execute such a devastating attack? Learn more about the exact methodologies used by these cybercriminals, as well as how financial institutions and their customers can work together to increase the security of online banking activities.