Social Engineering

Social Engineering news, information, and how-to advice

frustrated computer user
marionette social engineering

istock 916151214

Iran's need to steal intellectual property

The indictment of nine Iranians by the DOJ is one in a long string of incursions by Iran to compromise trusted insiders and steal intellectual property.

ep21 salted hash

Salted Hash Ep 21: Scammers targeting Office 365 and DocuSign

Welcome back! Salted Hash is gearing up to shoot our next season, as well as other segments in April during the RSA Conference, but this week we're going to chat with Asaf Cidon, vice president of email security services at Barracuda....

salted hash thumbnail final
video

Scammers spoof Office 365, DocuSign and others | Salted Hash Ep 21

As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game...

securitysmart primary

Security Smart, Fall 2017: Password myths debunked!

From the editors of CSOonline.com Security Smart is a quarterly newsletter ready for distribution in your organization. We combine personal device and home safety tips with organizational security awareness, making security training...

north korea statue pyongyang

North Korea hacking group is expanding operations, researchers say

A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.

patching against ransomware

The two most important ways to defend against security threats

Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.

hacker person using laptop

Train your employees — before someone else does

Slashing overhead often means cutting training budgets, but unintended side effects often include employee attrition, poor performance, or even breach of your organization and loss of intellectual property.

linkedin

Espionage: Germany unmasks fake Chinese LinkedIn profiles

Germany's BfV says Chinese intelligence services targeted more than 10,000 German citizens in a massive social engineering effort that included LinkedIn.

spam pixabay

Over 1 million monthly spam emails spreading new Adwind RAT variants

The newly repackaged Adwind remote access Trojan can monitor user activity, log keystrokes, take screenshots, download malicious files, and record video and audio.

phishing hack scam malware binary code

GreatHorn detects the most carefully planned email attacks

Its ability to unmask phishing and social engineering attacks based on context truly sets it apart.

spearfishing trap

Forget Facebook, Twitter or Google – it’s the internet’s 'dark triad' that we need to protect ourselves against

Those platforms and services are mere vehicles providing a convenient platform for what was a much larger propaganda process made possible by spear phishing, trolling and fake news.

email virus threat attack

Business email fraud – financial scams under the guise of authority

A 1,300% increase in losses resulting from business email compromise is nothing short of an epidemic.

9 expand knowledge training

Employee training remains the best first line of defense against cybersecurity breaches

Ongoing training about current and future security issues is just not on the radar screen of most companies. That has to change.

ransomware

Ransomware damage costs predicted to hit $11.5B by 2019

The rising ransomware costs are driven by an uptick in the frequency of attacks, which is expected to rise to an attack every 14 seconds.

10 phishing

Why you should fear phishing more than data breaches

A recent study from Google and UC Berkeley examined the various ways accounts are compromised, and determined that phishing attacks – not data breaches – pose the most risk to users when it comes to lost access.

11 phish

5 ways to minimize phishing attacks

Social engineering and phishing remain two of the most effective methods of attacking systems and networks. Here are five quick wins to help improve your security.

cybersecurity awareness month

6 reasons why awareness programs fail even when following best practices

Taking into account the traditional critical success factors of security awareness may not be enough to create a security aware environment.

cyber security

What the good guys are up against: a roundup of popular attack vectors

To help the defenders know what they’re up against, here are some of the attack vectors that have been frequently used in recent months

Load More
You Might Also Like