Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
The New Verizon DBIR is a treasure trove of data. As we covered here, and here, people are one of the most common factors contributing to successful data breaches. Let’s drill down a bit ...
For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible.
The U.S. and South Korean governments have issued a joint advisory outlining a North Korean phishing campaign, The Register reports. The threat actor, known as “Kimsuky,” is targeting ...
Today, the FBI alerted warned against a new even more disgusting type of sextortion. Previously, these schemes involved coerced or stolen digital material, but now some criminals are ...
Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that ...
Fighting spear phishing attacks is the single best thing you can do to prevent breaches.
50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, ...
Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the ...
As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial ...
Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email ...
As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering.
Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.
The Insider reported that an apparently AI-generated photo faking an explosion near the Pentagon in D.C. went viral. The Arlington Police Department confirmed that the image and ...
According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...
The Associated Press warned this week that AI experts have raised concerns about the potential impact of deepfake technology on the upcoming 2024 election. Deepfakes are highly convincing ...
A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...
The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...
The U.S. government created a new office to block disinformation. The new Foreign Malign Influence Center (FMIC) oversees efforts that span U.S. military, law enforcement, intelligence, ...
The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.
The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...
