Malwarebytes

APRIL 2, 2023

Apple fixes actively exploited vulnerability and introduces new features Steer clear of this EE phish that wants your card details 3 tips to raise your backup game 3 tips for creating backups your organization can rely on when ransomware strikes Stay safe!

Backups 93

Backups DDOS Ransomware Cyber threats 93

Duo's Security Blog

NOVEMBER 20, 2023

Security professionals agree that passwords are low hanging fruit for cybercriminals and can even be the keys to the kingdom when the compromised passwords belong to privileged accounts. Add to this, the risks of weak authentication factors such as SMS one-time passcodes and dormant or inactive accounts.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 87

Phishing Spyware Banking Malware 87

Duo's Security Blog

DECEMBER 19, 2024

Phishing is still one of the most common attack vectors, and the holidays provide an especially appealing time to launch an attack thats been supercharged by modern natural language processing models and novel QR codes. No industry is spared this phishing season, though some are targeted more often than others.

Phishing 64

Phishing Authentication Social Engineering Passwords 64

SecureWorld News

SEPTEMBER 29, 2020

Office supply phishing cyberattack campaign. A federal judge just sentenced a Nigerian national to three years in prison for being part of a phishing ring that effectively stole office supplies so it could resell them. It turns out, cybercriminals would like that person's login credentials because they have value. government agencies.

Phishing 97

Phishing Government Cyber Risk Cybercrime 97

Duo's Security Blog

APRIL 23, 2025

New threat types such as push-bombing, social engineering, and spear phishing are forcing organizations to do more than rely on MFA alone. The Duo Mobile app allows users to easily download the app onto their devices, while a self-service portal also lets them manage their own accounts and devices, reducing help desk tickets and support time.

Authentication 59

Authentication Risk Social Engineering Accountability 59

Security Affairs

FEBRUARY 7, 2020

. “ Certfa Lab has identified a new series of phishing attacks from the Charming Kitten 1 , the Iranian hacking group who has a close relationship with Iran’s state and Intelligence services. As a result, this method makes it harder for different pages and sections of phishing websites to be exposed to the public.”

Phishing 117

Phishing Advertising Malware Media 117

SecureWorld News

OCTOBER 19, 2021

TAG reported that Iranian-government-backed actors, known as APT35 and by the aliases Rocket Kitten and Charming Kitten, are quickly picking up speed, especially when it comes to implementing slick phishing attacks. Developing advanced phishing techniques to lure victims. Rocket Kitten successfully attacks university website.

Phishing 98

Phishing Authentication Social Engineering Government 98

Security Boulevard

MARCH 21, 2025

77% of organizations have the overprivileged default Compute Engine service account configured in Google Vertex AI Notebooks which puts all services built on this default Compute Engine at risk. Prioritize vulnerability remediation by understanding which CVEs pose the greatest risk to your organization.

Risk 69

Risk IoT Cybersecurity Manufacturing 69

SecureList

MAY 27, 2022

The attackers are mainly interested in collecting data on user accounts, IP addresses and session information; and they steal configuration files from programs that work directly with cryptocurrency and may contain account credentials. You can find the recording of the webinar here and a summary/Q&A here. zip”).

Phishing 133

Phishing Spyware Firmware Malware 133

Duo's Security Blog

SEPTEMBER 1, 2023

Unlike passwords, passkeys are always strong and phishing resistant. Passkeys based on Webauthn are proven to be resistant to phishing, credential stuffing, adversary-in-the-middle (AITM), server breaches and may other cyberattacks. If you are new to passkeys, you can get up to speed with our primer: What Are Passkeys?

Passwords 133

Passwords Authentication Insurance Cyber Insurance 133

Security Boulevard

MAY 2, 2025

Specifically, CISA and USCG assessors had the most success gaining initial access, attaining network permanence, evading defenses and moving laterally by using valid accounts, phishing schemes and default credentials all simple attack methods. Maintain a comprehensive asset inventory, and keep software updated and patched.

52

52

Webroot

FEBRUARY 11, 2021

An impersonation attack recently made headlines with the 2020 Twitter/Bitcoin scam , in which 130 high-profile Twitter accounts were compromised by outside parties to steal bitcoin. This is why a multi-layered approach that can block phishing sites (including HTTPS) in real time, is key for staying safe. Who is the Impersonator?

