Cybercriminals have found a new way of leveraging legitimate web services for malicious purposes, this time with the benefit of added automation of campaign actions.
As the recent hurricane Helene caused major damage and as hurricane Milton has left a path of destruction across Florida, deepfakes are spreading misinformation on social media.
Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security.
A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto ...
Organizations around the world are unknowingly recruiting and hiring fake employees and contractors from North Korea. These sophisticated operatives aim to earn high salaries while ...
Industry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate.
New research by Recorded Future provides insight into how advanced and sophisticated the threat group Marko Polo has become since launching in 2022.
Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl ...
A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network.
The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...
The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.
When technology blurs the lines between reality and fiction, a recent incident involving U.S. Senator Ben Cardin serves as a stark reminder of the growing threat posed by deepfake scams.
The criminal prosecution of the threat actors behind the "OTP Agency" has highlighted an ingenious new tactic that cybercriminals can use to bypass multi-factor authentication.
Yubico has published a survey of 20,000 people from 10 countries around the world, finding that 40% of respondents have never received cybersecurity training from their employer.
The number of ransomware attacks around the world increased by 73% in 2023, according to a new report by the Institute for Security and Technology’s Ransomware Task Force (RTF). These ...
Check out the September updates in Compliance Plus so you can stay on top of featured compliance training content.
Netcraft warns that scammers are posting QR code stickers on parking meters in the UK and other European countries.
Check out the 40 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.
