Great security training is a real challenge 14/09/2023 at 07:31 By Help Net Security All employees need security training, yet it’s generally a resented afterthought. A variety of studies over years show that human error is generally felt to be the largest vulnerability in organizations. For technology companies like SaaS providers, who also need to […]
React to this headline:
Great security training is a real challenge Read More »
Understanding the dangers of social engineering 11/09/2023 at 06:09 By Help Net Security Social engineering is a manipulative technique used by individuals or groups to deceive or manipulate others into divulging confidential or sensitive information, performing actions, or making decisions that are not in their best interest. It often involves exploiting human psychology and trust
React to this headline:
Understanding the dangers of social engineering Read More »
North Korean hackers target security researchers with zero-day exploit 08/09/2023 at 12:32 By Helga Labus North Korean threat actors are once again attempting to compromise security researchers’ machines by employing a zero-day exploit. The warning comes from Google’s own security researchers Clement Lecigne and Maddie Stone, who detailed the latest campaign mounted by government-backed attackers.
React to this headline:
North Korean hackers target security researchers with zero-day exploit Read More »
Emerging threat: AI-powered social engineering 06/09/2023 at 07:32 By Help Net Security Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that we might be facing more elaborate social engineering attacks in the future. It is becoming increasingly evident that the
React to this headline:
Emerging threat: AI-powered social engineering Read More »
AI-coded smart contracts may be flawed and ‘fail miserably’ when attacked: CertiK 06/09/2023 at 06:02 By Cointelegraph By Brayden Lindrea CertiK’s security chief Kang Li thinks inexperienced programmers using AI tools such as ChatGPT to write smart contracts is a recipe for disaster. This article is an excerpt from Cointelegraph.com News View Original Source React
React to this headline:
AI-coded smart contracts may be flawed and ‘fail miserably’ when attacked: CertiK Read More »
Okta Says US Customers Targeted in Sophisticated Attacks 05/09/2023 at 17:02 By Eduard Kovacs Okta says some of its US-based customers have been targeted in social engineering attacks whose goal was to disable MFA and obtain high privileges. The post Okta Says US Customers Targeted in Sophisticated Attacks appeared first on SecurityWeek. This article is
React to this headline:
Okta Says US Customers Targeted in Sophisticated Attacks Read More »
Open redirect flaws increasingly exploited by phishers 23/08/2023 at 12:49 By Helga Labus Phishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider refreshing employees’ awareness and knowledge on how to spot them. Malicious URL redirection Open redirect vulnerabilities in web
React to this headline:
Open redirect flaws increasingly exploited by phishers Read More »
Organizations invest in AI tools to elevate email security 21/08/2023 at 06:39 By Help Net Security To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research. Cybercriminals are already using AI
React to this headline:
Organizations invest in AI tools to elevate email security Read More »
Zimbra users in Europe, Latin America face phishing threat 18/08/2023 at 11:04 By Help Net Security ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions. About the Zimbra phishing campaign The campaign has been
React to this headline:
Zimbra users in Europe, Latin America face phishing threat Read More »
Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft
React to this headline:
Russian APT phished government employees via Microsoft Teams Read More »
Zero trust rated as highly effective by businesses worldwide 26/07/2023 at 06:33 By Help Net Security Zero trust is here to stay, with 82% of experts currently working on implementing zero trust, and 16% planning to begin within 18 months, according to Beyond Identity. Over 90% of those working on zero trust cited that the
React to this headline:
Zero trust rated as highly effective by businesses worldwide Read More »
North Korean hackers targeted tech companies through JumpCloud and GitHub 21/07/2023 at 16:03 By Helga Labus North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. The JumpCloud intrusion On June 27, JumpCloud
React to this headline:
North Korean hackers targeted tech companies through JumpCloud and GitHub Read More »
GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees 21/07/2023 at 14:32 By Ionut Arghire North Korean hackers are targeting employees at technology firms with repository invitations and malicious NPM packages. The post GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees appeared first on SecurityWeek. This article is
React to this headline:
GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees Read More »
VirusTotal leaked data of 5,600 registered users 18/07/2023 at 15:47 By Helga Labus VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about employees of US and German intelligence agencies (among others). VirusTotal data leak exposed exploitable information Google-owned
React to this headline:
VirusTotal leaked data of 5,600 registered users Read More »
Is your browser betraying you? Emerging threats in 2023 07/07/2023 at 07:02 By Help Net Security Network attacks (IPS detections) have remained relatively flat over the last three quarters, technically down a bit more than 3%, according to WatchGuard. “Organisations need to pay more active, ongoing attention to the existing security solutions and strategies their
React to this headline:
Is your browser betraying you? Emerging threats in 2023 Read More »
The multiplying impact of BEC attacks 12/06/2023 at 16:22 By Helga Labus The 2023 Verizon Data Breach Investigations Report (DBIR) has confirmed what FBI’s Internet Crime Complaint Center has pointed out earlier this year: BEC scammers are ramping up their social engineering efforts to great success. BEC attackers targeting the real estate sector The FBI
React to this headline:
The multiplying impact of BEC attacks Read More »
Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element 06/06/2023 at 16:01 By Help Net Security Verizon Business today released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware – malicious
React to this headline:
Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element Read More »
Cybercriminals use legitimate websites to obfuscate malicious payloads 02/06/2023 at 06:33 By Help Net Security According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the need to enhance defenses to prevent
React to this headline:
Cybercriminals use legitimate websites to obfuscate malicious payloads Read More »
Threat actors exploit new channels for advanced phishing attacks 26/05/2023 at 07:36 By Help Net Security Perception Point’s team has identified a 356% increase in the number of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87%, highlighting the growing threat that cyber attacks now pose
React to this headline:
Threat actors exploit new channels for advanced phishing attacks Read More »
Identity crimes: Too many victims, limited resources 18/05/2023 at 08:00 By Help Net Security The Identity Theft Resource Center (ITRC) has documented incidents of identity theft reported during 2022 and the first quarter of 2023, highlighting the use of strategies by criminals to convince people to willingly share protected information. The number of reported identity
React to this headline:
Identity crimes: Too many victims, limited resources Read More »