social engineering
Booking.com customers targeted in hotel booking scam
Scammers are hijacking hotels’ Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information. …
Okta breach: Hackers stole info on ALL customer support users
The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a …
Building cyber resilience for tomorrow’s threats
Cyber resilience is the capacity of an organization to maintain its core functions and swiftly adapt to, respond to, and recover from cyber threats. A cyber-resilient …
Microsoft Authenticator suppresses suspicious MFA notifications
Microsoft has quietly rolled out a new mechanism that shields users of its mobile Authenticator app from suspicious (and annoying) push notifications triggered by attackers. …
Cybersecurity pros predict rise of malicious AI
76% of cybersecurity professionals believe the world is very close to encountering malicious AI that can bypass most known cybersecurity measures, according to Enea. 26% see …
LLMs lower the barrier for entry into cybercrime
Cybercriminals employ evolving attack methodologies designed to breach traditional perimeter security, including secure email gateways, according to Egress. “Without a doubt …
Current ransomware defensive efforts are not working
Despite some positive developments, the impact of ransomware attacks remains high, according to SpyCloud. Infostealer infections preceded 22% of ransomware events for North …
Despite rising insider risk costs, budgets are being wasted in the wrong places
The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The …
Attackers hit software firm Retool to get to crypto companies and assets
Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over …
Great security training is a real challenge
All employees need security training, yet it’s generally a resented afterthought. A variety of studies over years show that human error is generally felt to be the largest …
Understanding the dangers of social engineering
Social engineering is a manipulative technique used by individuals or groups to deceive or manipulate others into divulging confidential or sensitive information, performing …
North Korean hackers target security researchers with zero-day exploit
North Korean threat actors are once again attempting to compromise security researchers’ machines by employing a zero-day exploit. The warning comes from Google’s …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility