CSO Magazine

JULY 1, 2021

Despite advancements in anti-phishing techniques and employee training, phishing attacks are increasingly popular. After all, employees need to click on links to do their jobs, and social engineering makes phishing links difficult to identify. That’s because they work so well.

Phishing 112

Phishing Social Engineering Engineering 112

CSO Magazine

APRIL 7, 2022

Spear phishing definition. Spear phishing is a targeted email attack purporting to be from a trusted sender. In spear phishing attacks, attackers often use information gleaned from research to put the recipient at ease. To read this article in full, please click here

Phishing 101

Phishing Social Engineering Engineering Malware 101

CSO Magazine

MAY 25, 2021

Unfortunately, in some organizations, employees who fall victim to a social engineering ploy that leads to a ransomware attack are blamed for their actions. Social engineering attacks, like phishing emails, are common conduits of ransomware, and have become more sophisticated. Victim shaming is never OK.

Social Engineering 140

Social Engineering Engineering Ransomware Phishing 140

The Last Watchdog

MAY 5, 2022

Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. It’s quick to deploy and simple to operate. Let’s talk VPNs.

Ransomware 247

Ransomware Risk Internet Internet 247

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

CSO Magazine

SEPTEMBER 14, 2022

One of the most prolific state-sponsored Iranian cyber espionage groups is targeting researchers from different fields by setting up sophisticated spear-phishing lures in which they use multiple fake personas inside the same email thread for increased credibility. To read this article in full, please click here

Phishing 76

Phishing Social Engineering Engineering 76

CSO Magazine

NOVEMBER 21, 2022

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. Luna Moth removes malware portion of phishing callback attack. This malware element is synonymous with traditional callback phishing attacks.

Phishing 76

Phishing Malware Social Engineering Retail 76

CSO Magazine

AUGUST 10, 2022

By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems.

Social Engineering 106

Social Engineering Engineering Phishing 106

CSO Magazine

APRIL 2, 2023

Darktrace has announced a new upgrade to its Darktrace/Email product with enhanced features that defend organizations from evolving cyberthreats including generative AI business email compromise (BEC) and novel social engineering attacks. To read this article in full, please click here

Social Engineering 108

Social Engineering Engineering Phishing Accountability 108

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

CSO Magazine

NOVEMBER 5, 2021

User identities can be compromised through phishing, brute force, or simple abuse by malicious insiders. Once an identity or set of credentials is compromised, any data they have access to is at risk and the identity can be used as part of a social engineering or spear-phishing attack to access more privileged credentials.

Social Engineering 111

Social Engineering Phishing Data breaches Risk 111

CSO Magazine

SEPTEMBER 20, 2021

Any time an organization shifts an employee’s workspace and network usage, they may be less adept at identifying phishing attacks, social engineering or other security threats. Because employees are inundated with things to download and procedures to complete, a well-worded phishing attempt might slip through the cracks.

Social Engineering 109

Social Engineering Phishing Education Security Awareness 109

SecureWorld News

APRIL 10, 2023

The top security threat cited by respondents was software vulnerabilities and/or Zero-Days (53%), followed by phishing/social engineering threats (52%) and attacks targeting the supply chain (49%).

Data breaches 98

Data breaches CSO Social Engineering Cyber threats 98

CSO Magazine

APRIL 25, 2023

The company — focused on protecting enterprises from targeted email attacks, such as phishing , social engineering , and business email compromise — is also adding data ingestion from new sources to better its AI model, which maps user identity behavior. To read this article in full, please click here

Social Engineering 79

Social Engineering Threat Detection Engineering Phishing 79

CyberSecurity Insiders

JUNE 3, 2021

This breach, like every major ransomware attack, was likely because of spear phishing, where someone either received the malware via an emailed attachment or clicked on a link that took them to a website that hosted it. It triangulates my work and underscores its validity for solving the problem of spear phishing.

Cybersecurity 136

Cybersecurity Energy and Utilities Social Engineering Phishing 136

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. A dozen or more additional APIs come into play to activate each mobile app on a phone, so one handset alone typically relies on hundreds of APIs to fully function. And that’s just one phone.

Digital transformation 154

Digital transformation Software Data breaches Authentication 154

Security Boulevard

NOVEMBER 8, 2024

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections.

Phishing 49

Phishing Cybersecurity Ransomware Malware 49

eSecurity Planet

APRIL 27, 2023

The software supply chain issues identified … in OpenAI’s breach are not surprising, as most organizations are struggling with these challenges, albeit perhaps less publicly,” said Peter Morgan, who is the co-founder and CSO of Phylum.io, a cybersecurity firm that focuses on the supply chain.

Engineering 116

Engineering Risk CSO Software 116

SC Magazine

MARCH 10, 2021

Making matters worse, the cameras employ facial recognition technology, which leads to questions as to whether an attacker could actually identify individuals caught on camera and then pursue them as targets for social engineering schemes or something even more nefarious. When surveillance leads to spying.

Surveillance 129

Surveillance IoT Accountability Passwords 129

Security Boulevard

OCTOBER 18, 2024

Phishing is respondents’ top security concern, cited by 55%, followed by network intrusion and ransomware. The most common types of attacks were social engineering; malware; denial of service; and compromise of unpatched systems.

Cybersecurity 69

Cybersecurity CISO CSO Risk 69

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

eSecurity Planet

DECEMBER 3, 2021

Formerly on the FBI’s Most Wanted list, Kevin Mitnick is a crucial figure in the history of information security, including approaches to social engineering and penetration testing. Three-time winner of DEF CON’s Social Engineering Capture the Flag Contest, Rachel Tobac is a hacker and CEO of SocialProof Security.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

The Last Watchdog

DECEMBER 14, 2023

Richard Bird , CSO, Traceable AI Bird The bad guys are showing no restraint in exploiting API security weakness to their advantage. Meanwhile QR-code phishing arose as a popular form of attack. Cloud-native SIEM empowers organizations to effectively protect their valuable assets and data from an ever-growing array of cyber threats.

Cybersecurity 235

Cybersecurity Risk Cyber threats CSO 235

Jane Frankland

JANUARY 12, 2025

These groups are also shifting toward more human-centric exploits , like social engineering and insider assistance. An insider unknowingly clicking a phishing link or downloading a malicious file could leave the door wide open for attackers.

Cybersecurity 130

Cybersecurity CISO Insurance IoT 130