social engineering

Ransomware, extortion groups adapt as payment rates reach historic lows

Coveware, data theft, Don't miss, extortion, Hot stuff, Insider Threat, News, Ransomware, remote access, social engineering, trends /

Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according

Ransomware, extortion groups adapt as payment rates reach historic lows Read More »

Researchers uncover ClickFix-themed phishing kit

Don't miss, Hot stuff, News, Palo Alto Networks, phishing, social engineering /

Researchers uncover ClickFix-themed phishing kit 2025-10-08 at 16:26 By Zeljka Zorz Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering technique. “This tool allows threat actors to create highly customizable phishing

Researchers uncover ClickFix-themed phishing kit Read More »

North Korean hackers stole over $2 billion in cryptocurrency this year

Cryptocurrency, Cryptocurrency Exchange, Don't miss, Elliptic, Hot stuff, News, North Korea, social engineering, theft /

North Korean hackers stole over $2 billion in cryptocurrency this year 2025-10-08 at 14:49 By Zeljka Zorz North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though this year’s record losses are driven largely by the February attack on

North Korean hackers stole over $2 billion in cryptocurrency this year Read More »

Hackers launch data leak site to extort 39 victims, or Salesforce

Data leak, data theft, Don't miss, extortion, Hot stuff, News, Salesforce, social engineering /

Hackers launch data leak site to extort 39 victims, or Salesforce 2025-10-06 at 17:44 By Zeljka Zorz Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak

Hackers launch data leak site to extort 39 victims, or Salesforce Read More »

Ransomware remains the leading cause of costly cyber claims

Allianz, cyber insurance, News, social engineering, supply chain, threats /

Ransomware remains the leading cause of costly cyber claims 2025-10-01 at 07:04 By Anamarija Pogorelec Cyber threats are shifting in 2025, and while large companies are still targets, attackers are turning their attention to smaller and mid-sized firms. According to Allianz’s Cyber Security Resilience 2025 report, hardened defenses at major corporates have pushed criminals to

Ransomware remains the leading cause of costly cyber claims Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Don't miss, GitHub, Hot stuff, LastPass, macOS, Malware, News, SEO, social engineering /

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

Artificial Intelligence, automation, CISO, cybersecurity, Don't miss, Doppel, legacy technology, News, phishing, social engineering /

What CISOs can learn from Doppel’s new AI-driven social engineering simulation 2025-08-27 at 07:51 By Sinisa Markovic Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps,

What CISOs can learn from Doppel’s new AI-driven social engineering simulation Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

The new battleground for CISOs is human behavior

Artificial Intelligence, cyber resilience, cybersecurity, LevelBlue, News, report, social engineering, threats /

The new battleground for CISOs is human behavior 2025-08-22 at 08:40 By Anamarija Pogorelec Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader business (Source: LevelBlue)

The new battleground for CISOs is human behavior Read More »

How Brandolini’s law informs our everyday infosec reality

attacks, automation, cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Portnox, social engineering, supply chain /

How Brandolini’s law informs our everyday infosec reality 2025-08-11 at 09:00 By Help Net Security Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and

How Brandolini’s law informs our everyday infosec reality Read More »

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends

cybersecurity, LevelBlue, News, report, social engineering, threats /

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends 2025-08-08 at 08:07 By Sinisa Markovic Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to quietly move through environments before they’re caught. Data showing at what stage

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends Read More »

Why behavioral intelligence is becoming the bank fraud team’s best friend

BioCatch, cybersecurity, Don't miss, enterprise, Features, financial industry, fraud, Hot stuff, News, social engineering, social media /

Why behavioral intelligence is becoming the bank fraud team’s best friend 2025-07-29 at 09:03 By Mirko Zorz In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how banks are using behavioral biometrics, device fingerprinting, and network intelligence to enhance fraud

Why behavioral intelligence is becoming the bank fraud team’s best friend Read More »

Four arrested in connection with M&S, Co-op ransomware attacks

Don't miss, Hot stuff, National Crime Agency, News, Ransomware, Retail, social engineering, UK /

Four arrested in connection with M&S, Co-op ransomware attacks 2025-07-10 at 17:19 By Zeljka Zorz Four individuals suspected of having been involved in the ransomware attacks that hit UK-based retailers earlier this year have been arrested by the UK National Crime Agency. “Two males aged 19, another aged 17, and a 20-year-old female were apprehended

Four arrested in connection with M&S, Co-op ransomware attacks Read More »

Qantas data breach could affect 6 million customers

Australia, Closed Door Security, data breach, Don't miss, Entrust, FBI, Hot stuff, News, Qantas, social engineering /

Qantas data breach could affect 6 million customers 2025-07-02 at 14:04 By Zeljka Zorz Qantas has suffered a cyber incident that has lead to a data breach. “The incident occurred when a cyber criminal targeted a call centre and gained access to a third-party customer servicing platform,” the Australian airline announced today, but said that

Qantas data breach could affect 6 million customers Read More »

Microsoft introduces protection against email bombing

Don't miss, Email, Hot stuff, Microsoft, Microsoft Defender, News, social engineering, spam /

Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in

Microsoft introduces protection against email bombing Read More »

Attackers fake IT support calls to steal Salesforce data

data theft, Don't miss, enterprise, extortion, Google, Hot stuff, News, Salesforce, social engineering, vishing /

Attackers fake IT support calls to steal Salesforce data 2025-06-04 at 17:47 By Zeljka Zorz Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters

Attackers fake IT support calls to steal Salesforce data Read More »

TikTok videos + ClickFix tactic = Malware infection

Don't miss, Hot stuff, Malware, News, security awareness, social engineering, TikTok, Trend Micro /

TikTok videos + ClickFix tactic = Malware infection 2025-05-23 at 15:53 By Zeljka Zorz Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and are

TikTok videos + ClickFix tactic = Malware infection Read More »

What is social engineering in crypto (and how to protect yourself)?

social engineering /

What is social engineering in crypto (and how to protect yourself)? 2025-05-12 at 13:23 By Cointelegraph by SK Arora Social engineering in crypto, explained In the world of cryptocurrency, security goes beyond just protecting your wallet with a password or private key. One of the most deceptive and increasingly dangerous threats to crypto users today

What is social engineering in crypto (and how to protect yourself)? Read More »

Fake AI platforms deliver malware diguised as video content

Artificial Intelligence, cybercrime, Don't miss, Hot stuff, Malware, Morphisec, News, scams, SMBs, social engineering /

Fake AI platforms deliver malware diguised as video content 2025-05-09 at 16:53 By Zeljka Zorz A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but

Fake AI platforms deliver malware diguised as video content Read More »

Scroll to Top