social engineering

Fake “Windows Update” screens fuels new wave of ClickFix attacks

Fake “Windows Update” screens fuels new wave of ClickFix attacks 2025-11-25 at 15:02 By Zeljka Zorz A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything they need to slip […]

Fake “Windows Update” screens fuels new wave of ClickFix attacks Read More »

Doppel Raises $70 Million at $600 Million Valuation

Doppel Raises $70 Million at $600 Million Valuation 2025-11-20 at 16:18 By Ionut Arghire The AI-native social engineering defense (SED) platform will accelerate product innovation and expand its offerings. The post Doppel Raises $70 Million at $600 Million Valuation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Doppel Raises $70 Million at $600 Million Valuation Read More »

The long conversations that reveal how scammers work

The long conversations that reveal how scammers work 2025-11-19 at 09:08 By Sinisa Markovic Online scammers often take weeks to build trust before making a move, which makes their work hard to study. A research team from UC San Diego built a system that does the patient work of talking to scammers at scale, and

The long conversations that reveal how scammers work Read More »

Attackers upgrade ClickFix with tricks used by online stores

Attackers upgrade ClickFix with tricks used by online stores 2025-11-07 at 15:42 By Zeljka Zorz Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial

Attackers upgrade ClickFix with tricks used by online stores Read More »

Ransomware, extortion groups adapt as payment rates reach historic lows

Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according

Ransomware, extortion groups adapt as payment rates reach historic lows Read More »

Researchers uncover ClickFix-themed phishing kit

Researchers uncover ClickFix-themed phishing kit 2025-10-08 at 16:26 By Zeljka Zorz Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering technique. “This tool allows threat actors to create highly customizable phishing

Researchers uncover ClickFix-themed phishing kit Read More »

North Korean hackers stole over $2 billion in cryptocurrency this year

North Korean hackers stole over $2 billion in cryptocurrency this year 2025-10-08 at 14:49 By Zeljka Zorz North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though this year’s record losses are driven largely by the February attack on

North Korean hackers stole over $2 billion in cryptocurrency this year Read More »

Hackers launch data leak site to extort 39 victims, or Salesforce

Hackers launch data leak site to extort 39 victims, or Salesforce 2025-10-06 at 17:44 By Zeljka Zorz Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak

Hackers launch data leak site to extort 39 victims, or Salesforce Read More »

Ransomware remains the leading cause of costly cyber claims

Ransomware remains the leading cause of costly cyber claims 2025-10-01 at 07:04 By Anamarija Pogorelec Cyber threats are shifting in 2025, and while large companies are still targets, attackers are turning their attention to smaller and mid-sized firms. According to Allianz’s Cyber Security Resilience 2025 report, hardened defenses at major corporates have pushed criminals to

Ransomware remains the leading cause of costly cyber claims Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

What CISOs can learn from Doppel’s new AI-driven social engineering simulation 2025-08-27 at 07:51 By Sinisa Markovic Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps,

What CISOs can learn from Doppel’s new AI-driven social engineering simulation Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

The new battleground for CISOs is human behavior

The new battleground for CISOs is human behavior 2025-08-22 at 08:40 By Anamarija Pogorelec Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader business (Source: LevelBlue)

The new battleground for CISOs is human behavior Read More »

How Brandolini’s law informs our everyday infosec reality

How Brandolini’s law informs our everyday infosec reality 2025-08-11 at 09:00 By Help Net Security Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and

How Brandolini’s law informs our everyday infosec reality Read More »

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends 2025-08-08 at 08:07 By Sinisa Markovic Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to quietly move through environments before they’re caught. Data showing at what stage

From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends Read More »

Why behavioral intelligence is becoming the bank fraud team’s best friend

Why behavioral intelligence is becoming the bank fraud team’s best friend 2025-07-29 at 09:03 By Mirko Zorz In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how banks are using behavioral biometrics, device fingerprinting, and network intelligence to enhance fraud

Why behavioral intelligence is becoming the bank fraud team’s best friend Read More »

Four arrested in connection with M&S, Co-op ransomware attacks

Four arrested in connection with M&S, Co-op ransomware attacks 2025-07-10 at 17:19 By Zeljka Zorz Four individuals suspected of having been involved in the ransomware attacks that hit UK-based retailers earlier this year have been arrested by the UK National Crime Agency. “Two males aged 19, another aged 17, and a 20-year-old female were apprehended

Four arrested in connection with M&S, Co-op ransomware attacks Read More »

Qantas data breach could affect 6 million customers

Qantas data breach could affect 6 million customers 2025-07-02 at 14:04 By Zeljka Zorz Qantas has suffered a cyber incident that has lead to a data breach. “The incident occurred when a cyber criminal targeted a call centre and gained access to a third-party customer servicing platform,” the Australian airline announced today, but said that

Qantas data breach could affect 6 million customers Read More »

Microsoft introduces protection against email bombing

Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in

Microsoft introduces protection against email bombing Read More »

Scroll to Top