Spyware Campaigns Targeting Messaging Apps: What IT Audit Teams Need to Know
CISA has issued a new warning about active spyware campaigns targeting messaging apps like Signal and WhatsApp. High-value users are being hit with device exploits, fake apps, and zero-click attacks. Here’s what organizations need to know — and how IT Audit Labs can help strengthen mobile and messaging security.
St. Paul Cyber Attack: Eric Brown Shares Expert Insights on FOX 9
Cybersecurity expert Eric Brown of IT Audit Labs joined FOX 9 to break down the recent St. Paul cyber attack, explaining how ransomware cripples city systems, the role of the National Guard’s cyber team, and steps individuals can take to protect their data. Learn the motives behind municipal cyber attacks, the high cost of recovery, and why ongoing cybersecurity investment is critical.
Microsoft Vulnerabilities: How to Measure Progress With a Growing Code Base
How we got here In the early days of software development, security was an afterthought. Protocols like HTTP, FTP, and Telnet were created with little to no safeguards, leaving the internet—and its users—wide open to exploitation. Initially, attacks were driven by curiosity or notoriety: defacing web pages, crashing servers, and stealing unreleased content. But as […]
The Dark Side of Cyberspace: Data Breaches and the Price of Information
In today’s hyperconnected world, keeping your personal data secure is more important than ever. In our recent episode of The Audit, we unpacked the hidden dangers of cyberspace—covering data breaches, privacy risks, and the rising tide of cyberattacks. Here’s a streamlined overview of the discussion, updated for today’s trends and packed with cybersecurity, data protection, […]
Back to Basics: A Grounded Approach to Cybersecurity
You can’t secure what you can’t see. With hybrid workforces and multi‑cloud footprints, every device from home routers to AWS instances counts as ‘on your network.’ Starting with free tools like Nmap—using simple nmap -sn 192.168.1.0/24 discovery scans and nmap -sV service enumerations—lets even small teams build a reliable device inventory and spot rogue hardware before attackers do.
Password Problems Part 3: Device Implants & Breaches
Discover how modern threat actors use device implants, SMB share enumeration, Responder poisoning, Kerberoasting, and memory scraping to harvest credentials. Learn about zero trust strategies, password managers, and endpoint controls to defend against network breaches and password hash attacks.