If you think you’re immune to phishing attempts, you’re wrong! 2025-03-26 at 16:17 By Zeljka Zorz Security consultant Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, has revealed that he got tricked by a clever phishing email, and that the attacker gained access to his Mailchimp account and stole a list […]
React to this headline:
If you think you’re immune to phishing attempts, you’re wrong! Read More »
2024 phishing trends tell us what to expect in 2025 2025-02-27 at 14:18 By Zeljka Zorz Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been
React to this headline:
2024 phishing trends tell us what to expect in 2025 Read More »
VC Company Insight Partners Hacked 2025-02-19 at 15:17 By Eduard Kovacs Venture capital firm Insight Partners has been targeted in a cyberattack that involved unauthorized access to its information systems. The post VC Company Insight Partners Hacked appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:
React to this headline:
VC Company Insight Partners Hacked Read More »
6 considerations for 2025 cybersecurity investment decisions 2025-02-18 at 18:33 By Help Net Security Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the expanding attack surface, cybersecurity risks evolve, and defenders need to mitigate them. Despite a period of cybersecurity
React to this headline:
6 considerations for 2025 cybersecurity investment decisions Read More »
Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have
React to this headline:
Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »
North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus
React to this headline:
North Korean hackers spotted using ClickFix tactic to deliver malware Read More »
Ransomware attackers are “vishing” organizations via Microsoft Teams 2025-01-21 at 14:10 By Zeljka Zorz The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has observed more than 15
React to this headline:
Ransomware attackers are “vishing” organizations via Microsoft Teams Read More »
Scam Yourself attacks: How social engineering is evolving 2025-01-21 at 07:30 By Help Net Security We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in 2025 is the “scam yourself” attacks. These aren’t your run-of-the-mill
React to this headline:
Scam Yourself attacks: How social engineering is evolving Read More »
CERT-UA warns against “security audit” requests via AnyDesk 2025-01-20 at 11:34 By Zeljka Zorz Attackers are impersonating the Computer Emergency Response Team of Ukraine (CERT-UA) via AnyDesk to gain access to target computers. The request (Source: CERT-UA) “Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to verify
React to this headline:
CERT-UA warns against “security audit” requests via AnyDesk Read More »
Malicious actors’ GenAI use has yet to match the hype 2025-01-14 at 17:08 By Zeljka Zorz Generative AI has helped lower the barrier for entry for malicious actors and has made them more efficient, i.e., quicker at creating convincing deepfakes, mounting phishing campaigns and investment scams, the most recent report by the Cyber Threat Alliance
React to this headline:
Malicious actors’ GenAI use has yet to match the hype Read More »
Windows, macOS users targeted with crypto-and-info-stealing malware 2024-12-06 at 14:05 By Zeljka Zorz Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and
React to this headline:
Windows, macOS users targeted with crypto-and-info-stealing malware Read More »
The limits of AI-based deepfake detection 2024-11-22 at 08:03 By Mirko Zorz In this Help Net Security interview, Ben Colman, CEO of Reality Defender, discusses the challenges of detecting high-quality deepfakes in real-world applications. He addresses the effectiveness and limitations of watermarking, AI-based detection, and the potential of emerging technologies in securing media authenticity. Colman
React to this headline:
The limits of AI-based deepfake detection Read More »
Why AI alone can’t protect you from sophisticated email threats 2024-11-19 at 07:03 By Mirko Zorz In this Help Net Security interview, Riaz Lakhani, CISO at Barracuda Networks, discusses the effectiveness of AI-based behavioural analysis in combating sophisticated email threats like BEC and VEC. Lakhani also explains how AI tools help detect malicious email activity
React to this headline:
Why AI alone can’t protect you from sophisticated email threats Read More »
Social engineering scams sweep through financial institutions 2024-11-13 at 06:04 By Help Net Security North American financial institutions fielded 10 times more reports of social engineering scams in 2024 than they did a year ago, according to BioCatch. The data shows scams now represent 23% of all digital banking fraud. Growing danger of deepfake and
React to this headline:
Social engineering scams sweep through financial institutions Read More »
Black Basta operators phish employees via Microsoft Teams 2024-10-28 at 18:51 By Zeljka Zorz Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta using the
React to this headline:
Black Basta operators phish employees via Microsoft Teams Read More »
Fake Google Meet pages deliver infostealers 2024-10-17 at 14:47 By Zeljka Zorz Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia) “The ClickFix tactic deceives users into downloading
React to this headline:
Fake Google Meet pages deliver infostealers Read More »
T-Mobile to Pay Millions to Settle With FCC Over Data Breaches 2024-10-01 at 18:46 By Ionut Arghire T-Mobile has agreed to invest $15.75 million in cybersecurity and pay $15.75 million to settle an FCC investigation into four data breaches. The post T-Mobile to Pay Millions to Settle With FCC Over Data Breaches appeared first on
React to this headline:
T-Mobile to Pay Millions to Settle With FCC Over Data Breaches Read More »
Transportation, logistics companies targeted with lures impersonating fleet management software 2024-09-24 at 17:46 By Zeljka Zorz Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers, the attackers start by compromising
React to this headline:
North Korean hackers’ social engineering tricks 2024-09-04 at 15:31 By Zeljka Zorz “North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggests that they are likely to target companies associated with
React to this headline:
North Korean hackers’ social engineering tricks Read More »
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise 2024-08-07 at 06:01 By Help Net Security Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate security
React to this headline:
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise Read More »