Cyber Attacks, InfoSec and Social Engineering

ChatGPT: What are the Implications for Infosec?

SecureWorld News

DECEMBER 20, 2022

The ability to ask any question on just about any topic and have a very intelligent answer given has cybersecurity experts wondering if the infosec community is using it and, if so, for what; and, if so, how is it working for writing scripts and code or imitating phishing emails, for instance. The script to do that was written by ChatGPT.

InfoSec

InfoSec Phishing Social Engineering Media

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. On the one hand, AI is helping detect and prevent cyber-attacks through advanced threat detection and response capabilities.

Cyber Risk

Cyber Risk CISO Risk Encryption

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Within six hours, the attacker began encrypting the organization’s systems. This concealed their attack until the environment was encrypted and backups were sabotaged.

Social Engineering

Social Engineering Engineering Accountability Backups

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

SecureWorld News

MARCH 17, 2022

Key takeaway #3: Social engineering is the most powerful attack vector against InfoSec protocols. Social engineering, as it's called, has always been the most powerful part of InfoSec, or the lack of InfoSec, in any organization.".

InfoSec

InfoSec Social Engineering Phishing Cybercrime

Personal Cybersecurity Concerns for 2023

Security Through Education

JANUARY 18, 2023

More than 90% of successful cyber-attacks start with a phishing email. Most if not, all social engineering attacks will attempt to trigger some emotion such as urgency, fear, greed, or curiosity. At Social-Engineer LLC, our purpose is to bring education and awareness to all users of technology.

Cybersecurity

Cybersecurity Social Engineering Scams IoT

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

Chris and I talk about how organizations that manage OT – including critical infrastructure owners – are being targeted by sophisticated cyber actors and the strategies best suited to manage increased cyber risks to OT environments.

CSO

CSO Risk Energy and Utilities Social Engineering

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Within six hours, the attacker began encrypting the organization’s systems. This concealed their attack until the environment was encrypted and backups were sabotaged.

Social Engineering

Social Engineering Engineering Accountability Backups

What happened in the Twitch Breach…

Security Boulevard

OCTOBER 12, 2021

This will lower your risks of complete system compromise during an attack. Cyber attacks do not happen within a few hours or even a few days. Attackers often need time to explore the network and construct suitable strategies to fully exploit the system and steal the data it contains.

Social Engineering

Social Engineering Penetration Testing Authentication Engineering

Top 5 Cybersecurity and Computer Threats of 2017

NopSec

FEBRUARY 9, 2017

As we look forward into 2017 cyber attacks , information security teams have to think like hackers in order to stay ahead of the challenges to come. Media reports in 2016 brought nation-state-sponsored cyber attacks to the public consciousness to an unprecedented degree. For a preview, read on.

Cybersecurity

Cybersecurity DDOS IoT Social Engineering

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

She is an impressive force within the infosec world. Crawley: Pen testing is when you simulate cyber attacks, so you're not actually conducting cyber attacks because you have the consent of the owner of the network or the computer application that you're penetration testing, but within the rules that your client has given you.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

She is an impressive force within the infosec world. Crawley: Pen testing is when you simulate cyber attacks, so you're not actually conducting cyber attacks because you have the consent of the owner of the network or the computer application that you're penetration testing, but within the rules that your client has given you.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

Security Boulevard

MARCH 1, 2023

The campaign uses consistent maritime-related social engineering lures in spearphishing emails almost certainly targeting the maritime industry. The Campaign is Likely Conducted by a Single Threat Cluster EclecticIQ analysts assess that the campaign is likely conducted by a single related threat cluster.

Phishing

Phishing Social Engineering Ransomware InfoSec

DEF CON 32 Recap: Insights and Experiences from The NetSPI Agents

NetSpi Technical

AUGUST 16, 2024

Ethan Hobart, Senior Security Consultant While at DEF CON, I attended Social Engineering AI Like You’re Piccard by Jayson E. The talk was about how to better use AI tools such as ChatGPT, CoPilot, Gemini and others to enhance your social engineering engagements.

Social Engineering

Social Engineering Penetration Testing Engineering Ransomware

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

For cyber actors, it’s a lucrative cyber attack option that can be delivered in various ways. On top of this, the consequences of rapid digital transformation due to the COVID-19 Pandemic created the perfect storm for successful ransomware attacks.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

“As organizations quickly adopt technologies like Okta Fastpass which uses biometrics for authentication instead of passwords, … we expect an increase in two areas: breaches caused by social engineering (already on the rise), and breaches caused by Insiders (already over 40% of all breaches).

Cybersecurity

Cybersecurity CISO Government Technology

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

Herjavec Group

JULY 29, 2021

While the world transitions out of the pandemic, cyber adversaries have continued to take advantage of the chaos – cyber attacks have skyrocketed and are only becoming more frequent, destructive, and sophisticated. It’s a lucrative cyber attack option and can be delivered in various ways.

Cybersecurity

Cybersecurity Digital transformation Cyber Attacks Ransomware

Cyber Security Informer

ChatGPT: What are the Implications for Infosec?

Secure Communications: Relevant or a Nice to Have?

Trending Sources

Scattered Spider x RansomHub: A New Partnership

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

Personal Cybersecurity Concerns for 2023

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

Scattered Spider x RansomHub: A New Partnership

What happened in the Twitch Breach…

Top 5 Cybersecurity and Computer Threats of 2017

The Hacker Mind Podcast: So You Want To Be A Pentester

The Hacker Mind Podcast: So You Want To Be A Pentester

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

DEF CON 32 Recap: Insights and Experiences from The NetSPI Agents

Cyber CEO: A Look Back at Cybersecurity in 2021

5 Major Cybersecurity Trends to Know for 2024

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

Stay Connected