Security Boulevard

MARCH 20, 2025

The just released ThreatLabz 2025 AI Security Report examines the intersection of enterprise AI usage and security, drawing insights from 536.5 For the full analysis and security guidance, download the ThreatLabz 2025 AI Security Report now. billion AI/ML transactions in the Zscaler Zero Trust Exchange.

Social Engineering 76

Social Engineering Phishing Risk Insurance 76

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Organizations should implement domain monitoring, enforce DMARC policies, and train employees to recognize social engineering methods.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

eSecurity Planet

MAY 1, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. This years theme (Many Voices. This years updates: Complete lifecycle support for passwordless security.

Cybersecurity 57

Cybersecurity Mobile Phishing Artificial Intelligence 57

The Last Watchdog

JANUARY 30, 2025

30, 2025, CyberNewswire — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. Palo Alto, Calif., This allows the extension to directly interact with local apps without further authentication.

Social Engineering 130

Social Engineering Engineering Authentication Media 130

SecureWorld News

OCTOBER 3, 2023

And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.

Social Engineering 109

Social Engineering Phishing Engineering Technology 109

The Hacker News

APRIL 23, 2025

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.

Social Engineering 113

Social Engineering Engineering Accountability 113

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples.

Accountability 101

Accountability Malware Banking Phishing 101

SecureList

NOVEMBER 25, 2024

In this article in the KSB series, we review the trends of the past year, reflect on the predictions we made for 2024 , and offer insights into what we can expect in 2025. The attackers employed social engineering techniques to gain persistent access to the software development environment and remained undetected for years.

IoT 119

IoT Energy and Utilities Phishing Cryptocurrency 119

eSecurity Planet

MARCH 14, 2025

First detected in December 2024 and persisting into early 2025, the threat targets hospitality organizations across North America, Oceania, Asia, and Europe. Heres what comes next: These emails lure victims with urgent requests, from resolving guest review issues to verifying account information.

Phishing 65

Phishing Malware Social Engineering Authentication 65

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Consumers remained the primary target of financial cyberthreats, accounting for 73.69% of attacks. Mamont was the most active Android malware family, accounting for 36.7% million detections compared to 5.84

Phishing 82

Phishing Banking Scams Mobile 82

SecureWorld News

MARCH 13, 2025

While the AI-generated malware in this case required manual intervention to function, the fact that these systems can produce even semi-functional malicious code is a clear signal that security teams need to adapt their strategies to account for this emerging threat vector."

Malware 113

Malware Cybersecurity Cyber threats Threat Detection 113

Security Boulevard

MARCH 11, 2025

Microsoft patched 56 CVEs in its March 2025 Patch Tuesday release, with six rated critical, and 50 rated as important. Important CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability CVE-2025-26633 is a security feature bypass vulnerability in the Microsoft Management Console (MMC).

Social Engineering 69

Social Engineering DNS Engineering Authentication 69

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams 76

Scams Cybercrime Social Engineering Phishing 76

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. They can open accounts in your name, apply for loans, and even file false tax returns.

Data breaches 70

Data breaches Identity Theft Passwords eCommerce 70

Security Affairs

FEBRUARY 8, 2024

Cyber Skills Gap: By 2025, there could be 3.5 trillion annually by 2025, rising by 15% each year. trillion annually by 2025, rising by 15% each year. Healthcare Spending: From 2020 to 2025, the healthcare sector plans to spend $125 billion on cyber security to tackle its vulnerability.

Social Engineering 141

Social Engineering Cyber Attacks Cyber Insurance IoT 141

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

Thales Cloud Protection & Licensing

APRIL 7, 2025

Identity at a Crossroads: Why Existential Identity Matters madhav Tue, 04/08/2025 - 04:31 Imagine waking up one morning to find your digital identity compromised your accounts hijacked, your access revoked, and your data in someone elses hands. Are We Sacrificing Safety for Simplicity? But at what cost?

Authentication 62

Authentication Identity Theft Digital transformation Passwords 62

Digital Shadows

NOVEMBER 13, 2024

While 2024 generally saw the same tried-and-true techniques, 2025 is expected to bring new vulnerabilities and increased targeting of certain organizations by hacktivist groups due to geopolitical shifts. In 2025, we anticipate more vishing (voice phishing) and fake IT helpdesk scams targeting English-speaking firms.

Social Engineering 59

Social Engineering Cybersecurity DDOS Ransomware 59

NetSpi Executives

DECEMBER 3, 2024

The cybersecurity landscape is always changing, and 2025 is a continuation of this evolution. An opportunity to rethink resilience, innovation, and accountability in cybersecurity. An opportunity to rethink resilience, innovation, and accountability in cybersecurity.

Cybersecurity 59

Cybersecurity CISO Social Engineering Accountability 59

Security Boulevard

JANUARY 14, 2025

10 Critical 147 Important 0 Moderate 0 Low Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs publicly disclosed prior to patches being made available. All three vulnerabilities were assigned a CVSSv3 score of 7.8

Artificial Intelligence 52

Artificial Intelligence Authentication Social Engineering Accountability 52

Jane Frankland

MAY 3, 2025

While details remain sparse, reports suggest social engineering tactics like phishing, SIM swapping, and multi-factor authentication (MFA) fatigue attacks may have been used to infiltrate systems. Communicate and Collaborate When data breaches occur, organisations must prioritise transparency and accountability.

