Travelers Beware: Booking.com Warns of Increases in AI-Enabled Travel Scams

Jul 9, 2024 8:31:58 AM By Stu Sjouwerman

In an interview at the Collision technology conference in Toronto, Booking.com’s CISO sounds the alarm on what she calls “supercharged artificial intelligence (AI) scams.”

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

Jul 5, 2024 7:40:28 AM By Stu Sjouwerman

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.

[Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

Jul 2, 2024 1:55:47 PM By Anna Collard

A few weeks ago, I was privileged to visit the 8th grade of a high-school here in Cape Town and talk to the students about cybersecurity, social media, and emerging technology. It was a ...

Hacked Customer Support Portal Being Used to Send Phishing Emails

Jul 2, 2024 1:55:30 PM By Stu Sjouwerman

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.

The Curious Case of the Payroll Pilfering

Jul 1, 2024 1:54:30 PM By Javvad Malik

In a world where cyber espionage has become as common as a rainy day in London, the recent events surrounding the UK armed forces' payroll database have had us all raising our eyebrows ...

New Malware Campaign Impersonates AI Tools To Trick Users

Jul 1, 2024 1:54:27 PM By Stu Sjouwerman

Researchers at ESET warn that malvertising campaigns are impersonating AI tools to trick users into installing malware. The Rilide infostealer, for example, is being distributed via a ...

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

Jun 27, 2024 1:46:32 PM By Stu Sjouwerman

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...

FBI Warns of Phishing Campaign Targeting the Healthcare Industry

Jun 27, 2024 1:46:27 PM By Stu Sjouwerman

The US FBI and the Department of Health and Human Services (HHS) have released a joint advisory warning of a social engineering campaign that’s targeting the healthcare industry.

BEC Attacks Accounted for More Than One in Ten Social Engineering Attacks in 2023

Jun 24, 2024 9:21:30 AM By Stu Sjouwerman

A new report from Barracuda has found that email conversation hijacking attacks have risen by 70% since 2022. Additionally, business email compromise (BEC) attacks accounted for 10.6% of ...

My Hacker Story: A Cautionary Tale of Intern Antics and Cultural Learnings

Jun 24, 2024 8:31:12 AM By Javvad Malik

My hacker story does not paint me in the best light, and it is not intended to. I am a firm believer in sharing one's mistakes and being open to learning from them.

Vacation-Themed Scams Are Spiking

Jun 20, 2024 11:33:45 AM By Stu Sjouwerman

Scammers are now impersonating legitimate services like Booking.com and Kayak to target people planning their summer vacations. One out of every 33 vacation-themed domains registered last ...

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Jun 18, 2024 1:58:40 PM By Stu Sjouwerman

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...

[Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

Jun 17, 2024 3:16:07 PM By Stu Sjouwerman

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to ...

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

Jun 14, 2024 3:47:55 PM By Stu Sjouwerman

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security.

[New Feature] Find Out if They've Got a Bad Reputation in Record Time with PhishER Plus Threat Intel

Jun 10, 2024 8:00:00 AM By Stu Sjouwerman

The PhishER Plus platform just got smarter with the addition of the new PhishER Plus Threat Intel feature that integrates web reputation data into the PhishER Plus console.

Nearly Three-Quarters of Organizations Were the Target of Attempted Business Email Compromise Attacks

Jun 7, 2024 2:20:40 PM By Stu Sjouwerman

New data highlights just how dangerous Business Email Compromise attacks are.

Breach or Bluff: Cyber Criminals' Slippery Tactics

Jun 7, 2024 8:16:12 AM By Javvad Malik

When the news first broke about a potential data breach at Ticketmaster, the details were murky. The Department of Home Affairs confirmed a cyber incident affecting Ticketmaster ...

Minnesotans Targeted by Scammers With Phony Arrest Warrants

Jun 7, 2024 8:14:43 AM By Stu Sjouwerman

The Minnesota Judicial Branch has issued an advisory warning that scammers are messaging Minnesotans with phony arrest warrants for missing jury duty.

“Operation Endgame” Ends with the Arrest of 4 Cybercriminal Suspects and 100 Servers

Jun 6, 2024 8:27:15 AM By Stu Sjouwerman

Coordinated efforts between law enforcement agencies across nine countries has resulted in a major disruption of a threat group’s malware and ransomware operations.

26% of Global Organizations Lack Security Training Programs

Jun 6, 2024 8:26:39 AM By Stu Sjouwerman

More than a quarter (26%) of organizations around the world provide no security awareness training for their employees, according to a survey by Hornetsecurity. The researchers found that ...

Security Awareness Training Blog

View Topics