eSecurity Planet

SEPTEMBER 3, 2021

Cybercriminals are using Salesforce’s mass email service to dupe people into handing over credit card numbers, credentials and other personal information in a novel phishing campaign that highlights the threats to corporate networks that can come from whitelisted email addresses. Therein lies a key issue raised by the phishing campaign.

Phishing 142

Phishing Architecture Education Marketing 142

Security Boulevard

APRIL 18, 2023

Phishing attacks continue to be one of the most significant threats facing organizations today. As businesses increasingly rely on digital communication channels, cybercriminals exploit vulnerabilities in email, SMS, and voice communications to launch sophisticated phishing attacks.

Phishing 122

Phishing Social Engineering Education Retail 122

SecureList

JUNE 22, 2023

For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Phishing and a kit Recently we stumbled upon a Business Email Compromise (BEC) case, active since at least Q3 2022.

Phishing 130

Phishing Encryption Cybercrime Ransomware 130

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 119

Malware Advertising Antivirus Cybercrime 119

SecureWorld News

FEBRUARY 25, 2025

Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. From the report: "Generative AI is being used to create highly convincing phishing emails, fake voices, and even deepfake videosmaking social engineering attacks more difficult to detect.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95

Cisco Security

NOVEMBER 2, 2022

“ Cisco Duo simplifies the passwordless journey for organizations that want to implement phishing-resistant authentication and adopt a zero trust security strategy. Password management is a challenging proposition for many enterprises, especially in light of BYOD and ever increasing sophistication of phishing schemes.

Authentication 143

Authentication Passwords Phishing Mobile 143

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . PerSwaysion is a highly-targeted phishing campaign. New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours.

Phishing 136

Phishing Accountability Financial Services Cloud Migration 136

Duo's Security Blog

APRIL 20, 2023

Through the first two months of 2023 alone, the Australian Competition and Consumer Commission’s Scamwatch reported more than 19,000 phishing reports with estimated financial losses of more than $5.2 What is phishing? This is part of what makes phishing attacks so dangerous.

Phishing 106

Phishing Social Engineering Authentication Engineering 106

Security Boulevard

APRIL 20, 2022

Download your free copy of the 2022 ThreatLabz Phishing Report, and check out our infographic. For decades, phishing has been a complex and time-consuming challenge for every security team. Avoiding the latest breed of phishing attacks requires heightened awareness from users, additional context, and a zero trust approach.

Phishing 115

Phishing Retail Risk Architecture 115

Duo's Security Blog

DECEMBER 6, 2022

Stronger factors significantly improve the user experience and mitigate the risk of phishing , stolen credentials, and man-in-the-middle (MiTM) attacks. A generated credential only works for the application or website it was created for, decreasing risk of being phished through fraudulent sites. a fingerprint reader).

Architecture 121

Architecture Authentication Passwords Technology 121

Security Affairs

AUGUST 17, 2020

Now experts from CISA are warning of phishing messages delivering weaponized Microsoft Word documents that contain malicious Visual Basic Application (VBA) macro code. Government experts warn that macro code could change the font color to trick the victim into enabling content and determine the system architecture. Pierluigi Paganini.

Phishing 137

Phishing Malware Advertising Architecture 137

Schneier on Security

AUGUST 30, 2019

Abstract: Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. And there are no security mechanisms that can deal with malicious enclaves, because the designers couldn't imagine that they would be necessary. The results are predictable.

Malware 251

Malware Architecture Encryption Phishing 251

IT Security Guru

JANUARY 9, 2025

Cybercriminals weaponise AI to speed up and scale traditional attack tactics, such as phishing and password cracking, while also creating entirely new forms of cyber threats. Organisations should prioritise solutions built on zero-trust and zero-knowledge architectures for maximum security, privacy and control.

Cybersecurity 113

Cybersecurity Cyber threats Architecture Digital transformation 113

Security Affairs

AUGUST 7, 2022

Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused open redirects on the websites of Snapchat and American Express as part of a phishing campaign targeting Microsoft 365 users. com open redirect. Pierluigi Paganini.

Phishing 112

Phishing Architecture Hacking Accountability 112

SecureWorld News

FEBRUARY 20, 2025

Experts warn that organizations must act decisively to protect against this growing threat by implementing Zero Trust architectures, patching vulnerabilities, and strengthening identity security. Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts. Use Privileged Access Management (PAM) solutions.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Anton on Security

JUNE 17, 2022

Take care of the assumptions and check for where you are starting up (Dealing with phishing? Thanks to Google SOAR Solution Architecture Manager Oleg Siminel , and others from the Siemplify field team, for their support here. Too many SIEM alerts? Using SOAR as case management?)

Architecture 246

Architecture Technology Phishing 246

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption 98

Encryption Phishing Accountability Authentication 98

The Hacker News

MAY 13, 2024

From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture

Architecture 116

Architecture Cyber Attacks Phishing Accountability 116

Security Boulevard

MARCH 20, 2025

ThreatLabz researchers demonstrated how DeepSeek can be manipulated to quickly generate phishing pages that mimic trusted brands. generated phishing campaigns: A ThreatLabz case study demonstrates how DeepSeek can create a phishing page in just five prompts.AI-driven

Social Engineering 76

Social Engineering Phishing Risk Insurance 76

The Last Watchdog

NOVEMBER 8, 2021

Access controls are the nexus of security and the expanding perimeter, and zero trust is the architecture that encompasses it. Zero trust is an all-inclusive security and privacy architecture. The network security perimeter is dynamically created and policy-based, and must be guarded by secure and highly managed access controls.

