Soteria Technology Solutions

05/27/2026

Attn: Law Firms! Yesterday, the FBI issued a warning about recent attacks on law firms by ransomware group SRG. The exploit uses a social engineering scheme where SRG actors pose as an employee from the victim’s IT
department. They either directly call or send phishing emails to urge employees to call a fake IT support for help. While on the phone, the SRG actor directs the employee to grant access to a remote desktop session, where they then exfiltrate data to use for ransomware and extortion later.

If that attempt fails, SRG sends someone to the victim’s office to try to access the victim's computer in person. (!) Again, posing as someone from the firm's IT department, the threat actor says they need to image the device or create a backup file to address potential impacts from the phishing email they sent.

I'm sharing this with you to spread awareness, and let your people know to be EXTRA CAREFUL to verify that the IT person they think they are talking to actually is IT.

Link the the FBI's warning in the comments for more info.

05/21/2026

Hey so as a reminder, if you get an email that looks like you sent it to yourself, and is asking you to review a document - that's not a time-traveling version of future-you sending you insider trading advice - it's an attack.

Here's how it works: the email uses a spoofed address and usually asks the receiver to review a "Docusign" document that requires a code to view. If someone enters the code, the attacker gains access to the account - without having to mess around with passwords or MFA or anything. Boom. Done.

So if you get one of these emails, do not click any links or enter any codes. Delete it immediately and let your favorite IT person know.

Stay safe out there friends!

05/13/2026

Just your daily affirmation to be mindful of where you put your sensitive information.

Vibe-coded apps are leaking users' sensitive personal information directly to any motivated hackers, a new report found.

05/04/2026

Big Congratulations to the team at CMMC Midwest Conference - you knocked it out of the park with the conference this year. It's really something to get to watch you all do what you do. As a hosting sponsor, we couldn't be prouder. Can't wait to see what you all cook up next.

04/21/2026

It's time to haiku some cybersecurity news. you ready? Let's go...

Ancient one rises
Office 04 user beware
new Excel exploit

I feel this one might need some 'splaining... CISA issued a report warning against a 17-year old Excel bug that has been resurrected and has been caught in active exploits, and it's a nasty one, but... it only affects some versions of Excel made between 2000-2008 sooooo if you haven't updated since then, watch out I guess.

04/15/2026

Safe Travels and best of luck to Tariq, who is presenting a workshop tomorrow at CS5 West: "Stop Assessing a Whiteboard: The Shop Floor Realities of CUI Compliance." If you're headed that way, don't miss it!

04/07/2026

The FBI's annual Internet crime report came out yesterday, and it's a doozy. Some highlights: Americans were defrauded of nearly $21 billion in 2025, with cryptocurrency and ai-related complaints among the costliest.

Phishing/spoofing, extortion, and investment schemes were the most frequently reported complaints, with Americans over 60 being heavily targeted. Cryptocurrency fraud created the highest losses, with 181,565 complaints totaling more than $11 billion.

As a fascinating snapshot of crime on the internet, it's worth taking a few moments to peruse the report.

The FBI’s 2025 Internet Crime Report shows cyber-enabled crimes defrauded Americans of nearly $21 billion, with cryptocurrency and artificial intelligence-related complaints among the costliest.

04/03/2026

I got a kick out of this story - It's so relatable, in a "wherever you go, there you are" sort of way... even in outer space you still have to call in to the IT helpdesk for support.

The mission commander’s email inbox failed during the journey to the moon. Have they tried turning the computer off and back on again?

03/25/2026

So this is fun - the FCC has banned the sale of foreign-made (almost all) consumer routers in the US. What does this mean for you?

>Your current router is not affected, nor are ones currently on the shelves. So if yours is about to kick the bucket, might want to go shopping, as supply goes down prices go up...

>Don't freak out that your router is a problem. Unless it is? If your router is not being supported by the manufacturer anymore get a new one immediately! But if yours is made by a reputable manufacturer and fully up-to-date on firmware it's probably fine.

>New consumer grade routers that are designed or manufactured outside the US or manufactured by companies that are not completely US-owned and operated (i.e. pretty much all of them) can be brought to market if the companies apply for and win Conditional Approval from the Department of Defense and the Department of Homeland Security.

So there's still lots of questions to be answered in this, we shall see how it unfolds...

03/12/2026

Looks like the scam where you get a text message about an unpaid ticket or toll is making the rounds again...so don't be fooled! Don't click on it, no matter what. If you think it might be legit and want to check, call or visit the website of the government agency that the text claims to be from and see what they say. Just don't click any links in the text message. No Clicky, None. No way no how.