Scams 119

Scams Phishing Firewall Social Engineering 119

Digital Shadows

AUGUST 17, 2021

What is Phish(ing)? But, never mind the dozens of other reports and white papers about phishing that come out every year from security industry leaders, let’s take a look at the 2021 Verizon DBIR. Why should I care about Phish? The reason why phishing is still reigning supreme?

Phishing 52

Phishing Accountability Social Engineering Mobile 52

Duo's Security Blog

FEBRUARY 6, 2024

Reducing the risk of identity-based attacks Picture a scenario where an attacker acquires a list of dormant accounts, performs credential-stuffing, and gets the necessary credentials to log-in. Stay tuned!

Accountability 119

Accountability Authentication Risk Marketing 119

CyberSecurity Insiders

APRIL 10, 2023

“In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. These attacks have become more complex and challenging to detect, leading to increased instances of data breaches, account takeovers, and impersonation attacks.

Identity Theft 105

Identity Theft Education Authentication Data breaches 105

Duo's Security Blog

MAY 6, 2024

The security industry has diligently battled compromised credentials, evolving from passwords to multifactor authentication (MFA) to passwordless — our most secure and phishing-resistant method to date — and one that is fully supported in Duo. Despite these advancements, we still see many identity-based breaches year over year.

Authentication 95

Authentication Accountability VPN Phishing 95

Thales Cloud Protection & Licensing

MARCH 12, 2025

The newly introduced SafeNet eToken Fusion NFC PIV enables passwordless, phishing-resistant authentication across a wide range of devices. Comply with the most stringent requirements in your market Regulated markets often face stringent guidelines to ensure security, accountability, and transparency. Want to know more?

Passwords 71

Passwords Authentication Digital transformation Government 71

Security Boulevard

JULY 6, 2023

It's no secret that the bad guys are training their artificial intelligence (AI) engines to crack passwords, perform account takeovers (ATO), and automate their ransomware demands. Modern solutions need to take into account the new behavioral situation of the user and allow some flexibility – for a defined period of time.

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

Duo's Security Blog

OCTOBER 18, 2021

Recently, while co-hosting a webinar that kicked off Cybersecurity Awareness Month, a panelist commented that cybersecurity and privacy are team sports on a campus, much like our athletic teams. The use of phishing to take over user accounts as a first step to gain access to a campus for a ransomware attack has been making the headlines.

Insurance 97

Insurance Education Risk Cyber Insurance 97

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

Security Holes Weak Initial Authentication : Relying on less secure methods such as username/password combinations or SMS one-time passwords (OTPs) for FIDO authenticator registration exposes the system to phishing attacks, account takeovers, and fraudulent activities. PIN Length : The FIDO 2.0 Want to know more?

Authentication 71

Authentication Passwords Marketing Risk 71

Security Boulevard

SEPTEMBER 20, 2024

Specifically, CISA and USCG assessors had the most success gaining initial access, attaining network permanence, evading defenses and moving laterally by using valid accounts, phishing schemes and default credentials – all simple attack methods. Maintain a comprehensive asset inventory, and keep software updated and patched.

Cybersecurity 97

Cybersecurity IoT Hacking Risk 97

Duo's Security Blog

JULY 6, 2023

Multiple account or credential compromise is the norm This result is surprising, but it’s not entirely new. Also, be sure to register for the state of Passwordless in the Enterprise webinar with Jack Poller and I on July 19th at 1:00pm EDT. Jack will discuss key result from the survey and share his extensive industry experience.

Authentication 100

Authentication Passwords Risk Technology 100

Security Boulevard

FEBRUARY 14, 2022

ForgeRock's enterprise CIAM solution also offers a user-friendly privacy and consent dashboard that enables your customers to manage their data privacy settings, along with the ability to safely share their data with third-parties, such as family members, physicians, accountants, and so on. Learn More In Our Webinar.

Passwords 97

Passwords Retail Digital transformation Risk 97

Security Boulevard

JULY 21, 2023

It comprises technologies and best practices to protect against unauthorized access, account takeover, credential misuse, privilege escalation, and other malicious activities that target user accounts and credentials. These changes may include the creation of unusual accounts or registering new authentication devices.

