CISO, Network Security and Social Engineering

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Security Boulevard

JANUARY 9, 2025

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

CISO

CISO Phishing Accountability Social Engineering

UnitedHealth Hires Longtime Cybersecurity Executive as CISO

Security Boulevard

OCTOBER 31, 2024

UnitedHealth Group, which is still picking up the pieces after a massive ransomware attack that affected more than 100 million people, hired a new and experienced CISO to replace the previous executive who became a target of lawmakers for having no cybersecurity background.

CISO

CISO Cybersecurity Ransomware Social Engineering

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

The Last Watchdog

MARCH 4, 2024

Nonprofits can bolster their network security by insisting on strong login credentials. In a 2023 survey, 30% of CISOs named insider threats one of the biggest cybersecurity threats for the year. Social engineering: These attacks exploit human error to gain unauthorized access to organizational systems.

Social Engineering

Social Engineering Risk Cybersecurity Authentication

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

A foundational approach to cybersecurity empowers CISOs to see abnormalities and block threats before they do damage. By increasing visibility into DNS traffic, CISOs can detect, block, and respond to incidents more quickly as well as use this data to institute new controls and increase overall resiliency.

DNS

DNS Cybersecurity CISO Social Engineering

Red Team vs Blue Team vs Purple Team: Differences Explained

eSecurity Planet

FEBRUARY 21, 2023

Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three. Blue teams consist of security analysts, network engineers and system administrators.

Social Engineering

Social Engineering Penetration Testing Engineering Risk

‘The people’ of cybersecurity are its greatest strength and weakness

SC Magazine

MAY 17, 2021

Zero-day threats, phishing and social engineering attacks with associated ransomware are among the most persistent threats today’s CISOs and security teams face. For more information on how you can partner with CRA Business Intelligence, please contact Dave Kaye, Chief Revenue Officer.

Cybersecurity

Cybersecurity Social Engineering Risk CISO

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

Security Boulevard

OCTOBER 4, 2024

Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks! Today, the story looks very different, as job turnover rates for CISOs have dropped significantly. However, they were in the minority.

Cybersecurity

Cybersecurity CISO Ransomware Technology

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Last week’s RSA Conference covered a litany of network security vulnerabilities, from developing more robust tokenization policies and to addressing UEFI-based attacks, and non-endpoint attack vectors. As of now, the information security industry is at the outset of implementing SBOM for software products.

Software

Software DNS Firmware VPN

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk

Risk Hacking Government Digital transformation

How to Prepare Your Workforce for the Deepfake Era

Security Boulevard

JULY 22, 2024

The post How to Prepare Your Workforce for the Deepfake Era appeared first on Security Boulevard. Of all of the AI-powered weapons, the one that your employees may be the least equipped to resist is deepfake technology.

Technology

Technology Social Engineering Engineering CISO

Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’

Security Boulevard

APRIL 5, 2022

The post Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’ appeared first on Security Boulevard. Hackers have stolen a mother lode of personal data from Intuit’s email marketing operation, Mailchimp.

Hacking

Hacking Marketing Social Engineering CISO

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Security Boulevard

FEBRUARY 20, 2023

The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard. GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware.

Hacking

Hacking Malware Social Engineering CISO

Experian FAILs yet Again — Hackers can Change Your Email Address

Security Boulevard

JULY 12, 2022

The post Experian FAILs yet Again — Hackers can Change Your Email Address appeared first on Security Boulevard. Credit reporting agency Experian has a nasty vulnerability. Why do we put up with this?

Identity Theft

Identity Theft Social Engineering Authentication CISO

Oops! Meta Security Guards Hacked Facebook Users

Security Boulevard

NOVEMBER 18, 2022

Meta Security Guards Hacked Facebook Users appeared first on Security Boulevard. Facebook parent Meta has disciplined or fired at least 25 workers for allegedly hacking into user accounts. The post Oops!

Hacking

Hacking Accountability Social Engineering CISO

Warning: N. Korean Job Scams Push Trojans via LinkedIn

Security Boulevard

OCTOBER 1, 2022

Korean Job Scams Push Trojans via LinkedIn appeared first on Security Boulevard. Hey, hey, DPRK, how many people will you scam today? The post Warning: N.

