CISO and Phishing - Cyber Security Informer

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Security Boulevard

JANUARY 9, 2025

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

CISO

CISO Phishing Accountability Social Engineering

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. In a significant victory against cybercrime, U.S. According to the U.S.

Phishing

Phishing Cybercrime Scams Authentication

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

As I was spraying Pestiea DIY pest spray subscription servicearound my home this weekend (sun's out, spray gun's out), I was thinking about the correlation of this home perimeter defense to what CISOs and their teams do to keep their organizations secure. CISO takeaway: Effective cybersecurity isn't a generic solution.

CISO

CISO Cybersecurity Cyber threats Education

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying. That’s the easy part.

Cyber threats

Cyber threats CISO IoT Phishing

What Your CISO Can Learn From Logan Paul vs Floyd Mayweather

Javvad Malik

JULY 7, 2021

Who cares about the CISO? Now contrast this with a CISO, or a security department within an organisation. What kind of relationship has that CISO formed with their audience? In the past year or so, we’ve seen many examples of simulated phishing attacks go wrong and anger employees. Conclusions.

CISO

CISO Phishing Media Security Awareness

CISOs discuss cybersecurity in the COVID-19 environment

Tech Republic Security

JULY 17, 2020

A digital panel discussion sponsored by MIT's Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk.

CISO

CISO Cybersecurity Phishing Risk

ProofPoint Phishing Attack Shows Why Every CISO Needs to Protect Against Brand Impersonation

Security Boulevard

NOVEMBER 9, 2021

A recent article on threatpost.com describes how researchers from Armorblox discovered a phishing campaign from bad actors impersonating the well-known security company Proofpong. These criminals targeted a global communications company with over 1,000 employees with a phishing email containing a link that led to a site that.

CISO

CISO Phishing

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

In my role, I regularly engage with CISOs in all kinds of sectors, representatives at industry bodies, and experts at analyst houses. This gives me an invaluable macroview not only of how the last 12 months have affected organizations and what CISOs are thinking about, but also how the upcoming year is shaping up.

CISO

CISO Insurance Cyber Insurance Phishing

University CISOs say zero trust is the best defense against the existential threat of phishing

Tech Republic Security

AUGUST 20, 2020

Stanford has replaced logins and passwords with a digital key to improve endpoint security.

CISO

CISO Phishing Passwords

3 Cybersecurity Goals for CISOs

Security Boulevard

MARCH 19, 2021

The post 3 Cybersecurity Goals for CISOs appeared first on Security Boulevard. Honestly, how many of us had, “I will do my best to avoid a global pandemic,” as a New Year’s resolution for 2020? That said, the chances that 2021 will be even more unpredictable are slim. So, we might as well indulge in setting.

CISO

CISO Cybersecurity Phishing Mobile

CISOs, boards not always on the same page

Tech Republic Security

OCTOBER 5, 2022

The post CISOs, boards not always on the same page appeared first on TechRepublic. Most boards of directors understand the risk, but many will not invest more in cybersecurity and have different concerns about the impact of a breach.

CISO

CISO Risk Cybersecurity Phishing

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities. AI will enable attackers to craft adaptive phishing campaigns, exploit SaaS vulnerabilities, and evade detection, lowering the skill barrier for cybercriminals.

Risk

Risk Threat Detection Technology Phishing

Next-Gen Protection Essential to Prevent Evolving Phishing Attacks

Security Boulevard

FEBRUARY 15, 2021

In early February, SlashNext debuted “Phish Stories,” a?videocast?and phishing attacks challenging businesses today.??? phishing attacks?— CISOs, CSOs and cybersecurity professionals.?? The post Next-Gen Protection Essential to Prevent Evolving Phishing Attacks first appeared on SlashNext. and podcast series?designed

Phishing

Phishing CISO Education Technology

Real-world Phishing Attack Highlights Why Every CISO Needs to Protect Against Brand Impersonation

Security Boulevard

JULY 6, 2023

When researchers from Armorblox discovered a phishing attack from bad actors impersonating the well-known security company Proofpoint, it set off alarm bells for a lot of organizations and security teams that weren’t actively safeguarding against phishing attacks.

