Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.
Researchers at Anomali warn that the financially motivated threat group FIN7 is using Windows 11-themed phishing documents to deliver malware. The documents claim to have been created on ...
Researchers at Cisco Talos have translated a playbook used by the ransomware-as-a-service group Conti. The playbook contains detailed instructions for how to gain administrator access, ...
Microsoft’s recent announcement that the new version of Microsoft Windows, Microsoft Windows 11, will be released soon is capturing headlines around the world. Microsoft will allow ...
Over 2.9 Billion email-based threats were detected in the first half of 2021. Business Email Compromise, obfuscation, and living off the land reigned, according to new data from Zix.
In preparation for Labor Day, a new alert from the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA) warns of an increase in ransomware attacks.
New data analyzed by NCC Group’s Research Intelligence and Fusion Team highlights a massive uptick in the number of ransomware attacks, further establishing it as the number one security ...
With 18 new pieces of training content added this month, check out the always fresh content update highlights and new features from the month of August.
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Researchers at Microsoft have observed a widespread phishing campaign that’s abusing open redirectors to fool users into visiting credential-harvesting pages. Open redirects are often ...
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”
New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 show a massive rise when compared to 2020.
The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...
Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.
A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...
The US Federal Bureau of Investigation (FBI) has issued an advisory describing a ransomware affiliate that calls itself “OnePercent Group,” the Record reports. The Record notes that the ...
The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.
Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
With financial impacts as high as $46K per hour, shutting down some or all of operations due to a ransomware attack is not a decision taken lightly by hospitals, but may be the only ...
In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.
