Using Authy? Beware of impending phishing attempts
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops t.....»»
Torrent of image-based phishing emails are harder to detect and more convincing
The arms race between scammers and defenders continues. Enlarge / Man hand holding a mobile phone with QR code. (credit: Getty Images) Phishing mongers have released a torrent of image-based junk emails that embed QR cod.....»»
New infosec products of the week: June 30, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cequence Security, Delinea, Index Engines, and NetApp. Delinea Privilege Manager enhancements reduce phishing effectiveness Based on Delinea’s deep experti.....»»
Delinea Privilege Manager enhancements reduce phishing effectiveness
Delinea announced the latest release of Privilege Manager, its solution for providing privilege elevation controls for users and applications on workstations. The latest enhancements significantly improve ease of use for customers by preconfiguring f.....»»
Insurance companies neglect basic email security
Only 3.54% of of insurance companies have correctly implemented basic phishing and spoofing protection, according to EasyDMARC. DMARC standard adoption Insurers operate using highly sensitive, private information that they’ve been trusted by client.....»»
ChatGPT shows promise in detecting phishing sites
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 phis.....»»
There"s a new gen AI tool to help workers spot malicious emails
Purge BEC attacks and phishing emails from your workplace with Themis Co-pilot for Microsoft Outlook......»»
Hackers threaten to leak stolen data if Reddit doesn’t reverse API changes
The situation surrounding Reddit’s changes to its API continues to get even weirder. Earlier this year, a ransomware group used a sophisticated phishing attack to steal 80GB of data from Reddit. Now, ransomware group BlackCat is claiming responsib.....»»
A sneak peek as the Fairphone 5 revealed
The new Fairphone 5 gets revealed and these are new specs you have to see. The impending arrival of the Fairphone 5 has been anticipated since the release of the Fairphone 4 nearly two years ago. The Fairphone brand has gained recognition f.....»»
California GAP law: Dealers quick to comply
Forty-six percent of California car sales in December 2022 with GAP would not have complied with an impending state cap on the price of the coverage to 4 percent of the amount the borrower financed......»»
Small organizations outpace large enterprises in MFA adoption
The use of MFA has nearly doubled since 2020 and that phishing-resistant authenticators represent the best choice in terms of security and convenience for users, according to Okta. MFA authentication gains traction MFA authentication has steadily gai.....»»
Guardz launches AI-powered Multilayered Phishing Protection to secure SMEs
Guardz has unveiled a new AI-powered Multilayered Phishing Protection solution to help small and medium-sized enterprises (SMEs) and managed service providers (MSPs) prevent phishing attacks before their security is compromised. The solution uses AI.....»»
Who can ride this impending wave of generative AI? Edge and cloud each take their own approaches
Generative AI is shaping up to be a key trend in the entire technology industry, and it doesn't appear to be a short-term bubble but rather a long-term wave. It has the opportunity to become a crucial application that can totally change human-machine.....»»
Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the.....»»
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and advanced detection evasion techniques. The rise in evasive tactics, such as ant.....»»
Beware, this WhatsApp link will instantly crash your Android phone
A new bugged WhatsApp link that's been spreading around will instantly crash your Android phone......»»
Apple hypes up WWDC for developers with Reality Pro headset hint: ‘Code new worlds’
We’re less than a week away of WWDC 2023 and Apple continues to drop not-so-subtle hints at the impending debut of the Reality Pro headset. In a new blog post on the Apple Developer website, Apple teases the upcoming event and invites developers t.....»»
Organizations spend 100 hours battling post-delivery email threats
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, according to Barracuda Networks. Barracuda Networks research finds 24% of orga.....»»
Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks This Help Net Security interview with Tiago Rodrigues, CEO.....»»
Is cybersecurity an unsolvable problem?
Ars chats with law philosopher Scott Shapiro about his new book, Fancy Bear Goes Phishing. Enlarge (credit: Farrar, Straus and Giroux) In November 1988, a graduate student at Cornell University named Robert Morris, Jr. i.....»»
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low volume, targeted, and use trusted cloud services to send emails and host conte.....»»