Williams Consulting, Inc.

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Tue, 03 Mar 2026 00:00:00 +0000

Attackers flood inboxes with spam, then call victims posing as IT support to deliver the Havoc command-and-control framework via DLL sideloading and social engineering.

Vibe-Coded Spam: AI Tools Are Making Phishing Emails Harder to Spot

Wed, 25 Feb 2026 00:00:00 +0000

AI-assisted “vibe coding” now lets spammers produce polished, visually convincing phishing emails with almost no technical skill — making traditional red flags like poor formatting far less reliable.

Starkiller Phishing-as-a-Service Platform Proxies Real Login Pages to Bypass MFA

Sat, 21 Feb 2026 00:00:00 +0000

A new phishing platform called Starkiller loads legitimate login pages through headless browsers, intercepting credentials and session tokens in real time to defeat MFA.

ShinyHunters Gang Targets Microsoft Entra Accounts with Device Code Vishing Attacks

Thu, 19 Feb 2026 00:00:00 +0000

The ShinyHunters extortion gang is combining voice phishing with OAuth device code flows to hijack Microsoft Entra accounts and bypass MFA.

CISA Flags Four Actively Exploited Vulnerabilities — Including a Chrome Zero-Day

Wed, 18 Feb 2026 00:00:00 +0000

CISA added four flaws to its Known Exploited Vulnerabilities catalog. A Chrome use-after-free and a critical Zimbra SSRF top the list. Patch now.

Citizen Lab: Cellebrite Used to Extract Data from Kenyan Activist's Phone in Police Custody

Wed, 18 Feb 2026 00:00:00 +0000

Citizen Lab found forensic extraction indicators on a seized Samsung phone belonging to a Kenyan pro-democracy activist. The case adds to a growing pattern of surveillance tool misuse.

Microsoft Copilot Bug Summarized Confidential Emails Despite DLP Policies

Wed, 18 Feb 2026 00:00:00 +0000

A code bug let Microsoft 365 Copilot read and summarize emails marked confidential — bypassing sensitivity labels and DLP policies since late January.

Bitwarden Adds Free Shared Vaults for Two Users

Thu, 12 Feb 2026 00:00:00 +0000

Bitwarden’s new Cupid Vault feature lets free-tier users securely share credentials with one other person — no more texting passwords.

Patch Tuesday: February 2026 — Six Zero-Days Already Under Attack

Tue, 10 Feb 2026 00:00:00 +0000

Microsoft’s February patch batch fixes 50+ vulnerabilities, including six zero-days actively exploited in the wild. Patch now.

AI Makes the Easy Part Easier and the Hard Part Harder

Mon, 09 Feb 2026 00:00:00 +0000

A developer’s take on the real tradeoff with AI coding tools: writing code was never the hard part, and skipping it makes the hard parts — reading, reviewing, and understanding — even harder.

RFC 3092: The Etymology of Foo

Mon, 09 Feb 2026 00:00:00 +0000

An April Fools’ RFC that traces the surprisingly deep history of ‘foo,’ ‘bar,’ and the other placeholder names every programmer uses without thinking.

IT Hygiene Is Not Optional — Why SIEM/XDR Matters for Small Firms

Fri, 06 Feb 2026 00:00:00 +0000

Forgotten accounts, unpatched software, and unauthorized services create real risk. A recent article breaks down how centralized monitoring tools help keep environments clean.

Now Publishing Regular Updates

Fri, 06 Feb 2026 00:00:00 +0000

We’re starting a regular series of posts covering security news, compliance changes, and lessons from the field.

Ransomware Recovery for a Regional Law Firm

Thu, 15 Jan 2026 00:00:00 +0000

A 40-person law firm hit by ransomware was back online within hours using tested recovery procedures.

About

Mon, 01 Jan 0001 00:00:00 +0000

Since 1994

Williams Consulting has been providing IT support to businesses in the Washington, DC metropolitan area for over 30 years. We started when most small firms were just getting their first email addresses, and we’ve been solving problems ever since.

We’re a small firm by design. That means when you call us, you get someone who already knows your name, your network, and your business. We don’t hand you off to a different technician every time.

Contact

Mon, 01 Jan 0001 00:00:00 +0000

Phone: 703-591-8800
Address: 825 Bonifant Street
Silver Spring, MD 20910
Service Area: Washington, DC metropolitan area

Industries

Mon, 01 Jan 0001 00:00:00 +0000

Accounting & CPA Firms

Tax deadlines don’t move, and neither does your need for reliable systems. We understand the seasonal demands of accounting firms — heavy workloads, remote access requirements, and the absolute need for data security when handling client financials.

Secure remote access for staff during tax season
Protected file sharing for sensitive client documents
Systems that scale during peak periods without breaking
SOX compliance support

Law Firms

Attorney-client privilege extends to your technology. We build networks and systems that meet the confidentiality standards your clients expect and your bar association requires.

Solutions

Mon, 01 Jan 0001 00:00:00 +0000

How We Work

When we set up your systems, everything we build is documented and repeatable. Every configuration, every setting, every decision — written down in a way that makes sense, not locked inside someone’s head.

That means you’re never stuck. If you ever wanted to bring IT in-house or work with someone else, you could pick up exactly where we left off. We don’t create dependency — we earn your business by being the team you want to keep working with.