Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.
Let’s be brutally honest. For years, our industry has been locked in a civil war. In one camp, the technologists have been building higher walls and smarter traps, arguing that the right ...
North Korean hackers behind the “Contagious Interview” campaign are using the ClickFix social engineering tactic to target job seekers with phony employment offers, according to ...
AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at ...
Protecting humans means protecting the tools humans use.
AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience.
Attackers are abusing iCloud Calendar invites to send phishing messages that pose as PayPal notifications, BleepingComputer reports. Since the messages are sent from Apple’s ...
The FBI and the American Bankers Association (ABA) have issued a joint advisory warning of the growing threat posed by AI-generated deepfake scams.
One of the most common human risk management recommendations is for users to hover over URL links of unexpected messages to see if the involved DNS domain is legitimate or not for the ...
The use of “shadow AI” is an increasing security risk within organizations, according to a new report from Netskope.
In essence, that is the disclosure and notification message that the open-source developer "qix" sent to the world when he was social engineered to give up access credentials to his ...
The State of California’s Franchise Tax Board (FTB) has warned of an ongoing SMS phishing (smishing) campaign targeting residents, Malwarebytes reports.
I occasionally get human risk management (HRM) administrators asking me to help them with ideas of “contests” to better educate their end-users.
Researchers at Stripe warn of a wave of spear phishing attacks targeting C-suite employees and senior leadership across a wide range of industries.
Healthcare organizations need to be prepared for an increase in AI-assisted phishing attacks, according to Zack Martin, Senior Policy Advisor at Venable.
A super common voice phone call phishing scam (i.e., vishing) is when the scammer calls you and pretends to be a law enforcement official with a warrant for your arrest for not answering ...
Threat actors can now use AI tools to automate entire attack operations, according to a new report from Anthropic.
Many years ago, a friend of mine worked as a security director at a firm and had what they called an “audit box.” It was a pre-prepared box filled with policies, network diagrams, ...
