Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.
Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros.
Larry Abrams at Bleepingcomputer correctly observed: "Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and ...
New voicemail phishing scam uses legitimate branded domains from companies like Samsung and Adobe to facilitate redirects to compromised websites intent on stealing credentials.
Here are a few important content updates to share with you for the month of June.
Looking for some binge-worthy watching this summer? We've got just what you're looking for! Check out this innovative new security awareness video series called ‘The Inside Man’.
Russian voters have overwhelmingly backed a ploy by President Vladimir Putin to rule until 2036 in a referendum.
A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...
The Coronavirus phishing scams have only gotten more aggressive and targeted now than ever before, InfoSecurity Magazine reports. Now researchers at Griffin Law are tracking self-employed ...
The NY Times reported some surprising numbers: "Officials promised to recruit at least 500 cyberspies and build on the country’s offensive capabilities to take the online battle overseas. ...
Netflix is warning users in Ireland to be on the lookout for another phishing campaign that’s impersonating the streaming service, Extra.ie reports. The emails inform recipients that ...
The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?
According to the SANS Internet Storm Center, cybercriminals are engaging their victims online, using social engineering tactics to collect needed details to extort money.
Using a Dropbox Transfer page, this new scam presses all the urgency buttons while eluding detection as being malicious in an effort to steal the victim’s online credentials.
A recent cyberattack on Australian beverage manufacturer Lion demonstrates how even a modicum of precaution after an attack can spell doom for operations.
KrebsOnSecurity reports that a phishing website has been impersonating the private messaging service Privnote.com in order to steal Bitcoin. The real Privnote is a free site that allows ...
The number of phishing attacks in Singapore to give up personal information has almost tripled in the last year and doubled during the COVID-19 pandemic, according to the Cybersecurity ...
A Russian ransomware group named "Evil Corp" who was indicted by the Justice Department in December is now targeting employees working from home during the COVID-19 pandemic and ...
We have exciting news to share! Two new modules have been released about data-driven defense, both featuring Data-Driven Evangelist Roger Grimes.
Surveys are enticing, and so are survey scams. But they’re easy to recognize if you know what to look for, according to Paul Ducklin at Naked Security. Ducklin describes a typical survey ...
Scammers are taking advantage of the prominent use of VPNs by remote workforces to send out this very topically relevant phishing email that just wants to steal your credentials.
