Cybersecurity, Risk and Social Engineering

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

But amidst all these flashy, futuristic threats, the biggest cybersecurity risk remains the same as it's always beenhumans. Cybersecurity Through Human Behaviour just confirmed what most of us in the field already know: Cybersecurity isn't just a tech problemit's a behavior problem. So what do we do?

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

SecureWorld News

JANUARY 7, 2025

Cybersecurity in today's world is akin to the enchanted realms of fairy tales, where threats lurk in dark digital forests and heroes wield keyboards instead of swords. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Phishing Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Disability Access Within the Field of Social Engineering

Security Through Education

APRIL 7, 2025

I’ve seen people with disabilities in online discussions and on the Social Engineer Slack channel exploring suitable career paths. Many factors contribute to this issue, but in this newsletter , I will share my own experiences and perspectives on inclusivity in cybersecurity. Of that population, only 44.5%

Social Engineering

Social Engineering Engineering Technology Information Security

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

Artificial intelligence (AI) is transforming industries at an unprecedented pace, and its impact on cybersecurity is no exception. From automating cybersecurity defenses to combatting adversarial AI threats, the report underscores both the power and pitfalls of AI-driven security.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

F5 Warns Australian IT of Social Engineering Risk Escalation Due to Generative AI

Tech Republic Security

OCTOBER 11, 2023

F5 says an artificial intelligence war could start between generative AI-toting bad actors and enterprises guarding data with AI. Australian IT teams will be caught in the crossfire.

Social Engineering

Social Engineering Artificial Intelligence Engineering Risk

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

Security Boulevard

JANUARY 8, 2025

The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard. IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

Risk

Risk Social Engineering Internet Internet

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. The report concludes that "while DeepSeek R1 does not instantly generate fully functional malware, its ability to produce semi-functional code should be a wake-up call for the cybersecurity industry."

Malware

Malware Cybersecurity Cyber threats Threat Detection

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

This attack represents a notable shift in tactics used by cybercriminals targeting the cryptocurrency sector and highlights the risks posed by commonly used communication tools like Zoom. The loss of such funds also emphasizes the value of increasing awareness about cybersecurity hygiene among cryptocurrency professionals.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Part four of our four-part series From cybersecurity skills shortages to the pressures of hybrid work, the challenges facing organizations are at an all-time high. Organizations face rising risks of AI-driven social engineering and personal device breaches.

Risk

Risk Threat Detection Technology Phishing

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

The State of Cybersecurity in Canada 2025 report, published by the Canadian Cybersecurity Network (CCN) and the Security Architecture Podcast , delivers an in-depth analysis of the evolving threat landscape, emerging risks, and strategic recommendations for Canadian organizations.

InfoSec

InfoSec Energy and Utilities Cybersecurity Education

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime

Cybercrime Social Engineering Accountability Government

Why HNWIs are Seeking Personal Cybersecurity Consultants

Security Boulevard

DECEMBER 5, 2024

From phishing schemes and ransomware attacks to social engineering and doxxing, high-net-worth individuals (HNWIs) face an ever-evolving array of cyber threats, and the risks of digital exposure are greater than ever. The post Why HNWIs are Seeking Personal Cybersecurity Consultants appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Social Engineering Cyber threats Engineering

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

Just as homeowners rely on services like Pestie to protect their spaces from unwanted intruders, cybersecurity professionals use strategic tools and methods to safeguard their organizations from cyber threats. Let's explore the correlation and what cybersecurity professionals can learn from a simple act like spraying for pests.

CISO

CISO Cybersecurity Cyber threats Education

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

IT Security Guru

FEBRUARY 25, 2025

The common maxim in cybersecurity is that the industry is always on the back foot. While cybersecurity practitioners build higher walls, adversaries are busy creating taller ladders. MFA Fatigue: The I Give Up Button in Cybersecurity While MFA is extremely effective at preventing unauthorized access, it is not impervious to abuse.

Social Engineering

Social Engineering Authentication Risk Accountability

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

The Last Watchdog

JANUARY 3, 2023

Malicious online actors grow ever more sophisticated, making cybersecurity as big a concern for everyday consumers as it ever has been. For instance, phishing, one of the most common, is a social engineering attack used to steal user data. At the start of 2023, consumers remain out in the cold when it comes to online protection.

Risk

Risk Cybersecurity Antivirus Phishing

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment. Improve overall security posture and reduce cyber risks.

