Half of Organizations Lack Protection Against Email Spoofing

Apr 24, 2025 3:38:15 PM By Stu Sjouwerman

A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing.

Broken Cyber Windows Theory

Apr 22, 2025 9:02:13 AM By Javvad Malik

Have you ever walked down a street with broken windows, burnt out cars, graffiti and felt a bit uneasy? There's a reason for that, and it's not just about aesthetics.

Threat Actors Are Increasingly Abusing AI Tools to Help With Scams

Apr 22, 2025 9:01:39 AM By Stu Sjouwerman

Cybercriminals are increasingly using AI tools to assist in malicious activities, according to Microsoft’s latest Cyber Signals report.

Powering Down Vulnerability: Securing the Energy Sector's Supply Chain

Apr 18, 2025 4:33:27 PM By Javvad Malik

The energy sector stands as a critical pillar of our society. From the electricity powering our homes to the fuel driving our industries, reliable energy is essential. However, the very ...

China Cybercriminals Behind Toll-Themed Smishing Attacks Surge in the US and UK

Apr 18, 2025 4:32:52 PM By Stu Sjouwerman

Resecurity warns that a China-based cybercriminal gang dubbed the “Smishing Triad” is launching a wave of road toll-themed SMS phishing (smishing) attacks against users across the US and ...

How Does Human Risk Management Differ from Security Awareness Training?

Apr 16, 2025 12:13:48 PM By Stu Sjouwerman

In today's cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error ...

UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack

Apr 15, 2025 11:03:55 AM By Stu Sjouwerman

Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches ...

Europe's Energy Sector at Risk: The Critical Need for Cybersecurity

Apr 11, 2025 6:49:08 PM By Martin Kraemer

Reliable energy is the backbone of any modern society. It powers our homes, industries, and economies. But what happens when this essential infrastructure becomes a target for ...

Shadow AI: A New Insider Risk for Cybersecurity Teams to Tackle Now

Apr 10, 2025 3:04:40 PM By James McQuiggan

Disclaimer: Don't get me wrong, I love using generative AI daily for research and writing. This is about how other users could be using it when they don't know what they don't know and ...

64% of Australian Organizations Hit by Ransomware Were Forced to Halt Operations

Apr 10, 2025 3:04:15 PM By Stu Sjouwerman

Illumio’s recent Global Cost of Ransomware Study found that 64% of Australian companies hit by ransomware had to shut down operations as a result.

Seeing (and Hearing) Isn’t Believing: My SEC Presentation on AI-Driven Scams

Apr 10, 2025 3:03:48 PM By Perry Carpenter

On March 6, I had the opportunity to speak and provide testimony at the SEC Investor Advisory Committee’s panel on Retail Investor Fraud in America—a critical discussion about how AI is ...

Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians

Apr 10, 2025 10:13:12 AM By Stu Sjouwerman

The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.

[HEADS UP] North Korea Expands Its Fraudulent IT Worker Operations

Apr 9, 2025 9:10:47 AM By Stu Sjouwerman

North Korea’s fraudulent employment operations have expanded to hit countries around the world, with a particular focus on Europe, according to researchers at Google’s Threat Intelligence ...

The Real Deal: How Cybercriminals Exploit Legitimate Domains

Apr 9, 2025 9:09:57 AM By James Dyer

When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.

Upgraded Phishing-as-a-Service Platform Drives a Wave of Smishing Attacks

Apr 7, 2025 10:19:19 AM By Stu Sjouwerman

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.

Online Gaming Platform Steam Tops List of Most Imitated Brands For the First Time

Apr 7, 2025 10:18:53 AM By Stu Sjouwerman

Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge ...

Phishing Attacks Lead to Theft in the Shipping Industry

Apr 3, 2025 1:19:14 PM By Stu Sjouwerman

Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA.

[Heads Up] QR Code Phishing is Getting More Stealthy Fast

Apr 3, 2025 1:18:58 PM By Stu Sjouwerman

Attackers are using new tactics in QR code phishing (quishing) attacks, according to researchers at Palo Alto Networks’ Unit 42.

Malicious Memes: How Cybercriminals Use Humor to Spread Malware

Apr 3, 2025 1:18:35 PM By Erich Kron

Internet memes and viral content have become a universal language of online culture. They're easily shareable, often humorous, and can spread rapidly across various platforms.

Exploring the Implications of DORA: A New Global Standard For Financial Cybersecurity

Apr 1, 2025 4:39:51 PM By Javvad Malik

As of January 17, 2025, the Digital Operational Resilience Act (DORA) came into force across all European Union member states, with the crucial aim of strengthening the IT security of ...

Security Awareness Training Blog

View Topics