CSO Magazine

MARCH 28, 2022

Blame it on pandemic fatigue, remote work or just too much information, but employees appear to be lowering their guard when it comes to detecting social engineering tricks. Attackers were more successful with their social engineering schemes last year than they were a year earlier, according to Proofpoint.

Social Engineering 97

Social Engineering Engineering Phishing 97

CSO Magazine

JANUARY 13, 2022

On January 5, 2022, the Department of Justice (DoJ) announced the FBI’s arrest of Italian citizen Filippo Bernardini at JFK International Airport in New York for wire fraud and aggravated identity theft.

Social Engineering 139

Social Engineering Identity Theft Engineering 139

CSO Magazine

OCTOBER 19, 2021

Whether it’s advanced phishing techniques, credential stuffing, or even credentials compromised through social engineering or breaches of a third-party service, credentials are easily the most vulnerable point in defending corporate systems. Get the latest from CSO by signing up for our newsletters. ]

Authentication 130

Authentication CSO Social Engineering Engineering 130

CSO Magazine

MARCH 21, 2022

Sign up for CSO newsletters. ]. 2012: Court Ventures gets social-engineered. Sometimes all it takes is some brazen misrepresentation and social engineering skills. Hopefully you'll come away with some ideas on how not to suffer a disaster of your own.

Social Engineering 113

Social Engineering CSO Engineering Data breaches 113

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO 59

CSO Risk Energy and Utilities Social Engineering 59

Security Boulevard

FEBRUARY 26, 2025

million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties. The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

CSO 59

CSO Data collection Data breaches Social Engineering 59

The Last Watchdog

MAY 5, 2022

Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. It’s quick to deploy and simple to operate. Let’s talk VPNs. Food for thought, eh!

Ransomware 247

Ransomware Risk Internet Internet 247

CSO Magazine

MAY 25, 2021

Unfortunately, in some organizations, employees who fall victim to a social engineering ploy that leads to a ransomware attack are blamed for their actions. Social engineering attacks, like phishing emails, are common conduits of ransomware, and have become more sophisticated. Victim shaming is never OK.

Social Engineering 140

Social Engineering Engineering Ransomware Phishing 140

CSO Magazine

NOVEMBER 2, 2021

Social engineering. Social engineering The easiest way for any hacker to break into any device is for the user to open the door themselves. Making that happen is easier said than done, of course, but it's the goal of most forms of social engineering attacks. 7 ways to hack a phone. Malvertising. Pretexting.

Social Engineering 137

Social Engineering Hacking Engineering Malware 137

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

CSO Magazine

SEPTEMBER 26, 2022

Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering , ransomware , and malware attacks continue to advance, exposing businesses to greater risk, according to a new report by cloud security company Zscaler. To read this article in full, please click here

Social Engineering 127

Social Engineering Engineering Risk Ransomware 127

CSO Magazine

NOVEMBER 25, 2021

While ransomware attacks emphasize how criminals monetize their ability to socially engineer individuals to click that link or attachment, nation states are quietly working to fleece the IP and gain foothold within targets of interest. To read this article in full, please click here

Social Engineering 129

Social Engineering CISO Engineering Ransomware 129

CSO Magazine

JULY 30, 2021

The education sector is a top target for cybercriminals, and faces “an unusually large percentage” of social engineering attacks, according to the 2021 Verizon Data Breach Investigations Report. The coronavirus pandemic, which spurred many individuals to study and work remotely, added to the industry’s challenges.

Social Engineering 128

Social Engineering Data breaches Education Engineering 128

CSO Magazine

APRIL 27, 2023

The five emerging cyber-attack vectors the speakers covered were adversarial AI, ChatGPT-powered social engineering, third-party developer, SEO, and paid advertising attacks. To read this article in full, please click here

Social Engineering 137

Social Engineering Cyber Attacks Advertising Engineering 137

CSO Magazine

APRIL 28, 2022

Most phishing attacks are less about the technology and more about social engineering. A key factor in protecting your business from phishing is to understand your vulnerabilities, weigh the potential risk to your business, and decide what tools offer the best protection to match your business needs. Why phishing is successful.

Phishing 136

Phishing Social Engineering Engineering Technology 136

CSO Magazine

MAY 22, 2023

BEC attacks stand apart in the cybercrime industry for their emphasis on social engineering and the art of deception,” said Vasu Jakkal, corporate vice president of security, in a blog post. Successful BEC attacks cost organizations hundreds of millions of dollars annually.”

Social Engineering 126

Social Engineering Cybercrime Engineering Cybersecurity 126

CSO Magazine

JANUARY 11, 2023

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.

Scams 127

Scams Phishing Social Engineering Engineering 127

CSO Magazine

FEBRUARY 18, 2022

Oh, and the bad guys go looking for these open doors using automated scanning tools, software exploits, social engineering scams, or anything else that works. Because every IT widget represents a potential entry point for cyber-adversaries. To read this article in full, please click here

Social Engineering 118

Social Engineering Scams Engineering Software 118

CSO Magazine

MARCH 9, 2022

This provides a "sign of life" confirmation to the bad actor establishing that the target account is valid and inclined to open malicious emails with social engineering content. To read this article in full, please click here

Social Engineering 126

Social Engineering Accountability Engineering Cybersecurity 126

CSO Magazine

APRIL 12, 2022

These attacks use social engineering techniques to trick the email recipient into believing that the message is something they want or need—a request from their bank, for instance, or a note from someone in their company—and to click a link or download an attachment. Phishing definition.

Phishing 120

Phishing Social Engineering Banking Engineering 120

CSO Magazine

JULY 1, 2021

After all, employees need to click on links to do their jobs, and social engineering makes phishing links difficult to identify. Despite advancements in anti-phishing techniques and employee training, phishing attacks are increasingly popular. That’s because they work so well.

Phishing 112

Phishing Social Engineering Engineering 112

CSO Magazine

APRIL 1, 2021

Phishing is a social attack, directly related to social engineering. Editor's note: This article, originally published on August 7, 2018, has been updated to include new information on phishing kit features. Commonly centered around email, criminals use phishing to obtain access or information.

Phishing 118

Phishing Social Engineering Engineering 118

CSO Magazine

AUGUST 10, 2022

By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems.

Social Engineering 106

Social Engineering Engineering Phishing 106

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

CSO Magazine

APRIL 2, 2023

Darktrace has announced a new upgrade to its Darktrace/Email product with enhanced features that defend organizations from evolving cyberthreats including generative AI business email compromise (BEC) and novel social engineering attacks.

Social Engineering 108

Social Engineering Engineering Phishing Accountability 108

SecureWorld News

APRIL 10, 2023

The top security threat cited by respondents was software vulnerabilities and/or Zero-Days (53%), followed by phishing/social engineering threats (52%) and attacks targeting the supply chain (49%).

Data breaches 98

Data breaches CSO Social Engineering Cyber threats 98

CSO Magazine

APRIL 7, 2022

Spear phishing messages are often crafted with care using pernicious social engineering techniques and are difficult to defend against with mere technical means. To read this article in full, please click here

Phishing 101

Phishing Social Engineering Engineering Malware 101

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. A dozen or more additional APIs come into play to activate each mobile app on a phone, so one handset alone typically relies on hundreds of APIs to fully function. And that’s just one phone.

Digital transformation 154

Digital transformation Software Data breaches Authentication 154

CSO Magazine

MARCH 29, 2023

APT43 specializes in credential harvesting and social engineering with a focus on foreign policy and nuclear security issues, topics that align with North Korea’s strategic nuclear goals.

Social Engineering 108

Social Engineering Cybercrime Government Banking 108

CSO Magazine

JANUARY 31, 2023

According to a blog on the company’s website , threat actors satisfied Microsoft’s requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.

Social Engineering 88

Social Engineering Engineering Cybersecurity 88

CSO Magazine

NOVEMBER 5, 2021

Once an identity or set of credentials is compromised, any data they have access to is at risk and the identity can be used as part of a social engineering or spear-phishing attack to access more privileged credentials. User identities can be compromised through phishing, brute force, or simple abuse by malicious insiders.

Social Engineering 111

Social Engineering Phishing Data breaches Risk 111

CSO Magazine

MARCH 29, 2022

Alethe Denis was on maternity leave when she decided to participate in DEF CON's Social Engineering Capture the Flag competition in 2019. She took her three-month-old daughter and her husband to Las Vegas and planned the trip to the finest detail. Things could have gone wildly wrong," Denis says. "It

Social Engineering 94

Social Engineering Engineering 94

CSO Magazine

APRIL 11, 2022

had been successfully socially engineered into providing customer data in response to “emergency data requests” to individuals who they believed to be representing the U.S. A recent Bloomberg piece highlighted how Meta Platforms, Inc., parent company of Facebook) and Apple, Inc., government.

Social Engineering 83

Social Engineering CISO Scams Government 83

CSO Magazine

APRIL 25, 2023

The company — focused on protecting enterprises from targeted email attacks, such as phishing , social engineering , and business email compromise — is also adding data ingestion from new sources to better its AI model, which maps user identity behavior. To read this article in full, please click here

Social Engineering 79

Social Engineering Threat Detection Engineering Phishing 79

CSO Magazine

SEPTEMBER 20, 2021

Any time an organization shifts an employee’s workspace and network usage, they may be less adept at identifying phishing attacks, social engineering or other security threats. If this was true when on-site work was the norm, it is even more so in a hybrid work environment.

Social Engineering 109

Social Engineering Phishing Education Security Awareness 109

CyberSecurity Insiders

JUNE 3, 2021

The “people problem” is a phrase I heard in many different occasions when I met with IT managers (CISO, CSO, CIOs), many in leading research labs, national security establishments, and such. Some of the data that is stolen feeds social engineering attacks, where hackers use the stolen data to attack people and steal even more.

Cybersecurity 136

Cybersecurity Energy and Utilities Social Engineering Phishing 136

CSO Magazine

JUNE 14, 2022

The same actions taken to quash ransomware activity might end up forging alliances among financially motivated threat actors to create hybrid cyber-attacks that meld social engineering with ransomware. To read this article in full, please click here

Ransomware 84

Ransomware Social Engineering Cyber Attacks Engineering 84