phishing
Microsoft 365 accounts of execs, managers hijacked through EvilProxy
A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at …
Russian APT phished government employees via Microsoft Teams
An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says …
Salesforce and Meta suffer phishing campaign that evades typical detection methods
The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email …
1 in 100 emails is malicious
BEC and phishing attacks soar by 20% and 41% respectively in H1 2023, according to Perception Point. Cyber attackers have continued to refine their methods, adopting more …
The gap in users’ identity security knowledge gives cybercriminals an opening
With exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming …
Zero trust rated as highly effective by businesses worldwide
Zero trust is here to stay, with 82% of experts currently working on implementing zero trust, and 16% planning to begin within 18 months, according to Beyond Identity. Over …
Growing scam activity linked to social media and automation
The average number of scam resources created per brand across all regions and industries more than doubled year-on-year in 2022, up 162%, according to Group-IB. Additionally, …
Facebook and Microsoft remain prime targets for spoofing
While trends in phishing frequently evolve, Facebook and Microsoft’s collective dominance as the most spoofed brands continues, according to Vade. Facebook and Microsoft’s …
Number of email-based phishing attacks surges 464%
The evolving cyberattack landscape reveals the increasing utilization of generative artificial intelligence (AI) systems, like ChatGPT, by cybercriminals for crafting …
ChatGPT shows promise in detecting phishing sites
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect …
Cybercriminals return to business as usual in a post-pandemic world
After two years of pandemic-induced disruption, 2022 was a return to business as usual for the world’s cybercriminals, according to Proofpoint. As COVID-19 medical and …
The multiplying impact of BEC attacks
The 2023 Verizon Data Breach Investigations Report (DBIR) has confirmed what FBI’s Internet Crime Complaint Center has pointed out earlier this year: BEC scammers are …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD