How to test employee cyber competence through pen-testing
Social engineering hacking preys on the vulnerabilities inherent in human psychology, so it’s vital for organizations to test employee cyber competence. Take the …
phishing
Crooks are exploiting unpatched Android flaw to drain users’ bank accounts
Hackers are actively exploiting StrandHogg, a newly revealed Android vulnerability, to steal users’ mobile banking credentials and empty their accounts, a Norwegian app …
Trusted certificates make phishing websites appear valid
There has been a rampant growth of look-alike domains, which are often used to steal sensitive data from online shoppers. Venafi analyzed suspicious domains targeting 20 major …
Lateral phishing makes for dangerous waters, here’s how you can avoid getting caught in the net
As companies and consumers have become more aware of phishing, hackers have refined their techniques and are now launching a more advanced form of attack known as lateral …
The FBI multi-factor authentication notification that should have never been
While reviewing the recent Private Industry Notification from the FBI about using social engineering and technical attacks to circumvent multi-factor authentication, I was …
PayPal becomes phisher’s favorite brand, Office 365 phishing techniques evolve
PayPal has overtaken Microsoft to claim the number one ranking for phisher’s favorites for the first time. Netflix was not far behind as the streaming giant moved up to …
Phishing attacks at highest level in three years
The number of phishing attacks continued to rise into the autumn of 2019, according to APWG. The total number of phishing sites detected in July through September 2019 was …
Detecting and tracking phishing campaigns through web analytics identifiers
Cyber crooks are quick to abuse legitimate services for their own malicious purposes. One of the latest instances demonstrating this propensity involves phishing kit …
Researchers develop machine learning-based detector that stops lateral phishing attacks
Lateral phishing attacks – scams targeting users from compromised email accounts within an organization – are becoming an increasing concern in the U.S. Whereas in …
Europol: Spear phishing the most prevalent cyber threat affecting orgs across the EU
Spear phishing describes the practice of targeting specific individuals within an organisation or business for the purposes of distributing malware or extracting sensitive …
Office 365 users targeted with fake voicemail alerts in suspected whaling campaign
Office 365 users at high-profile companies in a wide variety of industries are being targeted with voicemail-themed phishing emails, McAfee researchers have found. They say …
Cybercriminals using custom phishing tools to target the world’s largest tech brands
Cybercriminals are using enterprise-based development and deployment strategies, such as phishing as a service (PaaS), to leverage some of the world’s largest tech brands, …