CISO

CISO Phishing

Stopping Spear Phishing Attacks a Top Concern for CISOs

SecureWorld News

APRIL 10, 2021

Most organizations today have deployed some type of email security solution, but still miss phishing emails. Because phishing emails typically carry non-malicious payloads to avoid basic security controls, are easy to send, and provide one of the fastest ROIs for threat actors. Why, you might ask? In fact, 74% of U.S.

Phishing

Phishing CISO Passwords Ransomware

Cybersecurity Insights with Contrast CISO David Lindner | 8/30/24

Security Boulevard

AUGUST 30, 2024

Misaligned expectations, poor communication and even attempts to bury vulnerabilities create a frustrating and potentially dangerous situation for CISOs. Cybercriminals are constantly developing new techniques to bypass 2FA, such as SIM swapping, phishing attacks and exploiting vulnerabilities in authentication apps. The key takeaway?

CISO

CISO Cybersecurity Authentication Security Awareness

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

SecureWorld News

APRIL 23, 2025

As the report starkly states: "The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilitiesacross every single industry." Phishing accounted for nearly 25% of all breaches. Threat actors aren't brute-forcing their way inthey're logging in through the front door.

Ransomware

Ransomware CISO Backups Risk

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. Trezor WARNING: Elaborate Phishing attack. Trazor also took the phishing domain used by threat actors offline and launched an investigation to determine how many users have been impacted.

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

A CISO's Guide to a Good Night's Sleep

SecureWorld News

SEPTEMBER 30, 2020

It is a common feeling in the cybersecurity community that CISOs do not sleep well at night. CISOs worry about the latest incident, end of life technology in their environment, breaches in the news, insecure users and vendors, penetration testing results, budget and resources, and the latest vulnerability report (to name a few).

CISO

CISO Penetration Testing Technology Antivirus

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Balonis Frank Balonis , CISO, Kiteworks By 2025, 75% of the global population will be protected under privacy laws, including U.S. Taylor Howard Taylor , CISO, Radware The EU’s AI First regulation aims to protect individuals from AI-based profiling and decision-making.

Cybersecurity

Cybersecurity CISO Risk Government

What Is the NIST Phish Scale?

SecureWorld News

SEPTEMBER 24, 2020

The National Institute of Standards and Technology (NIST) recently developed a new method that will help prevent organizations and their employees from falling victim to phishing cyberattacks, which it calls the Phish Scale. A tool like the Phish Scale could be very useful for organizations in the fight against phishing.

Phishing

Phishing CISO Cybercrime Technology

Cybersecurity Insights with Contrast CISO David Lindner | 7/21

Security Boulevard

JULY 21, 2023

The tool — being sold on hacker forums and considered “ChatGPT’s evil cousin” — shows that cybercriminals are taking advantage of Large Language Models (LLMs) to produce detection-resilient cyberattacks and phishes. The post Cybersecurity Insights with Contrast CISO David Lindner | 7/21 appeared first on Security Boulevard.

CISO

CISO Cybersecurity Phishing

Cybersecurity Insights with Contrast CISO David Lindner | 8/26

Security Boulevard

AUGUST 26, 2022

Stop doing phishing tests against your employees (especially if it requires you to disable any security controls in your environment). Phishing assessments are demeaning and proven to not benefit the organizations security posture. Insight #3.

CISO

CISO Cybersecurity Phishing Software

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

Because no firewall, no AI-powered SOC, no quantum-proof encryption will save you if your employees keep clicking phishing emails, because let's face it. What if we thought like a psychologist, not just a CISO? it's WAY easier to hack minds than networks. The solution?

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

Hi-5 With A CISO Mário Fernandes, Banco BPI

Security Boulevard

MAY 30, 2021

The post Hi-5 With A CISO <br><br> Mário Fernandes, Banco BPI appeared first on CybeReady. The post Hi-5 With A CISO Mário Fernandes, Banco BPI appeared first on Security Boulevard. After serving as a navy officer and […].

CISO

CISO InfoSec Banking Cybersecurity

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. Amid a backdrop of increasingly sophisticated and frequent cyberattacks, APTs are a growing concern for CISOs and cyber risk owners.

Cyber Risk

Cyber Risk CISO Risk Encryption

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. Update, 7:25 p.m.

Phishing

Phishing Architecture Passwords Accountability

NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty

Webroot

OCTOBER 19, 2021

Earlier this year, the National Institute for Standards and Technology (NIST) published updated recommendations for phishing simulations in security awareness training programs. The thinking obviously being that letting users in on the phishing simulation game will heighten suspicion of their inbox and skew baseline results.

Phishing

Phishing Security Awareness Scams Social Engineering

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts. Cybersecurity awareness and incident response Train employees to recognize phishing attempts and social engineering. This highlights the importance of least-privilege access models and Just-in-Time (JIT) access controls to limit attack surfaces.

Ransomware

Ransomware IoT Encryption Social Engineering

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

SC Magazine

FEBRUARY 4, 2021

While technically part of the c-suite, CISOs historically received less attention within a company than your average CEO or chief financial officer. CISOs] are in more conversations, they’re asked for input,” said Leo Taddeo, chief security officer for Cyxtera. Our profile is certainly getting higher. Failure to communicate.

CISO

CISO Digital transformation Insurance Risk

CISOs report that ransomware is now the biggest cybersecurity concern in 2021

CyberSecurity Insiders

FEBRUARY 15, 2021

Spam and phishing emails increased in number even more rapidly than telecommuting, and company cybersecurity officers found themselves struggling to keep up. Phishing emails often came with a sinister sidekick – a ransomware attack. Read full post.

CISO

CISO Ransomware Cybersecurity Phishing

Defending Against Credential Phishing Starts by Protecting Your Users

SecureWorld News

MARCH 1, 2021

As the global pandemic continues to run rampant, CISOs are not only struggling to solve traditional cybersecurity challenges, but are faced with a new surge of pandemic themed phishing scams intended to deceive users and infiltrate organizations. How do I make my users more resilient to phishing scams?

Phishing

Phishing CISO Scams Social Engineering

Reddit Hacked — 2FA is no Phishing Phix

Security Boulevard

FEBRUARY 10, 2023

Reddit got hacked with a “sophisticated” spear phishing attack. The post Reddit Hacked — 2FA is no Phishing Phix appeared first on Security Boulevard. The individual victim was an employee who clicked the wrong email link.

Phishing

Phishing Hacking Social Engineering CISO

New data could help CISOs quantify the value of a strong security culture

SC Magazine

FEBRUARY 26, 2021

Phishing warning seen on Google Chrome when visiting a website that has been recognized as phishing website. The goal was to see if they could quantify the correlation between implementing a strong security culture and the reduction of unwanted phishing behaviors such as link clicking and credential sharing.

CISO

CISO Security Awareness Phishing InfoSec

Attackers create phishing lures with standard tools in Google Docs to steal credentials

SC Magazine

JUNE 17, 2021

” The attacker then uses the phishing lure to get the victim to “ Click here to download the document.” Once the victim clicks on the link, they are redirected to the actual malicious phishing website where their credentials are stolen through a web page designed to mimic the Google Login portal.

Phishing

Phishing Social Engineering Engineering CISO

CISOs, IT lack confidence in executives’ cyber-defense knowledge

CSO Magazine

JUNE 5, 2023

Asked to rate from 1 to 10 how confident they were in CEOs and executives’ abilities to know how to recognize a phishing email, only 28% of respondents were confident.

CISO

CISO Phishing

The Security Startup Ecosystem and the Trends Cisco is Watching

Cisco Security

JULY 21, 2021

Today, the Cisco Investments team released their 2021 CISO Survival Guide to Emerging Trends in the Startup Ecosystem. There is a wealth of insightful information for CISOs in this report. Because Zero Trust and XDR are integrated architectural outcomes, the majority of CISOs are anchoring their SASE strategies here.

CISO

CISO Phishing Architecture Marketing

A New Survey Shows that Two Out of Three Global CISOs Are Not Ready to Handle a Targeted Cyberattack

Heimadal Security

MAY 13, 2021

According to a new study conducted by the leading cybersecurity and compliance company Proofpoint, two-thirds of CISOs declared that their businesses are not prepared to face a targeted cyberattack.

