Cypac Blog

While you’re snagging discounts, cybercriminals are waiting to trick you with spoofed sites, phishing messages, and fake confirmations. Amazon warned of a spike in scams: fake messages, impersonation attempts, and bogus checkout pages. Shoppers should also be aware of other common tactics like fake stores, malicious checkout scripts, and counterfeit shopping apps, which continue to circulate during the holiday shopping season. These scams don't just steal money, they can lead

Happy Friday The scammers are at it again, this time targeting local businesses by impersonating Hawaiian Electric Co. and threatening to disconnect service unless “payment” is made. Despicable. How the scam works The scammers are calling local businesses from an (808) number and threatening to disconnect power unless an immediate payment is made. They're targeting high usage commercial customers and a handful have already reportedly paid the scammers thousands in cash,  usin

Imagine you wake up to an email from “ no‑reply@doordash.com " saying you’ve been granted a $20 voucher. Looks legit. But what if that email was sent from  DoorDash’s servers and not a scammer spoofing the address, but a flaw inside the system that let anyone craft that message? That’s exactly the scenario unearthed when security researcher “doublezero7” uncovered a vulnerability at DoorDash’s “for Business” platform, and the aftermath spiraled into a messy disclosure dispute

Happy Friday  The bad guys are at it again. This time, they're spoofing spam filter notifications, something you might already receive daily if your company uses an email filtering service (such as ProofPoint). They'll try to trick you into visiting a phishing website that steals login credentials, instantly giving them access to your email, cloud storage or personal accounts. Here's what these fake emails look like: The Takeaway I know that it looks pretty basic but it's act

You have just booted up your PC clicked Check for updates and … crickets. No new security patches. Suddenly you realize you are running Windows 11 version 23H2 Home or Pro and the clock just stopped for your version. Yup the November 2025 update marked the final monthly security patch  for that release. Microsoft has officially confirmed that starting November 11 2025 Windows 11 version 23H2 for Home and Pro editions will no longer receive monthly security or preview updates.

Happy Friday Have you heard of Shadow AI?  It's a new, serious problem and the elephant in the room nobody wants to talk about. I'm sure that you want your company, your team to use AI to be more productive, right? But like every new technology, it helps helps to have some guidelines everyone at the organization agrees upon before using it for work. This is where Shadow AI creeps in. According to a new study , at least 1 out of 4 employees have been infested  by it. So what i

An executive board role? On LinkedIn? Flattering. But behind that shiny title offer lies. A linkedin scam phishing campaign aimed squarely at finance leaders and it's not sending any bonuses. A campaign discovered by Push Security exploited LinkedIn direct‑messages to target finance executives, pretending to offer elite “Executive Board” roles in a fictional “Common Wealth” investment fund. Here’s how the scam unfolds: The victim receives a LinkedIn message with a link. Click

Happy Friday It's Halloween and you'd better bet your pumpkins  that the scammers have thought of ways to take advantage of it. Beware of Halloween themed phishing emails. Just like last year, there's been a sharp spike in Halloween-themed spam, mirroring the shopping frenzy and anticipation leading up to Halloween. Cybercriminals are trying to exploit last minute shoppers in search of deals, costumes and party supplies. Around 40% of these spam emails are malicious and try t

🚨 New Podcast Alert: “Cyber Secured Podcast” is Live!  🔐 We’re excited to announce the launch of Cyber Secured Podcast , a brand-new podcast hosted by cybersecurity pros Matt and Attila. Designed for individuals, families, and businesses alike, this show makes cybersecurity easy to understand, engaging, and downright essential. Whether you're tech-savvy or just cyber-curious, each episode dives into the real-world threats lurking in our digital lives and gives you the tools

Happy Friday Yesterday Microsoft released Mico , a new avatar for the AI-powered Copilot digital assistant. Microsoft describes it as being "human-centered" by listening, learning and "earning your trust." (* shiver *) Perhaps they learned their lesson from the heavily criticized Clippy , the default Microsoft Office assistant for 4 years, or from the Cortana Windows digital assistant, which Copilot replaced in September of 2023. Mico will likely help Copilot provide timely i