
Why MSPs Are Prime Ransomware Supply-Chain Targets
Compromise one MSP and you can reach every client behind it. Here is why managed service providers are prime ransomware targets, and how to harden against it.
Security awareness tips, industry news, and product updates.

Compromise one MSP and you can reach every client behind it. Here is why managed service providers are prime ransomware targets, and how to harden against it.

When employees report suspicious emails through the empowsec Outlook or Gmail add-in, those reports land in an admin review queue where security teams can classify each one and build real threat intelligence from what is actually reaching inboxes.

PCI DSS v4.0 raised the bar for security awareness, naming phishing and social engineering explicitly. Here is what the standard now requires if you handle card data.

empowsec's Outlook add-in gives employees a one-click 'Report phishing' button in their inbox - capturing email headers and content for review while instantly rewarding employees who correctly identify a simulation.

Ransomware is hitting healthcare harder than ever in 2026, and the stakes are measured in patient safety. Here are the trends, HIPAA duties, and human-layer defenses that matter.

ShinyHunters' May 2026 breach of the Canvas LMS exposed data tied to thousands of schools and hundreds of millions of users. Here is why education is a prime target and how awareness training reduces the risk.

Thread hijacking lets attackers reply inside a real email conversation, with a familiar subject, history, and trusted sender. It defeats the 'unknown sender' instinct. Here is how to spot it.

Qilin led ransomware activity in early 2026 as groups shift from encryption to pure data extortion. The constant across nearly every attack is the human layer. Here is what CISOs should do.

Attackers are phishing payroll portal logins and impersonating staff to reroute direct-deposit paychecks into accounts they control. The FBI has warned about it for years - here's how HR can stop it.

Phishing has moved out of the inbox and into Microsoft Teams, Slack, and calendar invites — platforms employees trust by default. Here is how the attacks work and how to extend your defenses to cover them.

"Are you available? I need a quick favor." It's the opening line of a gift card scam impersonating your CEO - low-tech, high-volume, and aimed at new and junior staff. Here's the pattern and the one rule that stops it.

Consent phishing tricks users into approving a malicious OAuth app — granting attackers token-based access to mail and files without ever touching a password or triggering MFA. Here is how it works and how to shut it down.