Fewer, High-Profile Ransomware Attacks Are Yielding Higher Ransoms

Aug 29, 2024 8:52:20 AM By Stu Sjouwerman

Analysis of cryptocurrency payments made on the blockchain highlights shifts in the size and frequency of ransomware attacks and may paint a bleak picture for the remainder of the year.

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

Aug 28, 2024 8:26:11 AM By Stu Sjouwerman

New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves.

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

Aug 28, 2024 8:26:08 AM By Stu Sjouwerman

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG).

Ransomware Recovery Costs Have Doubled for State and Local Governments

Aug 27, 2024 7:30:00 AM By Stu Sjouwerman

Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in ...

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

Aug 23, 2024 3:07:33 PM By Stu Sjouwerman

New research on email threats points to AI-based tools to assist in generating BEC content. And the overwhelming targeted role may or may not surprise you.

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 3:07:30 PM By Stu Sjouwerman

New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals.

Deceptive AI: A New Wave of Cyber Threats

Aug 23, 2024 8:48:22 AM By Javvad Malik

As artificial intelligence (AI) technology advances, its influence on social media has become more and more pervasive and riddled with challenges. In particular, the ability for humans to ...

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Aug 21, 2024 4:02:07 PM By Stu Sjouwerman

Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Aug 21, 2024 2:33:55 PM By Stu Sjouwerman

Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point.

Cybersecurity in 2024: Reflecting on the Past, Preparing for the Future

Aug 21, 2024 2:33:51 PM By Martin Kraemer

As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year.

U.K. Management Almost Twice as Likely to Fall for Phishing Attacks Versus Entry-Level Employees

Aug 19, 2024 1:58:47 PM By Stu Sjouwerman

Highlights from a new survey focused on employee compliance reveals just how targeted and susceptible U.K. businesses are to phishing attempts.

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

Aug 19, 2024 8:34:46 AM By Stu Sjouwerman

The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes

Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...

File-Sharing Phishing Attacks Increased by 350% Over the Past Year

Aug 15, 2024 12:28:38 PM By Stu Sjouwerman

File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security.

Latest Phishing Scam Uses Cross-Site Scripting Attack to Harvest Personal Details

Aug 15, 2024 10:55:02 AM By Stu Sjouwerman

Cross-Site Scripting (XSS) is alive and well, and used in attacks to obfuscate malicious links in phishing emails to redirect users to threat-actor controlled websites.

Chameleon Malware Poses as CRM App

Aug 13, 2024 1:54:29 PM By Stu Sjouwerman

Researchers at ThreatFabric warn that a phishing campaign is distributing the Chameleon Android malware by impersonating a Customer Relationship Management (CRM) app. The campaign is ...

Attackers Abuse Google Drawings to Host Phishing Pages

Aug 13, 2024 8:30:00 AM By Stu Sjouwerman

Researchers at Menlo Security warn that a phishing campaign is exploiting Google Drawings to evade security filters.

New Phishing Campaign Targets Israeli Organizations To Deliver Malware

Aug 8, 2024 3:36:17 PM By Stu Sjouwerman

A new phishing campaign is targeting Israeli organizations to deliver the RHADAMANTHYS information-stealing malware, Cyber Security News reports.

[On-Demand Webinar] 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk

Aug 8, 2024 8:30:00 AM By Stu Sjouwerman

Your secret weapon to combat cyber threats might be just under your nose! Cybercriminals continue to exploit vulnerabilities while upping their game with new and more sinister attack ...

Security Awareness Training Blog

Phishing Blog

View Topics