Healthcare 268

Healthcare Technology Architecture IoT 268

The Last Watchdog

JANUARY 30, 2025

This allows the attacker to gain full control over the victims browser to disable security features, install additional malicious extensions, exfiltrate data and even silently redirect users to phishing sites. This attack is extremely potent as there is no visual difference between a managed and unmanaged browser.

Social Engineering 130

Social Engineering Engineering Authentication Media 130

eSecurity Planet

NOVEMBER 6, 2024

Strengthen IT Infrastructure Evaluate your existing security architecture to ensure it can withstand modern cyberthreats. Cybersecurity awareness training helps staff recognize phishing scams , social engineering attempts, and other threats. Here are some essential steps every business can consider to safeguard against cyberthreats: 1.

Ransomware 115

Ransomware Authentication Identity Theft Penetration Testing 115

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. Some infection routines do not check the architecture.

Malware 143

Malware Encryption Architecture Phishing 143

Security Boulevard

FEBRUARY 10, 2025

As phishing attacks continue to evolve, so should our defenses. Phishing predictions for 2025In our ThreatLabz 2024 Phishing Report, we shared the following key predictions for the year to come: Prediction 1: AI vs. AI will be an enduring challengeEnhanced AI capabilities increase the speed, scale, and automation of cyberattacks.

Phishing 64

Phishing Mobile Encryption Social Engineering 64

SecureWorld News

JANUARY 21, 2025

CISOs must stay ahead by adapting strategies, embracing innovations like zero-trust architectures, and continuously updating defenses to address emerging threats. Just as an uninformed homeowner might misuse pest spray, an untrained employee is more likely to fall victim to phishing or social engineering attacks.

CISO 111

CISO Cybersecurity Cyber threats Education 111

CyberSecurity Insiders

MAY 7, 2023

Like any other network, 5G networks are vulnerable to various types of cyber attacks, such as distributed denial-of-service (DDoS) attacks, phishing attacks, and malware infections. Furthermore, 5G networks are designed with security in mind from the outset, incorporating security features into the network architecture and protocols.

Cyber Attacks 123

Cyber Attacks Architecture Technology DDOS 123

The Last Watchdog

DECEMBER 12, 2023

Implementing a Zero Trust architecture involves verifying every attempt to access the system. Supply-chain attacks, new zero-day attacks, insider risk and improved phishing leads to an onslaught of breaches. Phishing attacks driven by ChatGPT will be harder than ever to detect.

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Thales Cloud Protection & Licensing

MARCH 18, 2025

Robust Authentication Offers phishing-resistant MFA options (e.g., Future-Proof Solution : Modular architecture ensures scalability for evolving regulatory requirements. Secure Access Management Enforces granular access controls based on user roles and context, ensuring only authorized personnel can access PHI.

Healthcare 62

Healthcare Encryption Authentication Penetration Testing 62

Cisco Security

AUGUST 17, 2021

Now mix in architectural changes that support cloud productivity suites like Microsoft 365 and Google’s G-Suite to accelerate your business to cloud-based email security services. When it comes to safeguarding email against today’s advanced threats like phishing and malware information is power.

Phishing 145

Phishing Technology Malware Authentication 145

SecureWorld News

SEPTEMBER 30, 2024

The cybercriminals behind Storm-050 employ advanced social engineering techniques, including phishing emails to trick victims into granting access to internal systems. Tiquet continued: "One of the most important steps is adopting a zero trust architecture. Use multi-factor authentication to prevent unauthorized access.

Ransomware 116

Ransomware Social Engineering Healthcare Phishing 116

Security Affairs

AUGUST 18, 2024

This extortion campaign involved several security failures, including exposing environment variables, using long-lived credentials, and the lack of a least privilege architecture. This indicates that these threat actor groups are both skilled and knowledgeable in advanced cloud architectural processes and techniques.”

Architecture 141

Architecture Internet Internet Media 141

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. The attack chain employed in the campaign starts with phishing emails sent from spoofed email addresses.

Accountability 98

Accountability Phishing Authentication Architecture 98

Security Affairs

MAY 16, 2020

Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. malware file (either “qnodejs-win32-ia32.js”

Malware 140

Malware Phishing Advertising Antivirus 140

The Last Watchdog

APRIL 17, 2023

Unfortunately, many organizations fail to educate their employees on the importance of cyber hygiene, leaving them vulnerable to phishing scams, malware infections, data breaches, and other cyber attacks. Tick-in-the-box training. Spotty patching. Vulnerability management is another key consideration when it comes to security.

Risk 218

Risk Cybersecurity Data breaches Cyber Attacks 218

Security Boulevard

OCTOBER 18, 2024

Chris Clements, VP of Solutions Architecture Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an organization suffering a breach.

Cybersecurity 72

Cybersecurity CISO Architecture Phishing 72

Javvad Malik

SEPTEMBER 23, 2022

A blend of newer buildings mixed in with some very old architecture, overlaid with some tasteful (and not so tasteful) graffiti. Anyway, back in the hall, the session started and i joined as we're being told about a phishing attack and 2fa bypass @bsidesTLL. The walk from the hotel to the venue, was short, but scenie.

Phishing 182

Phishing Architecture Education Banking 182

Cisco Security

DECEMBER 8, 2022

While much of the spam circulating is innocuous, many emails are phishing attempts, and some are indeed malicious. What they may not be aware of, is that they have just given their credit card details away in a phishing scam. Image 10 – Steps in package delivery phishing scam. A word of caution. Your package is in route.

Scams 145

Scams Phishing Malware Internet 145