July 23, 2024 at 01:16PM Summary: Sara Atie’s article discusses the growing threat of QR code-based phishing attacks and the need for organizations to adopt robust protection measures to safeguard against these modern cyber threats. The article highlights common signs of QR code attacks and proposes proactive solutions to mitigate the risk. Key takeaways from … Read more
July 19, 2024 at 10:05AM Organizations are increasing investments to combat cyber threats, but the human element remains a significant vulnerability. Traditional security awareness training isn’t sufficient, as individual risk levels vary. A tailored, data-driven approach is needed to identify high-risk employees and provide personalized security measures, enhancing both protection and the demonstration of investment … Read more
July 18, 2024 at 08:21AM Join an upcoming webinar, “Turn Developers into Allies: The Power of Security Champion Programs,” to bridge the gap between developers and security. Learn about tactics to foster collaboration, effective communication, creating a culture of champions, and measuring success. The webinar features security experts from Mend.io, Yahoo, and Fortra. Register now … Read more
July 17, 2024 at 07:18AM The text outlines the threat posed by accidental insiders in cybersecurity. It discusses how employees, through lack of awareness or pressure to perform, can compromise security. The text highlights the potential consequences of such breaches and proposes proactive measures to mitigate the risk, emphasizing the importance of training, organizational controls, … Read more
July 5, 2024 at 01:16PM Europol announced the arrest of 54 individuals involved in a vishing scam targeting elderly Spanish citizens, using social engineering and physical threats. The criminals impersonated bank employees, extracted personal information, then physically targeted victims for payment and personal possessions. The unique approach of physically visiting victims adds complexity and danger … Read more
July 2, 2024 at 12:49AM An Australian man has been charged with creating fake Wi-Fi access points during a domestic flight to steal user data. The suspect impersonated legitimate networks, prompting victims to enter personal information. He faces multiple charges and potentially 23 years in prison if convicted. Authorities advise using reputable VPNs for public … Read more
June 27, 2024 at 12:06PM State-sponsored actors have launched three novel credential-phishing campaigns compromising over 40,000 corporate users, including top executives, in just three months. These attacks use highly evasive tactics to circumvent security controls, focusing on stealing credentials from corporate users for cyber-espionage purposes. Security experts stress the need for organizations to adapt and … Read more
June 27, 2024 at 10:03AM Summary: The commentary emphasizes the importance of secure social norms in cybersecurity. It highlights the need for individuals, including security professionals, to adopt secure behaviors to reduce the risk of breaches. It explains steps for establishing secure social norms, such as educating people on protecting personal identifiable information and promoting … Read more
June 19, 2024 at 03:35AM Criminals are using social engineering techniques to target organizations worldwide with malicious PowerShell scripts disguised as fake error messages from Google Chrome, Microsoft Word, and OneDrive. Proofpoint identified at least two criminal groups using this tactic, with the possibility of spreading ransomware. Organizations are advised to train employees to recognize … Read more
June 17, 2024 at 04:04PM KnowBe4 announced the launch of PhishER Plus Threat Intel, integrating Webroot’s website reputation data into its console. This feature enables faster detection and response to web-based threats, providing users with instant internet reputation data and enhancing threat detection. The new feature comes at no additional cost and is aimed at … Read more