Cypac Blog

I was at Safeway the other day with my kids buying groceries and when it came to checkout I had a choice, pay by tapping my card or with my phone's Apple Pay. Which do you think is safer? The answer might surprise you. We did a KHON2 news segment this week on Ghost Tapping, the modern day version of a thief “bumping” your wallet. Except instead of stealing your card, they take advantage of its short-range wireless payment feature, near-field communication (NFC). KHON2 - Ghost

If you recently clicked a link, or went to a website you visit "all the time", but maybe typed a little too fast and did not check the spelling, you may have landed on a fake lookalike site. For example, someone meaning to visit: https://Google.com But instead might accidentally type something like: https://Goggle.com That tiny difference matters! If the page suddenly started showing scary pop-ups saying things like “Your antivirus has expired,” “Virus detected,” “Your comput

Beware of a new text message campaign that hit the islands this week. It claims that you owe money for speeding, parking and toll evasion and it looks pretty official... but something is off! Here’s what the text message looks like. See if you can spot everything wrong with it: This is great practice for identifying a sloppy scam. Why are St. Louis and Honolulu County on the same notice? Check out the em dashes (long hyphens) in the “Immediate Action Required” section. Also n

Have you ever received an email from yourself or another co-worker that seemed a bit... phishy? Over the past 2 weeks we've seen a huge spike in direct-send abuse from clients using Microsoft 365. It's a phishing technique where bad guys use a legitimate Microsoft 365 feature to send emails that appear 100% like they're coming from inside your company. It's particularly bad because they bypass all email spam filters and go right into inboxes. You may be wondering, why the hec

Hawaii banks, credit unions, and financial advisors face a stack of cybersecurity rules: GLBA, FFIEC, NCUA Part 748, PCI-DSS, and Hawaii HRS 487N. Here is what examiners look for, where most institutions fall short, and a 90 to 120 day path to compliance.

Some of you may have heard about YouTubers fighting back against overseas scam call centers by sending them glitter bombs, stink bombs or reverse hacking their computers. If you haven't, they're hugely entertaining - just search for "glitter bomb payback." Unfortunately though, the days of having a target to strike at could be numbered - those call centers are now being replaced with... you guessed it... AI! Apparently AI is not just coming for our jobs, it's coming for scamm

Cybersecurity for small business Hawaii is a pressing need in 2026. Honolulu businesses face layered risks from phishing, ransomware, and state breach notification laws. Learn what a plan covers and how to get started.

Today we're bracing for the third wave in a series of storms that's been impacting the island. The flooding has even reached our Manoa office, where several cars were totaled (see footage on Hawaii News Now ). Right now is a good time to make sure that you're prepared for possible power outages, power surges, internet and communication outages and water damage. The big question is: how can you make sure that your IT will survive today's storm? The Takeaway Here are my top 5 t

Real pricing data for managed cybersecurity services in Honolulu. Includes 2026 cost comparison tables sourced from IBM, Hiscox, and industry MSSP benchmarks.

I don't know about you but it seems like my iPhone has been doing a lot of updates lately and rebooting itself overnight. The good news is that Apple figured out that this is starting to irritate people and is now using a new method of updating our devices called "Background Security Improvements." Now they can do updates on portions of your device silently in the background, all without needing a reboot. Over the past 2 weeks they've been pushing out CVE-2026-20643 using