The FBI is again warning of the threat posed by business email compromise (BEC, aka CEO Fraud) and email account compromise (EAC). Together, says the Bureau, these have cost businesses ...
We have been saying here for a while that antivirus is dead, but SANS just confirmed it in a new report that starts with: "Companies are buying next-gen antivirus and fileless attack ...
Organizations in the UK with 250 employees or less need a solid understanding of the attack potential, methods used, and how to prepare.
We’re finally getting a look at how much ransomware attacks have been seen in the wild in the first half of 2018 – and the numbers are astounding.
The US Senate is asking the Justice Department to look into the possibility that an Islamic extremist hacking group was actually the work of the Russian government.
The email arrived in Hillary Clinton’s campaign chairman John Podesta’s inbox around March 19, 2016, during the height of the presidential primaries, spoofed to look like a standard ...
Here's your chance. Late August we'll do a live webinar with Kevin, and he asked me to find out what questions you have for him regarding social engineering, so we can cover them in this ...
Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...
With users being three times more likely to click on a suspicious link on their mobile device, along with over half of mobile users tapping on a phishing URL, mobile phishing is a bigger ...
It's a prime opportunity for the bad guys to send a raft of phishing attacks. We do have a "Free Amazon Prime Account" template that we just modified to fit a Prime Day-style scam. It's ...
The Nigerian Prince scam was found taking a turn upwards to the stars, seeking your help to bring a poor lonely astronaut home.
Unlike previous generations, millennials have used (and trusted) technology all their lives. So, does it cause a gap in your organization’s Security Awareness Program?
In the midst of all the political talk about the recent summit between the United States and North Korea, one particular gift caught the eye of security experts.
Krebs on Security has posted a new item: "Here's a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from ...
Most readers will probably be familiar with the story of bank robber Willie Sutton who, after being nailed by the cops, was asked why he robbed the bank. His answer (undoubtedly delivered ...
Very interesting article in the Insurance Journal. In a closely-watched case on insurance coverage in an age of expanding cyber risk, a federal appeals court in New York has upheld a ...
As irritating as a real case of the crabs can be, organizations now have to deal with GandCrab v4 – a more dangerous and invasive newly released strain of the notorious ransomware. If you ...
First of all, the term means that a particular password is available in a data breach on the dark web–and there are billions of breached passwords out there. KnowBe4 just released a free ...