CISO

CISO Information Security Cybersecurity DDOS

Deloitte-NASCIO Study: AI and Cyber Threats Reshape the Landscape

SecureWorld News

OCTOBER 2, 2024

CISOs report a growing focus on managing AI-generated vulnerabilities and addressing insider threats amplified by the misuse of advanced AI tools. On the other hand, malicious actors are leveraging AI for more sophisticated attacks, such as deepfakes and AI-enhanced phishing. Promote the CISO's role in digital transformation.

Cyber threats

Cyber threats CISO Digital transformation Artificial Intelligence

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This adoption brings us to the flip side of the generative AI coin: attackers are leveraging AI tools to elevate and automate phishing campaigns, craft extremely evasive malware, and reduce the development time of threats across the board. Let’s explore five predictions that should be top of mind for security leaders and organizations.

CISO

CISO Social Engineering Architecture Ransomware

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

The rise in personal liability for CISOs and executives (as seen in cases like the SolarWinds lawsuit) has increased focus on governance structures that provide clear oversight, accountability, and protection for decision-makers. Regulatory uncertainty: Global regulatory bodies have yet to establish clear AI governance standards.

Government

Government Cybersecurity Risk CISO

Social Engineering Attacks Hacking Humans Today

Security Boulevard

MARCH 6, 2021

Earlier this year, SlashNext debuted “Phish Stories,” a?videocast?and and podcast series during which cybersecurity experts discuss new zero-hour phishing attacks before a live audience of CISOs, CSOs and cybersecurity professionals.

Social Engineering

Social Engineering Engineering Hacking CISO

9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month

Dark Reading

OCTOBER 20, 2023

If we really want to move the dial on security habits, it's time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious.

CISO

CISO Phishing

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

The Last Watchdog

FEBRUARY 14, 2022

Which topics should CEOs, CIOs and CISOs have on their radar when it comes to Identity and Access Management ( IAM ) and cyber security risks in 2022? CIOs and CISOs looking to implement a modern approach should combine the Zero Trust strategy with a strong, hybrid IAM solution to sustainably limit access and protect their data and resources.

CISO

CISO Social Engineering Authentication Risk

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Operation Heart Blocker: International Police Disrupt Phishing Network

Webinars

Trending Sources

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

Webinars

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

What Your CISO Can Learn From Logan Paul vs Floyd Mayweather

CISOs discuss cybersecurity in the COVID-19 environment

ProofPoint Phishing Attack Shows Why Every CISO Needs to Protect Against Brand Impersonation

Nine Top of Mind Issues for CISOs Going Into 2023

University CISOs say zero trust is the best defense against the existential threat of phishing

3 Cybersecurity Goals for CISOs

CISOs, boards not always on the same page

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Next-Gen Protection Essential to Prevent Evolving Phishing Attacks

Real-world Phishing Attack Highlights Why Every CISO Needs to Protect Against Brand Impersonation

Stopping Spear Phishing Attacks a Top Concern for CISOs

Cybersecurity Insights with Contrast CISO David Lindner | 8/30/24

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

MailChimp breached, intruders conducted phishing attacks against crypto customers

A CISO's Guide to a Good Night's Sleep

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

What Is the NIST Phish Scale?

Cybersecurity Insights with Contrast CISO David Lindner | 7/21

Cybersecurity Insights with Contrast CISO David Lindner | 8/26

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

Hi-5 With A CISO Mário Fernandes, Banco BPI

Secure Communications: Relevant or a Nice to Have?

ConnectWise Quietly Patches Flaw That Helps Phishers

NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

CISOs report that ransomware is now the biggest cybersecurity concern in 2021

Defending Against Credential Phishing Starts by Protecting Your Users

Reddit Hacked — 2FA is no Phishing Phix

New data could help CISOs quantify the value of a strong security culture

Attackers create phishing lures with standard tools in Google Docs to steal credentials

CISOs, IT lack confidence in executives’ cyber-defense knowledge

The Security Startup Ecosystem and the Trends Cisco is Watching

A New Survey Shows that Two Out of Three Global CISOs Are Not Ready to Handle a Targeted Cyberattack

Deloitte-NASCIO Study: AI and Cyber Threats Reshape the Landscape

Top 5 Cyber Predictions for 2024: A CISO Perspective

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

Social Engineering Attacks Hacking Humans Today

9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

Stay Connected