Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.
Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.
Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
The availability of such a massive number of records at no cost to any cybercriminal interested is a recipe for countless phishing campaigns using the data itself as a means of ...
Rather than go for the phishing jugular and point the victim immediately to a webpage to steal credentials or personal details, a new phishing campaign uses a chatbot to lower victim ...
New testimony to U.S. Senate Armed Services Committee Subcommittee on Cybersecurity by Microsoft’s Chief Scientific Officer sheds light on AI-powered cyberattacks.
With exactly half of cybersecurity incidents caused by organizations having an outdated security posture, the ability to stop breaches involves some re-investment in measures that really ...
IFSEC Global recently acknowledged our very own Anna Collard as a IFSEC Global Influencer in Security for 2022! She was one of the few nominated by a panel of highly respected judges, and ...
Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
Researchers at PIXM have uncovered a major Facebook Messenger phishing scam that’s “potentially impacted hundreds of millions of Facebook users.” More than eight million people have ...
Researchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims’ names after the initial attack, giving the victims a chance to pay up before the ...
The US Cybersecurity and Infrastructure Security Agency (CISA) and its partners have issued a joint alert on Karakurt, a data theft extortion group that harasses victims’ employees, ...
A new survey of executives sheds light on how well organizations fared with cyberattacks in the last 12 month as well as what attack vectors are going to increase future breaches.
A new phishing method uses a decades-old special URL format to take advantage of how security solutions and email clients interpret URLs, tricking victims into clicking.
The world’s five leading cybersecurity authorities have again issued a joint report about an increase in malicious cyber activity targeting managed service providers they expect to ...
New data from security vendor Sophos shows that while the presence of cyber insurance coverage has increased, it’s the experiencing of attacks that’s driving the need.
Reaching more than 1 million attacks in a single quarter for the first time, new data on phishing attacks in Q1 of 2022 show an emphasis on impersonation and credential theft.