Threat Detection 98

Threat Detection Passwords Authentication Accountability 98

NopSec

FEBRUARY 15, 2017

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? In today’s post, we share information with the goal that it will help everyone in your organization protect themselves from phishing attacks.

Phishing 40

Phishing Social Engineering Engineering Healthcare 40

Duo's Security Blog

MARCH 9, 2022

As a foundation of a zero trust security model, MFA can assist with mitigating cyberattacks that target user passwords and accounts, such as phishing, credential theft, keyloggers and brute-force attacks. This insight allows you to observe access patterns, review risky logins, and investigate compromised accounts.

Cybersecurity 98

Cybersecurity Passwords Authentication VPN 98

Duo's Security Blog

SEPTEMBER 6, 2023

Be sure to tune into our webinar, The State of Passkeys in the Enterprise , on September 7th at 9am PST | 12pm EST. Passkeys on Cloud Platforms Passkeys have growing support from significant vendors. And when users re-use passwords across different websites, they risk password spraying attacks and put all of their accounts at risk.

Passwords 105

Passwords Password Management Authentication Threat Detection 105

Security Affairs

JULY 9, 2019

Zoom is the leader in enterprise video communications, it is one of the most popular and reliable cloud platform for video and audio conferencing, chat, and webinars. . All the attacker need to do is to create an invite link through his account on the Zoom website and embed it on a website as an image tag or using an iFrame.

Software 103

Software Advertising Hacking Accountability 103

Security Affairs

OCTOBER 5, 2023

With over 100,000 exposed invoices, this situation highlights the vulnerability that can allow anyone with an internet connection to see who are Really Simple System’s customers, how much they are spending, their storage plans, account numbers, and other information that was not intended to be public.

Data breaches 132

Data breaches B2B Education Risk 132

Security Boulevard

OCTOBER 4, 2024

1 - CISA to promote MFA, software updates, phishing protection during Cybersecurity Awareness Month October has arrived, and with it Cybersecurity Awareness Month, now in its 21st year. Protect all accounts that offer multifactor authentication (MFA) with this security method. Keep all your software updated.

Cybersecurity 69

Cybersecurity CISO Ransomware Technology 69

Jane Frankland

OCTOBER 17, 2023

By mid-year, there’s been a staggering 156% growth in the total number compared to the previous quarter, with a whopping 855 accounts worldwide being leaked every minute. Emphasising continuous education and providing access to resources like webinars and online courses further reinforce the importance of staying updated on security trends.

Security Awareness 124

Security Awareness Education Cybersecurity Data breaches 124

Webroot

FEBRUARY 5, 2025

Check out our recent webinar where we discuss passkeys How do passkeys work? This makes passkeys resistant to phishing, credential stuffing, and brute-force attacks. Enhanced security No passwords mean no risk of phishing attacks, password leaks, or brute-force attacks. Illustration: Google Ask a Techspert Pros of passkeys 1.

Authentication 60

Authentication Password Management Passwords Backups 60

Duo's Security Blog

NOVEMBER 6, 2023

Passwords that are easily detectable or reused often are vulnerable to phishing attacks. It’s also the foundation for a passwordless future, powering-up phishing resistance and user experience to defend against attackers. The problem with balancing many identities Conventional passwords create separate lines for each account.

Passwords 83

Passwords Authentication Risk Technology 83

CyberSecurity Insiders

JANUARY 19, 2022

Businesses try to build a secure online presence through blogs, webinars, training, and more. Phishing is one of the most common ways criminals gain entry to private data, sending email attachments that host malicious threats. The vocabulary of cybersecurity. Key financial attributes.

Insurance 99

Insurance Cybercrime Cybersecurity Phishing 99

Security Boulevard

JULY 20, 2023

They can also automate the process of eliminating over-provisioned access that enables attackers to use one compromised account to move laterally to higher-value targets. Organizations with AI-powered identity and access management can detect unexpected activity, stopping intruders in real time as they try to authenticate.

Artificial Intelligence 98

Artificial Intelligence Authentication Education Risk 98

McAfee

APRIL 14, 2020

Compromised credentials: Stolen or compromised credentials of users or administrators through various means such as phishing can result in data breaches by letting the adversaries get access to sensitive data of the organization stored in the cloud. For more information please join us for a webinar on May 20th.

Data breaches 55

Data breaches Risk Accountability Phishing 55