Cyber Attacks 100

Cyber Attacks Retail Cyber threats Backups 100

Security Boulevard

JANUARY 22, 2025

My favorite quotes from the report followbelow: Nearly half (46.4%) of the observed security alerts were due to overprivileged service accounts. As I said in other THR blogs, the main news here is that there is no news; a lot of cloud security problems in 2025 are 2020 problems, at best. These attacks accounted for 17.1%

Passwords 69

Passwords Social Engineering Cybersecurity Accountability 69

Digital Shadows

NOVEMBER 14, 2024

While 2024 generally saw the same tried-and-true techniques, 2025 is expected to bring new vulnerabilities and increased targeting of certain organizations by hacktivist groups due to geopolitical shifts. In 2025, we anticipate more vishing (voice phishing) and fake IT helpdesk scams targeting English-speaking firms.

Social Engineering 52

Social Engineering Cybersecurity DDOS Ransomware 52

Security Through Education

JANUARY 21, 2025

Password sharing, and the use of personal information in passwords, can drastically reduce the security of your online accounts and information. Uniqueness: Using a different password for each account helps reduce the chance of a single breach impacting multiple accounts. Storage: A shared secret is not a secret!

Social Engineering 52

Social Engineering Passwords Engineering Password Management 52

Security Through Education

JANUARY 21, 2025

Password sharing, and the use of personal information in passwords, can drastically reduce the security of your online accounts and information. Uniqueness: Using a different password for each account helps reduce the chance of a single breach impacting multiple accounts. Storage: A shared secret is not a secret!

Social Engineering 52

Social Engineering Passwords Engineering Password Management 52

Security Affairs

JANUARY 12, 2025

cannabis dispensary STIIIZY disclosed a data breach A novel PayPal phishing campaign hijacks accounts Banshee macOS stealer supports new evasion mechanisms Researchers disclosed details of a now-patched Samsung zero-click flaw Phishers abuse CrowdStrike brand targeting job seekers with cryptominer China-linked APT group MirrorFace targets Japan U.S.

Data breaches 60

Data breaches Phishing Social Engineering Engineering 60

Andrew Hay

DECEMBER 10, 2024

As we approach 2025, the ever-evolving landscape of cybersecurity continues to challenge professionals and organizations alike. In 2025, adversaries will use AI more effectively to bypass traditional defences. At the same time, social engineering attacks will grow more nuanced, targeting emotional and psychological vulnerabilities.

Cybersecurity 52

Cybersecurity IoT Artificial Intelligence Social Engineering 52

Digital Shadows

JANUARY 14, 2025

To gain access to internal networks, Akira targeted local accounts with disabled multifactor authentication (MFA) and SonicOS firmware versions vulnerable to exploitation, often exposed to the internet for virtual private network (VPN) access.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

eSecurity Planet

APRIL 30, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. This years theme (Many Voices. This years updates: Complete lifecycle support for passwordless security.

Cybersecurity 62

Cybersecurity Mobile Artificial Intelligence Phishing 62

Security Boulevard

JANUARY 29, 2025

Top ransomware predictions for 2025Prediction 1: AI-powered social engineering attacks will surge and fuel ransomware campaignsIn 2025, threat actors will increasingly use generative AI (GenAI) to conduct more effective social engineering attacks. A top emerging AI-driven trend is voice phishing (vishing).

Ransomware 59

Ransomware Social Engineering Architecture Risk 59

Security Affairs

FEBRUARY 9, 2025

Here’s how data awareness can help HTTP Client Tools Exploitation for Account Takeover Attacks Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested Whos Behind the Seized Forums Cracked & Nulled?

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Anton on Security

JANUARY 22, 2025

My favorite quotes from the report followbelow: Nearly half (46.4%) of the observed security alerts were due to overprivileged service accounts. As I said in other THR blogs, the main news here is that there is no news; a lot of cloud security problems in 2025 are 2020 problems, at best. These attacks accounted for 17.1%

Passwords 130

Passwords Social Engineering Cybersecurity Accountability 130

eSecurity Planet

MAY 1, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. This years theme (Many Voices. This years updates: Complete lifecycle support for passwordless security.

Cybersecurity 57

Cybersecurity Mobile Phishing Artificial Intelligence 57

CyberSecurity Insiders

MARCH 16, 2023

But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks recorded in a 2nd quarter of 2022. trillion by 2025, and among the guestimate, half of the amount is expected to be made through phishing targeting mobiles and tablets.

Cybercrime 94

Cybercrime Social Engineering Mobile Spyware 94

BH Consulting

MARCH 28, 2025

Phishing accounted for 35 per cent of compromises. Using valid accounts (27%) and social engineering (13%) both went up from 2023, showing the importance of managing access to accounts. Sign up here The post Security Roundup March 2025 appeared first on BH Consulting.

Phishing 52

Phishing Passwords Social Engineering Small Business 52

The Last Watchdog

JULY 13, 2023

trillion by 2025, a 300% increase since 2015 1. Bantick “As the MOVEit hack has proved, the bad actors are always looking for new ways to attack with tactics ranging from third party supplier attacks to more sophisticated social engineering and phishing attack techniques.

Cyber Risk 189

Cyber Risk Risk Insurance Energy and Utilities 189

Digital Shadows

FEBRUARY 19, 2025

Attack Lifecycle Figure 1: Timeline of the attack cycle from phishing to exfiltration Initial Access To gain entry into the organizations network, the threat actor used social engineering and end-user manipulation. Disable User: This Playbook disables the account used to create the scheduled tasks to stop further malicious activity.

Phishing 112

Phishing Accountability Social Engineering Data breaches 112