Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
It’s that time of year again. The air feels a bit crisper; the days are a bit shorter; and children around the world prepare to go trick or treating. Even as an adult, Halloween is ...
When staying safe online, it’s important not to go “out of bounds” for communication. Simply put, going out of bounds could mean a recipe for how your users could fall victim to a ...
Pay attention to this one. Despite only targeting Russian companies, the use of custom self-made malware and decidedly creative phishing campaigns makes them a potential danger.
Scammers are taking advantage of Google’s Trust Service Verification and the way their App Engine creates unique URLs to host trusted landing pages used in phishing scams.
People need to help raise awareness about voice phishing scams, or vishing, according to Paul Ducklin at Naked Security. While phone scams have been around for years, they remain ...
As organizations look for permanent solutions to operate using a remote workforce, users continue to elevate the risk of cyberattack by not worrying about cybersecurity.
One of the most dangerous pieces of malware is back with a new campaign that takes advantage of social engineering techniques to look convincing enough to fool your users.
Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...
I’m excited to announce the release of my 12th book, Hacking Multifactor Authentication.
According to new research from Mimecast, remote workers are increasingly putting their organizations at risk by failing to follow security awareness training best practices.
At the heart of almost every phishing email is a spoof. In malicious emails spoofing is the art of deceptively imitating something or someone trusted by users in order to gain their ...
In a recent report by NBC News, cybersecurity company TrustWave found a bad guy selling voter registration data on 186 million Americans.
It’s Cyber Security Awareness Month, and the security advice is flowing out from all corners of the web to advise your users on remaining secure. However, all this information can be ...
The Australian Taxation Office has advised Australians to delete a particular email and to not provide any personal information.
Mid-level managers need to be particularly wary of targeted phishing attacks, according to Jenn Gast at INKY. Gast explains that criminals can easily conduct open-source research on a ...
This is the true story of an IT Manager who was tired of his users clicking everything and wanted to teach them a lesson… in a good way.
Phishing attacks are growing in prevalence during the pandemic, according to David Dufour, Vice President of Engineering and Cybersecurity at Webroot. Webroot’s recent threat report ...
New insight from Accenture Security highlights specific ways attackers are changing their tactics to make Microsoft’s email platform a tool rather than an obstacle for phishing attacks.
Researchers at GreatHorn warn that a large-scale phishing campaign is using open redirects to evade email security filters. Open redirects allow attackers to take a URL from a ...
FireEye says a newly characterized cybercriminal gang, FIN11, has been launching widespread email phishing campaigns for the past four years. The group isn’t particularly sophisticated, ...
