Mike Kosak

Writer at SC Media

Senior Principal Intelligence Analyst at LastPass Blog

Featured in: Favicon

scmagazine.com Favicon

anchor.fm

scworld.com Favicon

lastpass.com Favicon

darkreading.com Favicon

thecipherbrief.com Favicon

blog.lastpass.com

Articles

ACSC 2024 Report Implications

3 weeks ago | blog.lastpass.com | Mike Kosak

Last November, the Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) published its Annual Cyber Threat Report for 2023-2024. The report summarizes the cyber threat environment facing the public and private sectors, as well as private households. The data includes trends and information on threat actor tactics and techniques as well as recommended actionablesteps organizations and individuals can take to help mitigate these threats.
How APT Naming Conventions Make Us Less Safe

1 month ago | darkreading.com | Mike Kosak

COMMENTARYIt's no secret within the information security industry that advanced persistent threat (APT) naming conventions have gotten out of control. They're also a growing source of frustration. Every group has a list of increasingly outlandish names that make it hard enough to track a single group across multiple campaigns, let alone from one vendor report to the next.
New Smishing Campaign Targeting LastPass Customers

Nov 13, 2024 | blog.lastpass.com | Mike Kosak

LastPass would like to make our customers aware of a new SMS-based phishing (smishing) campaign targeting our customers. These texts are being sent from the phone number 833-479-4892 and include text stating the following: “[LastPass] We just blocked an unrecognized device from logging in.
Cybersecurity Threats Surrounding the U.S. Presidential Election: A Perfect Storm of Cybercriminal Activity

Nov 4, 2024 | blog.lastpass.com | Mike Kosak

Cybercriminals view U.S. presidential elections as a prime opportunity for notoriety and profit, using tactics like ransomware attacks, website take-downs, and software vulnerabilities. Security experts say these threats—already seen in the current election cycle—will likely persist beyond Election Day on November 5.
Fake Web Store Reviews Attempting to Steal Customer Data

Oct 30, 2024 | blog.lastpass.com | Mike Kosak

LastPass would like to make our customers aware of a current social engineering campaign leveraging fake reviews on our Chrome Web Store app page. A threat actor appears to besubmitting reviews where they direct customers to a fake number controlled by the threat actor. Examples of these Google Chrome Web Store app page posts and the phone number can be found below.
The Threat from Shadow IT

Oct 3, 2024 | blog.lastpass.com | Mike Kosak

It’s Cybersecurity Awareness Month! October is that special time of year that combines scary spiders with Scattered Spider and serves as an excellent reminder to take time to assess and improve the cybersecurity posture of your organization. LastPass will be providing a series of content to highlight threats and best practices over the course of the month, including webinars and other LastPass Labs blog posts, which starts with the threat posed by shadow IT within your organization.
Cybersecurity & the 2024 US Elections

Sep 16, 2024 | darkreading.com | Mike Kosak

COMMENTARYAs the 2024 US presidential election approaches, cybersecurity is a frequent topic of conversation. From my time in the intelligence community supporting the Department of Defense, I'm familiar with government planning around elections. While the most discussed threats for 2024 are nation-state misinformation and disinformation, this election season, I'm also following cybersecurity threats to municipal election systems.
Next U.S. President Must Draw Red Lines For Infrastructure Cyberattacks

Sep 9, 2024 | thecipherbrief.com | Mike Kosak

Posted: September 9th, 2024 OPINION — As America nears the home stretch of the 2024 election, the sound and fury of political discourse has obscured a national security matter that should be at the top of the next administration’s agenda. As a former Department of Defense (DoD) counterterrorism intelligence officer, I have watched with concern the sharp increase in cyber breaches of US critical infrastructure by nation-state actors.
One Year of LastPass Labs - The LastPass Blog

Jul 1, 2024 | blog.lastpass.com | Mike Kosak

July 20 marks our first birthday here at LastPass Labs, and we thought it would be a good timeto look back over the last year and celebrate some of our successes. It has been a busy year for us.We’ve made demonstrable progress in mapping and understanding our threat environment. Andwith this knowledge and in conjunction with our security teams, we mitigated these threats to the extent possible.
Recent Environment Protection Agency Enforcement Alert Again Highlights Need for Unique and Complex Passwords

May 22, 2024 | blog.lastpass.com | Mike Kosak

On May 20, the US Environmental Protection Agency (EPA) issued an enforcement alert highlighting the serious threat faced by US water utilities and outlined the steps needed to comply with the Safe Water Drinking Act (SWDA) in order to protect the American drinking water supply.