A super common voice phone call phishing scam (i.e., vishing) is when the scammer calls you and pretends to be a law enforcement official with a warrant for your arrest for not answering ...
Threat actors can now use AI tools to automate entire attack operations, according to a new report from Anthropic.
“The problem is much, much worse than most people acknowledge.” One of the biggest enduring mysteries for me in cybersecurity is why most cybersecurity curricula don’t teach secure coding ...
Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to ...
ReliaQuest has published a report on the cybercriminal recruitment ecosystem, finding that fluent English speakers with social engineering skills are highly sought-after.
By: John N Just, Ed.D. & Ben Syn It’s that exhilarating time of year again! Summer is winding down, and the back-to-school season is in full swing—a truly fantastic time to focus on ...
Cybercriminals are increasingly abusing AI-assisted website generators to quickly craft convincing phishing sites, according to researchers at Palo Alto Networks’ Unit 42.
Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are ...
You've probably seen them: enticing online offers for free products from brands you trust, like a Yeti beach chair from Costco or an emergency car kit from AAA.
Social engineering attacks are a growing threat to operational technology (OT) environments, Industrial Cyber reports.
Professional phishing groups are targeting customers of brokerage firms in order to manipulate stock prices, KrebsOnSecurity reports. The attackers use a technique called “ramp and dump” ...
Attackers are using a Japanese Unicode character to replace forward slashes in phishing URLs, BleepingComputer reports.
In this series, we first explored the psychology that makes HR phishing so effective, then showcased the real-world lures attackers use to trick your employees. Now, we’re going under the ...
Phishing attacks impersonating HR are on the rise. Between January 1 – March 31, 2025, our Threat Lab team observed a 120%surge in these attacks reported via our PhishER product versus ...
We all trust HR - or at least we do when we think they’re emailing us! Data from KnowBe4’s HRM+ platform reveals that phishing simulations with internal subject lines dominate the list of ...
The North Korean threat actor ScarCruft has incorporated ransomware into its arsenal, according to researchers at South Korean security firm S2W.
Modern Security Operations Centers (SOCs) face a persistent challenge: managing threats across multiple security tools while maintaining operational efficiency.
In the never-ending battle against cyber villains, your users are on the front lines.
For any small- to medium-sized enterprise (SME), the cybersecurity landscape can be intimidating. You are informed of a variety of threats, reliable expertise is scarce, and there is ...
For the sixth year in a row, we've been honored with the TrustRadius Tech Cares Award!
