Krebs on Security

JANUARY 3, 2019

A new phone-based phishing scam that spoofs Apple Inc. Jody Westby is the CEO of Global Cyber Risk LLC , a security consulting firm based in Washington, D.C. is likely to fool quite a few people. the day before, but she didn’t answer that call).

Scams 279

Scams Phishing Cyber Risk Engineering 279

The Last Watchdog

AUGUST 25, 2020

Covid19 has upgraded the Internet — from the criminals’ point of view — to a picture-perfect environment for phishing, scamming and deep network intrusions. Thus the urgency for organizations to put all excuses aside and embrace stricter cyber hygiene practices could not be any higher. I’ll keep watch.

Cyber Risk 182

Cyber Risk Software Risk Cloud Migration 182

The Hacker News

APRIL 11, 2023

In today's perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing, attacks on infrastructure, supply chain breaches, malicious insiders, and much more. One of the most effective ways for CISOs and

Cyber Risk 116

Cyber Risk Risk CISO Cyber threats 116

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity 130

Cybersecurity CISO Risk Government 130

SecureWorld News

APRIL 6, 2023

So it's fitting that a recent SecureWorld webcast, sponsored by Spirion, tackles the topic of "Does ChatGPT Belong on Your Cyber Risk Register? CEO of Global Cyber Risk LLC, offers this advice: "You need to have a process for evaluating the risks associated with that technology, in this case Chat GPT. Westby, Esq.,

Cyber Risk 98

Cyber Risk Risk Phishing Malware 98

CyberSecurity Insiders

APRIL 29, 2022

Identify assets and their associated risks. The best asset management software sets up a stock of your organization’s assets, phases of their entire life cycles, most recent software upgrades, the risks they could face, and the approaches to ensure their security. . . Handle the threats’ possible risks. .

Cyber Risk 122

Cyber Risk Software Risk IoT 122

The Last Watchdog

JANUARY 3, 2023

For instance, phishing, one of the most common, is a social engineering attack used to steal user data. 2021 saw a massive increase in phishing attacks , and that trend has continued into 2022. With the rise in social media, criminals have more platforms with which to target potential phishing victims.

Risk 203

Risk Cybersecurity Antivirus Phishing 203

SecureWorld News

OCTOBER 20, 2021

Cyberrisk is business risk. But how should we communicate this risk to the business, to clients, or to investors? Accenture annual report: risks we face from cyberattacks. However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack.

Cyber Risk 98

Cyber Risk Risk Insurance Cyber Insurance 98

SecureWorld News

FEBRUARY 25, 2025

Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. From the report: "Generative AI is being used to create highly convincing phishing emails, fake voices, and even deepfake videosmaking social engineering attacks more difficult to detect.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95

Jane Frankland

APRIL 15, 2025

Instead of focusing on accessible, impactful solutions like human risk management, we gravitate toward shiny new technologiestools and systems that feel exciting, measurable, and comfortably within our domain of expertise. The hard truth is that technology alone cant fix the root causes of cyber risk.

Risk 100

Risk Technology Cybersecurity Security Awareness 100

Jane Frankland

FEBRUARY 7, 2025

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. Amid a backdrop of increasingly sophisticated and frequent cyberattacks, APTs are a growing concern for CISOs and cyber risk owners.

Cyber Risk 130

Cyber Risk CISO Risk Encryption 130

Krebs on Security

DECEMBER 12, 2018

For years, potential creditors have judged the relative risk of extending credit to consumers based in part on the applicant’s credit score — the most widely used being the score developed by FICO , previously known as Fair Isaac Corporation. Data accidentally released by FICO about the Cyber Risk Score for ExxonMobil.

Cyber Risk 239

Cyber Risk Energy and Utilities Risk Marketing 239

Krebs on Security

AUGUST 25, 2023

And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. SIM-swapping groups will often call employees on their mobile devices, pretend to be someone from the company’s IT department, and then try to get the employee to visit a phishing website that mimics the company’s login page.

Mobile 235

Mobile Cyber Risk Data breaches Cryptocurrency 235

Jane Frankland

AUGUST 18, 2020

trillion in global value will be at risk from cyberattacks. That could be through common hacking techniques like phishing, bait and switch, cookie theft, deep fake , password cracking , social engineering , and so on. Both share the same goal – to reduce risk – and both design, establish and enforce controls to protect an organisation.

Cyber Risk 100

Cyber Risk Risk Cybersecurity Technology 100

SecureWorld News

JANUARY 16, 2025

Regularly updating and patching systems, including antivirus software, firewalls, and SCADA networks, can mitigate this risk. This significantly reduces the risk of unauthorized access. Sophisticated adversaries: Nation-state actors, cybercriminals, and hacktivists are leveraging advanced tactics to target this sector.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

The Last Watchdog

NOVEMBER 28, 2023

Their top areas of concern include cybersecurity risk (58%), information security risk (53%) and compliance risk (39%). In fact, all of their other concerns—malware, stolen data, phishing, ransomware and misconfiguration of cloud services—include an element of human error and/or malice.

Cyber Risk 113

Cyber Risk Risk B2B Education 113

Adam Levin

MARCH 17, 2022

Unfortunately, brackets create opportunities for a wide array of phishing and hacking campaigns, particularly in workplaces where a lot of brackets are distributed. It’s just as easy to access a brackets spreadsheet or document through Google Docs or Microsoft Office as it is to send an email attachment, and it poses less of a cyber risk.

Cyber threats 229

Cyber threats Phishing Passwords Malware 229

eSecurity Planet

FEBRUARY 11, 2022

Risk management is a concept that has been around as long as companies have had assets to protect. Risk management also extends to physical devices, such as doors and locks to protect homes and vehicles, vaults to protect money and precious jewels, and police, fire, and CCTV to protect against other physical risks.

Risk 145

Risk Cybersecurity Encryption Technology 145

The Last Watchdog

APRIL 22, 2025

security professionals, highlighting a few worrisome findings: Deepfake risks increasingly target vulnerable board members and executives. Case in point: 59% of respondents said it is very difficult to detect deepfake attacks, and the majority have low confidence in their executives ability to recognize a deepfake risk.

Authentication 100

Authentication Social Engineering Technology Media 100

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . PerSwaysion is a highly-targeted phishing campaign. New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours.

Phishing 137

Phishing Accountability Financial Services Cloud Migration 137

Threatpost

SEPTEMBER 24, 2018

The human factor doesn't have to be an intangible when assessing cyber risks within a company.

Cyber Risk 65

Cyber Risk Risk Data breaches InfoSec 65

The Last Watchdog

MAY 2, 2019

Small and midsize businesses — so-called SMBs — face an acute risk of sustaining a crippling cyberattack. This appears to be even more true today than it was when I began writing about business cyber risks at USA TODAY more than a decade ago. I had the chance at RSA 2019 to discuss the SMB security landscape at length with Gill.

Risk 182

Risk Cyber Risk Cyber threats Banking 182

Trend Micro

FEBRUARY 23, 2022

As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk.

Risk 101

Risk Cyber Risk Cyber threats Phishing 101

CyberSecurity Insiders

MAY 17, 2023

As a result, cybersecurity has become a top priority for organisations of all sizes, and the C-suite, including CEOs, CFOs, CIOs, and CISOs, plays a critical role in managing and mitigating cyber risk. Email remains the primary communication tool for businesses, but it also poses significant security risks.

Cyber Risk 59

Cyber Risk Risk Education Technology 59

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

Security Boulevard

MARCH 21, 2025

Check out key findings and insights from the Tenable Cloud AI Risk Report 2025. In addition, find out how AI is radically transforming cyber crime. And get the latest on open source software security; cyber scams; and IoT security. Plus, get fresh guidance on how to transition to quantum-resistant cryptography.

