#phishing-attacks

[ follow ]
#cybersecurity

80% of critical infrastructure entities affected by email breaches

Critical infrastructure organizations are highly targeted by cybercriminals, with 80% facing email security breaches in the past year.

New Loader Masquerades as Antivirus to Deliver SSLoad

PhantomLoader uses advanced evasion techniques to deliver SSLoad malware, posing significant threats to systems through phishing and deception.

How Infostealers Pillaged the World's Passwords

Attackers are shifting to less targeted approaches like infostealers due to increased security awareness and effectiveness of traditional attacks.

Executives targeted in mobile spearphishing attacks

Organizations need advanced, AI-driven solutions to defend against sophisticated mobile phishing campaigns.
Implementing comprehensive mobile defense strategies is crucial to reducing vulnerabilities.

Lazarus uses new dangerous malware variant CookiePlus

Lazarus group's Operation DreamJob employs CookiePlus malware for extended persistence and targets various sectors, including nuclear and defense, through advanced techniques.

Meet the startup that just won the Pentagon's first AI defense contract

The Department of Defense awarded its first generative AI contract to enhance cybersecurity, emphasizing a shift towards addressing AI-based threats.

80% of critical infrastructure entities affected by email breaches

Critical infrastructure organizations are highly targeted by cybercriminals, with 80% facing email security breaches in the past year.

New Loader Masquerades as Antivirus to Deliver SSLoad

PhantomLoader uses advanced evasion techniques to deliver SSLoad malware, posing significant threats to systems through phishing and deception.

How Infostealers Pillaged the World's Passwords

Attackers are shifting to less targeted approaches like infostealers due to increased security awareness and effectiveness of traditional attacks.

Executives targeted in mobile spearphishing attacks

Organizations need advanced, AI-driven solutions to defend against sophisticated mobile phishing campaigns.
Implementing comprehensive mobile defense strategies is crucial to reducing vulnerabilities.

Lazarus uses new dangerous malware variant CookiePlus

Lazarus group's Operation DreamJob employs CookiePlus malware for extended persistence and targets various sectors, including nuclear and defense, through advanced techniques.

Meet the startup that just won the Pentagon's first AI defense contract

The Department of Defense awarded its first generative AI contract to enhance cybersecurity, emphasizing a shift towards addressing AI-based threats.
morecybersecurity

The NCSC and FBI just issued a major alert over a state-backed hacker group - here's what you need to know

Iran-linked hackers are using social engineering tactics to target officials related to Iranian and Middle Eastern affairs.

The New Effective Way to Prevent Account Takeovers

Account takeover attacks threaten cloud-based SaaS environments, and strengthening browser security is essential for prevention.

Google says Iranian hackers are trying to access emails of Harris and Trump

Iranian cyber intrusion efforts are intensifying as the U.S. presidential election approaches, targeting notable political figures.
#cyber-threats

How Phishing Attacks Adapt Quickly to Capitalize on Current Events

Phishing attacks surged in 2023 with AI and PhaaS playing major roles in crafting malicious content and enabling quick responses to changing events.

New AI tools spawn fears of greater 2024 election threats, survey finds

Over half of state and local officials are not prepared to detect and recover from election-targeted cyber incidents.
Officials are concerned that the election cyber threat landscape in 2024 will be worse than in 2020, with AI tools posing unfamiliar challenges.

How Phishing Attacks Adapt Quickly to Capitalize on Current Events

Phishing attacks surged in 2023 with AI and PhaaS playing major roles in crafting malicious content and enabling quick responses to changing events.

New AI tools spawn fears of greater 2024 election threats, survey finds

Over half of state and local officials are not prepared to detect and recover from election-targeted cyber incidents.
Officials are concerned that the election cyber threat landscape in 2024 will be worse than in 2020, with AI tools posing unfamiliar challenges.
morecyber-threats

Users: Microsoft must update Outlook's friendly name feature

Users are urging Microsoft to reconsider how sender email addresses are displayed in Outlook to prevent phishing attacks.

Russia's luxury car phish continues to prove effective | Computer Weekly

Diplomatic missions and NGOs in Ukraine face extreme risks due to phishing attacks targeting government personnel and national security.

How To Get the Most From Your Security Team's Email Alert Budget

Security teams need to effectively monitor and respond to threats to combat the rising scale and complexity of phishing attacks in the context of a talent shortage.

Mass exploitation of edge services could become the defacto attack vector for hackers in 2024 - research

Phishing attacks are declining in 2024 as cyber hygiene, awareness, and endpoint protections improve, while exploiting vulnerable edge services emerges as a new favorite attack vector.

Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud - DevOps.com

Companies lack effective solutions against website impersonation fraud despite its severity and prevalence.

US warns of North Korean hackers using email security flaws for phishing attacks

North Korean hacking group Kimsuky exploits email security flaws for phishing attacks on organizations.
Proper configuration of email security protocols, such as DMARC, is crucial in preventing phishing attempts and spoofing.

Beijing-backed cyberspies attacked 70+ orgs in 23 countries

Beijing-backed hacking crew, Earth Krahang, targeted 116 victims worldwide, mostly government entities.
Earth Krahang linked to another China state-backed gang, Earth Lusca, and security contractor I-Soon.

Majority of UK employees 'willingly gamble' with security | Computer Weekly

More than two-thirds of UK workers take cyber risks knowingly, exposing organizations to breaches and financial loss.
Phishing attacks have decreased, but financial losses and reputational damage are on the rise due to human error.
#collaboration

The power of partnership in mitigating cyber risk: A CFO's perspective

Cybersecurity risks pose a significant threat to businesses' growth and operations, especially for smaller organizations.
Collaboration and effective communication with partners can enhance cybersecurity measures and protection.

5 Security Threats DevOps Teams Should Know - DevOps.com

DevOps security involves integrating security practices into the DevOps process.
DevOps security requires a cultural shift and the integration of security into every aspect of development and operations processes.

The power of partnership in mitigating cyber risk: A CFO's perspective

Cybersecurity risks pose a significant threat to businesses' growth and operations, especially for smaller organizations.
Collaboration and effective communication with partners can enhance cybersecurity measures and protection.

5 Security Threats DevOps Teams Should Know - DevOps.com

DevOps security involves integrating security practices into the DevOps process.
DevOps security requires a cultural shift and the integration of security into every aspect of development and operations processes.
morecollaboration

Artificial Intelligence: How It Can Target Your Firm's Cybersecurity Defenses

Lawyers are increasingly using AI, but there is a dark side to AI when it comes to law firm security.
AI cyberattacks are more sophisticated and harder to spot, creating a challenge for cybersecurity in law firms.

How to avoid fraud, scams, and phishing attempts this shopping season

During the month of November, online shopping days like Black Friday and Cyber Monday were launched in a different format to support local businesses.
Cybercriminals take advantage of the holiday shopping season to steal information and funds.
Protect yourself by sticking to reputable websites, avoiding unfamiliar links, verifying discount ads on social media, being cautious of phishing attempts, and ensuring website security.

Compound Finance Site Compromised in Phishing Attack

Phishing attack compromised Compound Finance's frontend, leading to a phishing site.

Twilio says hackers identified cell phone numbers of two-factor app Authy users | TechCrunch

Hackers stole 33 million phone numbers from Twilio affecting Authy users.

Convicted BEC scammer could face over 100 years in prison

A Nigerian national convicted in a $1.5 million BEC scam faces possible life imprisonment.
[ Load more ]