Scams

Scams Social Engineering CISO Engineering

‘Extraordinary, Egregious’ Data Breach at House and Senate

Security Boulevard

MARCH 10, 2023

The post ‘Extraordinary, Egregious’ Data Breach at House and Senate appeared first on Security Boulevard. Capitol Trouble: Senators, representatives and staffers suffer PII leak. Could it finally kickstart some action?

Data breaches

Data breaches Social Engineering Insurance CISO

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

Security Boulevard

OCTOBER 26, 2021

Says it’s Microsoft’s Fault appeared first on Security Boulevard. Microsoft has issued another of its “look how clever we are” writeups of detecting APT29 hackers. But the U.S. government sees it differently. The post New Russian Hacks Revealed—but U.S.

Hacking

Hacking Government Social Engineering CISO

Chinese Tech: Banned in DC, but not in the States

Security Boulevard

OCTOBER 31, 2022

The post Chinese Tech: Banned in DC, but not in the States appeared first on Security Boulevard. There’s a massive loophole in the federal ban on Chinese technology from sus firms such as Huawei and ZTE: It doesn’t stop states from buying it.

Technology

Technology Social Engineering CISO IoT

Reducing Human Error Security Threats with a Remote Workforce

Security Boulevard

MARCH 24, 2021

The Cybersecurity Cost of Human Error While many security executives agree that ransomware poses the greatest threat to security infrastructure, a majority believes that human error is the greatest risk to their business operations. These five strategies can help you reduce human error security threats: 1.

Education

Education Risk VPN Social Engineering

Reddit Hacked — 2FA is no Phishing Phix

Security Boulevard

FEBRUARY 10, 2023

The post Reddit Hacked — 2FA is no Phishing Phix appeared first on Security Boulevard. Reddit got hacked with a “sophisticated” spear phishing attack. The individual victim was an employee who clicked the wrong email link.

Phishing

Phishing Hacking Social Engineering CISO

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

This course covers a broad range of security topics, explaining it with a simple language. Here are only seven out of 26 topics: Insider threats Passwords Security of mobile devices Social engineering Viruses Email security Human error To start the course, you need to register and choose the type of account you need.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

Understand Your Staff: How Insiders Shape Defenses

Security Boulevard

FEBRUARY 26, 2021

This vastly increased mobility, cloud computing and social networking usage; in some cases, this transition occurred before companies and staff were fully prepared. Enterprises and their staff dealt with a lot of change in 2020. The pandemic and resulting lockdowns forced organizations to allow staff to work from home.

Mobile

Mobile Social Engineering CISO Engineering

LockBit Victim? Ask FBI for Your Ransomware Key

Security Boulevard

JUNE 7, 2024

Ask FBI for Your Ransomware Key appeared first on Security Boulevard. Spy warez: Assistant director of the FBI’s Cyber Division Bryan Vorndran (pictured) might have the key to unscramble your files. The post LockBit Victim?

Ransomware

Ransomware Social Engineering Data privacy CISO

OPSEC FAIL: US Military Email Going to Mali — via Typo

Security Boulevard

JULY 17, 2023

The post OPSEC FAIL: US Military Email Going to Mali — via Typo appeared first on Security Boulevard. MX Mixup: Russian-allied government can intercept “highly sensitive information”—because there’s no “I” in.ML

Government

Government Social Engineering CISO Engineering

Do You Want Secure Supply Chains? SHOW ME THE MONEY

Security Boulevard

MAY 16, 2022

The Open Source Security Foundation and Linux Foundation have a plan to fix our broken software supply chains. The post Do You Want Secure Supply Chains? SHOW ME THE MONEY appeared first on Security Boulevard. Benjamins needed.

Software

Software Social Engineering IoT CISO

Microsoft’s Legal Head: U.S. must Stop Secret Gag Orders

Security Boulevard

JUNE 16, 2021

must Stop Secret Gag Orders appeared first on Security Boulevard. Microsoft president and CLO Brad Smith says secretly subpoenaing data from cloud providers—blocking them from telling customers—must stop. The post Microsoft’s Legal Head: U.S.

