Social Engineering
Social Engineering | News, how-tos, features, reviews, and videos
Attackers use stolen banking data as phishing lure to deploy BitRAT
Data from an older breach lends credibility to this newer sophisticated attack that delivers a highly obfuscated payload.
Social media use can put companies at risk: Here are some ways to mitigate the danger
Using social media can expose company and employee data, and misuse could harm organizational reputation. Here are some tips that can help reduce the risk.
DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
The spear phishing group has revised its tactics and is employing more sophisticated techniques and tactics based on what appears to be extensive research into Facebook business and ads management accounts.
Luna Moth callback phishing campaign leverages extortion without malware
Palo Alto’s Unit 42 investigated several incidents linked to the Luna Moth callback phishing extortion campaign that uses legitimate and trusted management tools instead of malware to exploit businesses.
Global 2000 companies failing to adopt key domain security measures
Lookalike domains are targeting Forbes Global 2000 brands to launch phishing attacks and other forms of digital brand abuse/IP infringement.
The 15 biggest data breaches of the 21st century
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
Phishing attacks increase by over 31% in third quarter: Report
Cybersecurity company Vade reports that attackers sent more than 203.9 million emails in the third quarter alone, up from 155.3 million in the prior quarter
Securing your organization against phishing can cost up to $85 per email
On average, organizations spend up to 60 minutes dealing with each phishing email identified in their email infrastructure, according to a new report by Osterman Research.
Malware builder uses fresh tactics to hit victims with Agent Tesla RAT
A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.
How cybercriminals use public online and offline data to target employees
A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.
Cybersecurity startup launches mobile app to protect against phishing attacks
Israeli startup novoShield has released an iPhone app that protects users against malicious websites.
Iranian cyberspies use multi-persona impersonation in phishing threads
Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.
DNS data indicates increased malicious domain activity, phishing toolkit reuse
Akamai research discovers phishing toolkit reuse played a key role in increased malicious domain activity in the second quarter of 2022.
3 ways China's access to TikTok data is a security risk
The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.
Cisco admits hack on IT network, links attacker to LAPSUS$ threat group
Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account.
How a Venezuelan disinformation campaign swayed voters in Colombia
A Black Hat presentation explains how Russia-aligned Venezuela influenced the presidential election in Colombia to its political benefit.
Microsoft takes top spot as most impersonated brand in phishing
Microsoft tops Vade's phishing report, which has some good news: The overall number of phishing attacks declined in the second quarter.
9 tips to prevent phishing
From rewarding employees for savvy security smarts, to showing them how breaches are relevant to their every-day duties, we've got the phishing prevention tips you need.