Flipping the BEC funnel: Phishing in the age of GenAI
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over time, however, as s.....»»
A look at the bring your own browser (BYOB) approach
Recently, Microsoft retired IE 11 in favor of Microsoft Edge, which claims to be more secure than Google Chrome, with built-in defenses against phishing and malware. Does this mean security teams have one less application to worry about securing? The.....»»
How a cyber asset management strategy can help enterprises detect threats
Whether it’s through stolen credentials, phishing attacks, or simply user errors, people continue to pose the greatest risk to cybersecurity. While behavioral attacks are nothing new, Verizon’s recently released Data Breach Investigations Report.....»»
How phishing attacks are becoming more sophisticated
The latest APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed to date. This quarter was the first time the three-month total has exc.....»»
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonated various services appearing to b.....»»
Chrome for iPhone gets upgraded phishing and malware protection
Google announced it's bringing Enhanced Safe Browsing to iOS, meaning iPhone and iPad users will gain upgraded phishing and malware threat protection along with other handy cybersecurity tricks......»»
Risky behavior reduced when executives put focus on identity security
Managing identities accessing enterprise resources has become significantly more complicated over the last several years. Between the increasing number of identities, the challenges posed by phishing attacks, and the continued growth of cloud adoptio.....»»
Inside a large-scale phishing campaign targeting millions of Facebook users
In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a massive phishing campaign has successfully stolen an estimated five million Facebook accounts. The campaign continues to spread virally through Facebook Messen.....»»
Fake voicemail notifications are after Office365, Outlook credentials
A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and Outlook login credentials, Zscaler warns. The campaing seems to be a repeat of.....»»
Ping Identity, Yubico, and EntryPoint bring zero trust to FIDO2 authenticators for the US Federal Government
Ping Identity, Yubico, and EntryPoint partnered on a joint solution that enables phishing-resistant Derived FIDO2 Credentials (DFCs) along with identity proofing and centralized identity management. “Phishing-resistant MFA is an immediate prior.....»»
This Facebook Messenger phishing scam may have trapped millions of users
Elaborate Facebook Messenger phishing campaign has been active since 2021, researchers reveal......»»
Turning the tables on cyber attackers
Darktrace AI interrupts in-progress cyber-attacks in seconds, including ransomware, email phishing, and threats to cloud environments and critical infrastructure. In this Help Net Security video, Justin Fier, VP Tactical Risk and Response at Darktrac.....»»
Bored Ape Yacht Club Discord server hacked, NFTs stolen
Crooks used a stolen Discord account to post phishing links, stealing more than $300,000 in the process.....»»
What is phishing and how dangerous is it?
A threat that really shouldn’t be underestimated - we discuss exactly what phishing is, how it works, and why you should be very wary of this kind of exploit......»»
Vishing attacks: What they are and how organizations can protect themselves
Vishing (voice phishing) involves defrauding people over the phone. Vishing cases have increased almost 550 percent during 2021, and vishing attacks have overtaken business email compromise (BEC) as the second most reported response-based email threa.....»»
Microsoft Office apps are vulnerable to IDN homograph attacks
Microsoft Office apps – including Outlook and Teams – are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users hovering above a link in a phishing email, a Word or Excel docume.....»»
Everything you need to know about phishing
Barracuda MSP's Jason Howells explains what the different types of phishing scams are and how to prevent them......»»
A dastardly new phishing scam is targeting tax software users
QuickBooks users tricked into handing over important information by cybercriminals......»»
New infosec products of the week: May 27, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Corelight, Fortinet, Hunters, Kingston Digital, Netenrich, PIXM, and SafeGuard Cyber. PIXM Mobile provides real-time protection from phishing attacks on mobi.....»»
PIXM Mobile provides real-time protection from phishing attacks on mobile devices
PIXM announced the expansion of its anti-phishing products with the launch of PIXM Mobile, which protects individuals and enterprises from targeted and unknown phishing attacks on mobile devices. PIXM Mobile is a cloud-based mobile solution developed.....»»
Someone Stole Seth Green"s Bored Ape, Which Was Supposed To Star In His New Show
An anonymous reader quotes a report from BuzzFeed News: Actor and producer Seth Green was robbed of several NFTs this month after succumbing to a phishing scam that inadvertently threw a monkey wrench into the plan for his new animated series. The fo.....»»