Social Engineering

Social Engineering CISO IoT Engineering

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Encourage your key cyber professionals to develop first-rate security awareness training materials for employees and executive staff.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

‘All of Sony’ Hacked, Claims Ransomed.vc Group

Security Boulevard

SEPTEMBER 26, 2023

Group appeared first on Security Boulevard. Hackers Play in Sony’s World: If true, Sony might have to push the RESET button (again). The post ‘All of Sony’ Hacked, Claims Ransomed.vc

Hacking

Hacking Social Engineering CISO Data privacy

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

We didn't have enough computer security experts at universities to teach it. A lot of universities, their curriculum starts with: here's a whole bunch of different areas of security. There's network security, software security, crypto, and then they go through the list of problems people have encountered throughout history.

Software

Software IoT Manufacturing Hacking

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

We didn't have enough computer security experts at universities to teach it. A lot of universities, their curriculum starts with: here's a whole bunch of different areas of security. There's network security, software security, crypto, and then they go through the list of problems people have encountered throughout history.

Software

Software IoT Manufacturing Hacking

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

ForAllSecure

APRIL 30, 2020

We didn't have enough computer security experts at universities to teach it. A lot of universities, their curriculum starts with: here's a whole bunch of different areas of security. There's network security, software security, crypto, and then they go through the list of problems people have encountered throughout history.

Software

Software IoT Manufacturing Hacking

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

It was the summer cyberattack that had social media buzzing. A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. As a teenager, he discovered that social engineering was a trick that worked. "I You could lose your data.'.

Social Engineering

Social Engineering Media Scams Financial Services

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

SecureWorld News

DECEMBER 27, 2024

It will likely become necessary for defenders to deploy their own agentic AI bots, culminating in constant AI vs. "The rising use of multi-agent systems will introduce new attack vectors and vulnerabilities that could be exploited if they arent secured properly from the start. What the Practitioners Predict Jake Bernstein, Esq.,

Cybersecurity

Cybersecurity Education Risk CISO

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. Christine Bejerasco, CISO of WithSecure , expands that “in the physical dimension, poisoning the well could impact communities in the area.

Cybersecurity

Cybersecurity CISO Government Technology

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

These groups are also shifting toward more human-centric exploits , like social engineering and insider assistance. CISO Perceptions A critical blind spot for CISOs and cyber risk owners is the divergence in perceptions of their security stack’s effectiveness between leadership and technical teams.

Cybersecurity

Cybersecurity CISO Insurance IoT

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

UnitedHealth Hires Longtime Cybersecurity Executive as CISO

Webinars

Trending Sources

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

Webinars

A Reactive Cybersecurity Strategy Is No Strategy at All

Red Team vs Blue Team vs Purple Team: Differences Explained

‘The people’ of cybersecurity are its greatest strength and weakness

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

The Biggest Lessons about Vulnerabilities at RSAC 2021

Sisense Hacked: CISA Warns Customers at Risk

How to Prepare Your Workforce for the Deepfake Era

Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Experian FAILs yet Again — Hackers can Change Your Email Address

Oops! Meta Security Guards Hacked Facebook Users

Warning: N. Korean Job Scams Push Trojans via LinkedIn

‘Extraordinary, Egregious’ Data Breach at House and Senate

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

Chinese Tech: Banned in DC, but not in the States

Reducing Human Error Security Threats with a Remote Workforce

Reddit Hacked — 2FA is no Phishing Phix

7 Cyber Security Courses Online For Everybody

Understand Your Staff: How Insiders Shape Defenses

LockBit Victim? Ask FBI for Your Ransomware Key

OPSEC FAIL: US Military Email Going to Mali — via Typo

Do You Want Secure Supply Chains? SHOW ME THE MONEY

Microsoft’s Legal Head: U.S. must Stop Secret Gag Orders

Cyber Security Awareness and Risk Management

‘All of Sony’ Hacked, Claims Ransomed.vc Group

Decipher Security Podcast With ForAllSecure CEO David Brumley

Decipher Security Podcast With ForAllSecure CEO David Brumley

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

5 Major Cybersecurity Trends to Know for 2024

Key Cybersecurity Trends for 2025. My Predictions

Stay Connected