Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Continued analysis of ransomware attacks shows an upward trend in the number of attacks, with September resulting in the highest number of assaults so far this year.
Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns.
The U.S. Federal Bureau of Investigation (FBI) and South Korea’s Ministry of Foreign Affairs have issued an advisory offering guidance to “the international community, the private sector, ...
As organizations continue to believe the malicious use of artificial intelligence (AI) will outpace its defensive use, new data focused on the future of AI in cyber attacks and defenses ...
Social engineering attacks have a very long history, though the Internet has made it easier to launch these attacks en masse, according to Sean McNee at DomainTools. McNee points to an ...
A threat actor dubbed “Void Rabisu” used social engineering to target attendees of the Women Political Leaders (WPL) Summit that was held in Brussels from June 7 to 8, 2023, Trend Micro ...
A new report sheds light on whether CISOs have been the victim of a cyber attacks, if they're every paid a ransom, their greatest cyber concerns, and much more.
As the number of reported ransomware attacks increases, new data provides a fresh look at how ready organizations are for ransomware attacks.
As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies.
The Wall Street Journal recently published an article about using highly-emotionally charged, “controversial”, subjects in simulated phishing tests. Controversial topic examples include ...
A report from Trustwave notes that phishing remains one of the most popular and effective techniques for attackers to gain access to organizations.
Roborock's online storefronts have been used for cybercrime schemes in the past, and it seems attackers are continuing to create fake online shops. After all, the Chinese-originated robot ...
Credential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.
Even though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work.
Threat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of ...
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Resecurity warns that the Smishing Triad threat actor has “vastly expanded its attack footprint” in the United Arab Emirates (UAE).
A new report from Secureworks has found that business email compromise (BEC) remains “one of the most financially damaging online crimes overall for orgs” in 2023. The security firm’s ...
Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.
The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.
