Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Phishing emails are increasingly using Scalable Vector Graphics (SVG) attachments to display malicious forms or deliver malware, BleepingComputer reports.
A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security.
The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?
Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.
The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in.
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...
Sophos describes a QR code phishing (quishing) campaign that targeted its own employees in an attempt to steal information.
Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.
Phishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos.
A recent report from UK Finance covered by the BBC paints a concerning picture of the evolving landscape of financial fraud. With a 16% rise in fraud cases and criminals stealing over £3 ...
Despite the belief that today’s SOC should be doing the lion’s share of protecting an organization, new data shows reliance on more than just security teams is needed.
European Organizations Can't Afford to Wait: Critical Cybersecurity Threats Demand Immediate Action
Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year.
New York City's iconic Barnes & Noble on 5th Avenue recently featured the newly released books of two of KnowBe4's leading cybersecurity experts: Chief Human Risk Management Officer ...
KnowBe4 was asked what changes were made in the hiring process after the North Korean (DPRK) fake IT worker discovery. Here is the summary and we strongly suggest you talk this over with ...
The U.S. FBI warns that scammers are attempting to trick law firms into transferring money as part of a phony debt collection scheme.
Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more ...
