Phishing news, analysis, research, how-to, opinion, and video.

Man pointing to security icon for email
businessmen with umbrellas risk protected storm

rules procedures manuals

10 old-school security principles that (still) rule

Oldies but goodies, these security tips have stood the test of time.

23922465470 fe3c8b8cdf o

The 17 biggest data breaches of the 21st century

Security practitioners weigh in on the 17 worst data breaches in recent memory.

laptop security breach password identity theft hacker

Cybercriminals impersonate Outlook and DocuSign to steal your identity

Attackers are now impersonating popular web services like Microsoft Outlook, DocuSign and Google Docs to trick you to freely give up your credentials.

security training ts

Are bad analogies killing your security training program?

Humans make irrational decisions under pressure. Security training needs to focus on changing behavior, not just raising awareness. Using effective analogies can help.

Android mobile phone

Dark Caracal: Hacking group targets Android smartphones

An advanced persistent threat (APT) group named Dark Caracal used Android spyware to steal hundreds of gigabytes of sensitive data from more than 21 countries.

Missed target arrows bullseye

5 mistakes I’ve made (and how to avoid them)

Pulling from his years of building programs for The Walt Disney Company & Sony Pictures, Jason shares his own mistakes building security awareness and provides guidance on how to avoid them in your own security awareness programs.

cloud security ts

The hackers are coming: 6 cloud computing trends you will see in 2018

Growth is good, and will bring many changes to the cloud industry. But not all changes will be good, especially when it comes to security.

endpoint protection

Review: Digital Guardian offers ready-to-deploy endpoint security

Advanced threats are increasingly assaulting endpoints. Here's how the Digital Guardian Threat Aware Data Protection Platform tackles the problem.


2018 cybersecurity trends and predictions

The new year brings new challenges and opportunities in cybersecurity.

hacker person using laptop

Train your employees — before someone else does

Slashing overhead often means cutting training budgets, but unintended side effects often include employee attrition, poor performance, or even breach of your organization and loss of intellectual property.

phishing hack scam malware binary code

5 phishing tests to run inside your organization

Leveraging real world events to increase awareness

phishing threat

What is phishing? How this cyber attack works and how to prevent it

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this venerable, but increasingly sophisticated, form of cyber attack.

phishing hack scam malware binary code

GreatHorn detects the most carefully planned email attacks

Its ability to unmask phishing and social engineering attacks based on context truly sets it apart.

10 phishing

Salted Hash Ep 10: Office 365 phishing examples, the bad and the ugly

This week's episode of Salted Hash is a personal one, as we're taking a look at some Office 365 phishing emails that have targeted staffers at CSO Online and The attempts themselves are really low quality, but they work....

Salted Hash Ep 10 Steve Ragan

Office 365 phishing examples | Salted Hash Ep 10

Salted Hash looks at recent Office 365 phishing examples, discussing why they work and what can be done about them.

11 phish

Can AI eliminate phishing?

Phishing continues to plague consumers and businesses alike. Is artificial intelligence the answer to solving this persistent security headache?

Computer monitor with pixelated locks for security breach

A look back at cybersecurity in 2017

We keep seeing more and more data breaches. This year Yahoo and Equifax were some of the biggest headline makers, but in the end, it’s more about who has not been breached vs who is the latest.

spearfishing trap

Forget Facebook, Twitter or Google – it’s the internet’s 'dark triad' that we need to protect ourselves against

Those platforms and services are mere vehicles providing a convenient platform for what was a much larger propaganda process made possible by spear phishing, trolling and fake news.

Load More