Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.
As world-wide concern continues to grow over the threat of potential attacks on critical infrastructure, REvil goes after and bites a Railway Operator once again! The Daly Swig reports ...
Zoom has fixed a security flaw that could have allowed attackers to launch hard-to-spot phishing attacks using the platform, according to researchers at Check Point who discovered and ...
The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...
Researchers at Zscaler warn of an increase in voicemail-themed phishing campaigns designed to steal credentials for enterprise applications. The emails purport to be automatically ...
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued a joint advisory warning that foreign hackers are targeting systems that ...
There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s ...
Let’s face it, very few organizations thought they’d still be in workforce limbo as we near the six-month mark of the pandemic. This situation has stretched many organizations to adopt ...
Yesterday, July 21, 2020 I testified before U.S. congress about COVID-19 phishing scams. I was invited by the Senate Commerce Committee's subcommittee on manufacturing, trade, and ...
A phishing campaign is impersonating an IT help desk and abusing legitimate cloud services to fool users, according to Ax Sharma at BleepingComputer. The emails are sent from the ...
Emotet, the venerable commodity banking Trojan, is being actively distributed again, according to researchers at Malwarebytes. Emotet’s botnets began sending out phishing emails on July ...
Focused on stealing victim credentials, this new attack uses a number of tactics to establish credibility, avoid raising red flags, and ensure they get the victim’s real credentials.
The Helinski Police Department is investigating a sophisticated smishing scheme in which attackers were able to steal more than 200,000 euros (US$228,736), Yle reports. The scammers sent ...
The rise in the use of this dangerous botnet, notorious for distributing malware via phishing campaigns and responsible for fueling Sextortion scams, should put organizations on edge.
Users need to be wary of requests for information or permissions, even if they appear to come from legitimate sources, according to Don MacLennan, Senior Vice President of Engineering and ...
I’m sure we are all interested in the latest Twitter hack. As the author of the soon to be released Wiley book called Hacking Multifactor Authentication, I have to laugh at the “experts” ...
Microsoft has issued an advisory warning about “consent phishing,” or application-based phishing attacks that rely on users granting permissions to malicious apps. These attacks aren’t as ...
The Securities and Exchange Commission, through its Office of Compliance Inspections and Examinations (OCIE), issued a warning to advisors and broker-dealers to “immediately” review their ...
The latest results of KnowBe4's quarterly top-clicked phishing email subjects are in. We report on three different categories: social media related subjects, general subjects, and 'in the ...
Scammers are seeking to obtain personal information by impersonating Canadian hospital staff over the phone, NEWS 1130 reports. Vancouver Coastal Health issued an alert in which the ...
