
Your supplier’s BEC problem is your BEC problem
Business email compromise (BEC) scams are a burgeoning threat for organizations and, despite rising awareness, new victims are cropping up daily. BEC scammers don’t care …

PayPal becomes phisher’s favorite brand, Office 365 phishing techniques evolve
PayPal has overtaken Microsoft to claim the number one ranking for phisher’s favorites for the first time. Netflix was not far behind as the streaming giant moved up to …

Researchers develop machine learning-based detector that stops lateral phishing attacks
Lateral phishing attacks – scams targeting users from compromised email accounts within an organization – are becoming an increasing concern in the U.S. Whereas in …

Fake mobile app fraud tripled in first half of 2019
In Q2 2019, RSA Security identified 57,406 total fraud attacks worldwide. Of these, phishing attacks were the most prevalent (37%), followed by fake mobile apps (usually apps …

Phishing attempts increase 400%, many malicious URLs found on trusted domains
1 in 50 URLs are malicious, nearly one-third of phishing sites use HTTPS and Windows 7 exploits have grown 75% since January. A new Webroot report also highlights the …

281 BEC scammers arrested in worldwide law enforcement action
Federal authorities announced a significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to intercept and hijack wire transfers from …

More than 99% of cyberattacks rely on human interaction
Cybercriminals target people, rather than systems and infrastructure, to install malware, initiate fraudulent transactions, steal data, and more, according to Proofpoint. …

New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations
McAfee Labs saw an average of 504 new threats per minute in Q1 2019, and a resurgence of ransomware along with changes in campaign execution and code. More than 2.2 billion …

Attackers use large-scale bots to launch attacks on social media platforms
Social media sites have become lucrative targets for criminals looking for quick monetization. More than half of logins (53%) on social media sites are fraudulent and 25% of …

Should you block newly registered domains? Researchers say yes
7 out of 10 newly registered domains (NRDs) are either malicious, suspicious or not safe for work, say Palo Alto Networks researchers, and advise organizations to block access …

Researchers reveal the latest lateral phishing tactics
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves. Lateral phishing tactics …

Thefts from cryptocurrency exchanges continue despite increased security
Although exchanges, wallets and other cryptocurrency custody services are strengthening their defenses, attackers continue to innovate and outpace even the current state of …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)