Blog

There’s no question that organizations have to maintain a continuous information security awareness program. And to ensure greater engagement and enjoyment by the entire body of employees, gamification is certainly the best way to go. One of the most common mistakes within companies, however, is to believe that the team responsible for creating and maintaining […]

The term “smishing” is a combination of the words “SMS” and “phishing”. As you can imagine, smishing is a scam where criminals send malicious text messages (SMS). As outdated as SMS may seem, it remains fertile ground for cybercriminals and so-called smishing scams are booming. According to Avast’s 2023 Cyber Threat Report, there has been […]

Truth be told, we live in an increasingly digitized world in which cybersecurity has become far more than an optional investment. Instead, it is seen as a necessity and a competitive differentiator. With the exponential increase in cyberthreats, organizations of all segments and sizes are susceptible to an array of digital threats, exposing themselves to […]

Pump-and-Dump (P&D) refers to fraud that has become increasingly common in the financial market.  The scam begins with a group of malicious people identifying a low-cost asset and investing in it. They then attempt to artificially increase the price of this asset by spreading misleading or exaggerated information about it, such as the promise of […]

Have you ever heard the term OSINT? Though still largely unrecognized among the lay public, the concept is popular among technology professionals and even government investigative or law enforcement agencies. OSINT is the acronym for Open Source Intelligence, which should provide an initial idea of its meaning. In layman’s terms, OSINT involves using public sources […]

Social engineering is a psychological manipulation technique used by criminals to persuade victims to reveal confidential information or to trick them into doing something. Social engineering is extremely effective because criminals, including cybercriminals, know that fooling people can often be much easier than circumventing physical or computer security barriers. You may wonder why people always […]

It’s no use looking in the dictionary: the concept of elicitation in the context of information security is still relatively new, even in Brazil. Any dictionary defines elicit as “to extract, to bring out; to obtain; to trigger, to provoke; to deduce; to discover; to clarify”, but, let’s face it, it is a little hard […]

Any employee in any company, without exception, can fall victim to a cyberattack. Cybercriminals target everyone from the “big fish” like CEOs and other members of upper management, to junior professionals – and can even engineer an invasion through the privilege escalation method. However… things are much easier for the bad guys if they can […]

The word ‘compliance’ means the act or process of complying to a requirement. Being in compliance involves understanding, executing and performing what has already been agreed by the parties involved: the jurisdiction, company, stakeholders and employees. This relationship promotes a dynamic environment where constant evaluation, innovation, and creativity occur. What exactly is compliance? Compliance consists […]