From Reactive to Proactive: Cyber Insurance is Driving Optimal Security Investments for Organizations

New data shows that only 3 percent of organizations are solely relying on their current cyber defenses when adding on cyber insurance, indicating that organizations are beginning to ...
Continue Reading

From Policy to Practice in Security Culture: What Security Frameworks Recommend

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation ...
Continue Reading

Phishing Attacks Target High Profile YouTube Accounts

Researchers at ESET warn of phishing attacks that are attempting to hack high-profile YouTube channels in order to spread scams or malware.
Continue Reading

The Importance of Security Culture: When Telecom Giants Resort to Malware

I recently read a story about a South Korean telecom company that pushed out malware to over 600,000 of its customers who were using torrents to share files, in a bid to limit their ...
Continue Reading

Travelers Beware: Booking.com Warns of Increases in AI-Enabled Travel Scams

In an interview at the Collision technology conference in Toronto, Booking.com’s CISO sounds the alarm on what she calls “supercharged artificial intelligence (AI) scams.”
Continue Reading

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.
Continue Reading

[Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

A few weeks ago, I was privileged to visit the 8th grade of a high-school here in Cape Town and talk to the students about cybersecurity, social media, and emerging technology. It was a ...
Continue Reading

Hacked Customer Support Portal Being Used to Send Phishing Emails

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.
Continue Reading

The Curious Case of the Payroll Pilfering

In a world where cyber espionage has become as common as a rainy day in London, the recent events surrounding the UK armed forces' payroll database have had us all raising our eyebrows ...
Continue Reading

New Malware Campaign Impersonates AI Tools To Trick Users

Researchers at ESET warn that malvertising campaigns are impersonating AI tools to trick users into installing malware. The Rilide infostealer, for example, is being distributed via a ...
Continue Reading

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...
Continue Reading

FBI Warns of Phishing Campaign Targeting the Healthcare Industry

The US FBI and the Department of Health and Human Services (HHS) have released a joint advisory warning of a social engineering campaign that’s targeting the healthcare industry.
Continue Reading

BEC Attacks Accounted for More Than One in Ten Social Engineering Attacks in 2023

A new report from Barracuda has found that email conversation hijacking attacks have risen by 70% since 2022. Additionally, business email compromise (BEC) attacks accounted for 10.6% of ...
Continue Reading

My Hacker Story: A Cautionary Tale of Intern Antics and Cultural Learnings

My hacker story does not paint me in the best light, and it is not intended to. I am a firm believer in sharing one's mistakes and being open to learning from them.
Continue Reading

Vacation-Themed Scams Are Spiking

Scammers are now impersonating legitimate services like Booking.com and Kayak to target people planning their summer vacations. One out of every 33 vacation-themed domains registered last ...
Continue Reading

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...
Continue Reading

[Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to ...
Continue Reading

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security.
Continue Reading

[New Feature] Find Out if They've Got a Bad Reputation in Record Time with PhishER Plus Threat Intel

The PhishER Plus platform just got smarter with the addition of the new PhishER Plus Threat Intel feature that integrates web reputation data into the PhishER Plus console.
Continue Reading

Nearly Three-Quarters of Organizations Were the Target of Attempted Business Email Compromise Attacks

New data highlights just how dangerous Business Email Compromise attacks are.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews