UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

Apr 12, 2024 8:48:09 AM By Javvad Malik

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester ...

Top Tax Scams of 2024 Your Organization Should Watch Out For

Apr 11, 2024 8:19:01 AM By Stu Sjouwerman

As the April 15, 2024 filing deadline approaches, tax scammers are working overtime to take advantage of rushed or stressed taxpayers.

Malvertising Campaigns Surged in 2023

Apr 11, 2024 8:18:57 AM By Stu Sjouwerman

Researchers at BlueVoyant observed a 50% increase in large-scale malvertising campaigns in 2023 compared to 2022.

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

Apr 9, 2024 2:05:26 PM By Roger Grimes

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

Apr 9, 2024 2:05:22 PM By Stu Sjouwerman

A new PhaaS service brings the power of bypassing multi-factor authentication (MFA) to the world’s most-used email platforms.

Australian Government Commits to Become a World-Leader in Cybersecurity by 2030

Apr 8, 2024 12:05:22 PM By Stu Sjouwerman

The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade.

Tokyo Police Department Warns of Phishing Scam That Uses Phony Arrest Warrants

Apr 8, 2024 12:05:19 PM By Stu Sjouwerman

The Tokyo Metropolitan Police Department has warned of a phishing scam that’s attempting to trick individuals with phony arrest warrants, the Japan Times reports.

The Cyber Achilles' Heel: Why World Leaders and High-Profile Individuals Must Prioritise Cybersecurity

Apr 8, 2024 7:55:51 AM By Javvad Malik

Social media has become an indispensable tool for communication, outreach, and engagement. From world leaders to high-profile individuals, these platforms offer an unparalleled ...

Apple Users Become the Latest Targets of MFA Attacks

Apr 4, 2024 1:28:45 PM By Stu Sjouwerman

A new string of multi-factor authentication (MFA) attacks targeting the reset of Apple IDs seem to be popping up in a likely attempt to steal the victim’s digital identity and more.

IT Leaders Can’t Stop AI and Deepfake Scams as They Top the List of Most Frequent Attacks

Apr 4, 2024 9:09:49 AM By Stu Sjouwerman

New data shows that the attacks IT feels most inadequate to stop are the ones they’re experiencing the most.

Malicious App Impersonates McAfee to Distribute Malware Via Text and Phone Calls

Apr 3, 2024 12:36:29 PM By Stu Sjouwerman

A trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious ...

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

Apr 3, 2024 12:36:17 PM By Stu Sjouwerman

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.

Despite Cybersecurity Improvements in UK Organizations, Attacks Still Persist

Apr 1, 2024 11:43:19 AM By Stu Sjouwerman

The UK government's third phase of research shows how well UK organizations have been improving their cybersecurity efforts but indicates that the risk from certain attacks have only been ...

Thread Hijacking Phishing Attack Targets Pennsylvania Journalist

Apr 1, 2024 11:43:16 AM By Stu Sjouwerman

A journalist in Pennsylvania was targeted by phishing attacks that involved thread hijacking, according to Brian Krebs at KrebsOnSecurity.

Russian Federation-backed threat group APT29 Now Targeting German Political Parties

Mar 29, 2024 12:07:37 PM By Stu Sjouwerman

New analysis of APT29’s (aka Cozy Bear) activities and their association with Russia’s Foreign Intelligence Service (SVR) has revealed suspected attempts to collect political intelligence.

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Mar 29, 2024 12:07:32 PM By Stu Sjouwerman

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.

New Malware Loader Delivers Agent Tesla Remote Access Trojan Via Phishing

Mar 29, 2024 11:06:12 AM By Stu Sjouwerman

A new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with ...

The Number of New Pieces of Malware Per Minute Has Quadrupled in Just One Year

Mar 27, 2024 1:03:56 PM By Stu Sjouwerman

The threat of novel malware is growing exponentially, making it more difficult for security solutions to identify attachments and links to files as being malware.

A Simple 'Payment is Underway' Phishing Email Downloads RATs from AWS, GitHub

Mar 27, 2024 1:03:46 PM By Stu Sjouwerman

Analysis of a new initial access malware attack shows how simple these attacks can be while also proving that malware can reside on legitimate repositories.

New Phishing-as-a-Service Kit Attempts to Bypass MFA

Mar 26, 2024 11:38:48 AM By Stu Sjouwerman

A Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its ...

Security Awareness Training Blog

Phishing Blog

View Topics