Risk 69

Risk IoT Cybersecurity Manufacturing 69

Malwarebytes

OCTOBER 12, 2021

Many companies set up phishing test programs for their employees, often as part of a compliance requirement involving ongoing employee education on security topics. Click-through rates on a real phish average between 10 and 33 percent of untrained users, depending on which security vendor you ask. You’re annoying your employees.

Phishing 101

Phishing Risk Cyber Risk Scams 101

SecureWorld News

APRIL 13, 2025

It helps identify anomalies and potential third-party risks in real-time. These platforms can automatically recognize and classify threatening behavior such as suspicious network activity, phishing attacks, and transmission of malware. Here's an example that shows how Google performs phishing detection.

Cybersecurity 94

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 94

SecureWorld News

FEBRUARY 17, 2025

We have moved beyond traditional compliance-driven security models to risk-based approaches, integrating cybersecurity into enterprise risk management (ERM) frameworks. This led to a reactive approach where organizations were more focused on regulatory adherence than on actual security risk management.

Government 87

Government Cybersecurity Risk CISO 87

SecureWorld News

MAY 27, 2021

The audit proves what we've heard from many security leaders during our SecureWorld Remote Sessions : the pandemic and work from home have greatly increased the cyber attack surface and attack attempts. NASA lacked an Agency-wide risk management framework for information security and an information security architecture.

Cyber Risk 84

Cyber Risk Risk Architecture Cyber threats 84

SecureList

DECEMBER 9, 2024

This incident serves as a stark reminder of the critical risks posed by global IT disruptions and supply chain weaknesses. This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. The issue serves as a reminder of the potential risks inherent in widely used software.

Internet 114

Internet Internet Risk Social Engineering 114

SecureWorld News

MAY 14, 2020

The latest risk for increased phishing attacks? Security awareness study: how do end-users view cyber risks? First, they showed subjects email phishing scams. They also told the subjects that the emails were examples of phishing. Increasing cybersecurity risks associated with COVID-19.

Security Awareness 98

Security Awareness Phishing Scams Risk 98

The Hacker News

NOVEMBER 13, 2024

The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that

Cyber Risk 112

Cyber Risk Phishing Risk Cybersecurity 112

The Last Watchdog

JULY 1, 2019

Related: Why not train employees as phishing cops? First, there’s a tool called the Rapid Cyber Risk Scorecard. NormShield, the Vienna, VA-based, cybersecurity firm that supplies this service, recently ran scores for all of the 26 declared presidential candidates — and found the average cyber risk score to be B+.

Cyber Risk 159

Cyber Risk DNS Phishing Backups 159

SecureWorld News

FEBRUARY 14, 2025

Avoid phishing emails and messages You may receive emails or texts with fake Valentine's Day deals, electronic greeting cards (e-cards), or delivery notifications. Charity phishing often involves a personal plea for help from an individual, but it can be more sophisticated.

Scams 73

Scams Cybercrime Social Engineering Phishing 73

The Security Ledger

MARCH 26, 2020

In this episode of the podcast (#179), CISO Kayne McGlandry of IEEE joins us to talk about the cyber risks posed by COVID and why COVID-themed phishing emails shouldn’t be your only concern. Also: SMBs Struggle with Identity Spotlight Podcast: How DU Telecom Manages Digital Transformation Risk.

Cyber Risk 52

Cyber Risk CISO Risk Digital transformation 52

CSO Magazine

MAY 3, 2023

As artificial intelligence and machine learning models become more firmly woven into the enterprise IT fabric and the cyberattack infrastructure, security teams will need to level up their skills to meet a whole new generation of AI-based cyber risks. And most adversarial AI examples are still largely theoretical.

Artificial Intelligence 128

Artificial Intelligence Cyber Risk CISO Risk 128