Cyber Risk

Cyber Risk Risk Education Security Awareness

Microsoft Expands Security Copilot with AI Agents

SecureWorld News

MARCH 24, 2025

Microsoft announced a major expansion of its Security Copilot platform today, introducing a suite of AI agents designed to automate common security operations tasks and reduce the burden on cybersecurity professionals. Many see promise but also critical pitfalls if these agents are deployed without proper controls.

Social Engineering

Social Engineering Government Risk Engineering

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

FEBRUARY 20, 2024

Malicious intent or manipulation: AI chatbots can be exploited to spread misinformation, execute social engineering attacks or launch phishing. Such manipulation can harm user trust, tarnish brand reputation and have broader social consequences. Machine learning helps AI chatbots adapt to and prevent new cyber threats.

Cybersecurity

Cybersecurity Penetration Testing Authentication Social Engineering

Grubhub Suffers Data Breach in Third-Party Vendor Incident

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. While these measures contained the incident, the breach underscores the risks inherent in outsourcing critical functions to external vendors. What data was compromised? How did this happen?

Data breaches

Data breaches Accountability Social Engineering Passwords

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

eSecurity Planet

NOVEMBER 6, 2024

In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. Businesses that handle customer data or interact with city networks are now faced with heightened risks.

Ransomware

Ransomware Authentication Identity Theft Penetration Testing

Understanding the Deepfake Threat

SecureWorld News

FEBRUARY 13, 2025

Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions. Key risks posed by deepfakes Deepfake attacks can be broadly classified into three categories.

Social Engineering

Social Engineering Authentication Identity Theft Education

Social Engineering Stories: One Phish, Two Vish, and Tips for Stronger Defenses

NetSpi Executives

OCTOBER 25, 2024

October is Cybersecurity Awareness Month, serving as a crucial reminder of the importance of safeguarding our digital lives. Understanding these risks is essential for companies, employees, and consumers alike, as they can lead to identity theft, financial loss, and even emotional distress.

Social Engineering

Social Engineering Engineering Phishing Penetration Testing

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

However, this surge in usage has also opened the door to a growing array of cybersecurity threats. Cybercriminals employ social engineering techniques to trick you into believing you must resolve fictitious technical issues. The hallmark of ClickFix campaigns is their clever use of social engineering.

Scams

Scams Malware Phishing Social Engineering

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

NOVEMBER 19, 2023

A hacking gang known as Scattered Spiders soundly defeated the cybersecurity defenses of MGM and Caesars casinos. For the moment, hackers appear to have the upper hand in the global chess match between cybersecurity professionals and digital criminals. Scattered Spiders employed a technique known as “MFA Fatigue.”

Social Engineering

Social Engineering Passwords Authentication Marketing

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Stolen credentials remain the top breach factor, responsible for 24% of incidents in 2024.

Ransomware

Ransomware IoT Encryption Social Engineering

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. trillion, the risk of a data breach extends beyond immediate financial losses. trillion and $5.28

Retail

Retail Cyber Risk Risk DDOS

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Apple last week announced new security features specifically intended to offer “specialized additional protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.”. Even in Lockdown mode, for example, people can easily install apps that spy on them.

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

‘Fix It’ social-engineering scheme impersonates several brands

Malwarebytes

DECEMBER 19, 2024

Social engineering is a core part of these schemes and the tricks we see are sometimes very clever. Overlap with other campaigns As mentioned previously, this type of social engineering attack is getting more and more popular. Interestingly, the same domain ( topsportracing[.]com com microsoft.team-chaats[.]com

Social Engineering

Social Engineering Engineering Malware Antivirus

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

The Last Watchdog

NOVEMBER 29, 2021

The vulnerabilities and challenges associated with declining worker mental health is causing cybersecurity risks to increase, especially from insider threats. Mental health cyber risks. Declining workplace mental health is affecting cybersecurity in various ways. Socially engineered incidents have also been on the rise.

Cybersecurity

Cybersecurity Social Engineering Risk Cyber Risk

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

Cybersecurity Threats and Digital Warfare One of the most significant threats to national security in the modern era is cyber warfare. With more nations and corporations investing heavily in digital platforms, cybersecurity investments have become paramount.

Technology

Technology Cyber Attacks Government Social Engineering

iMessage text gets recipient to disable phishing protection so they can be phished

Malwarebytes

JANUARY 13, 2025

A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. We dont just report on threatswe remove them Cybersecurity risks should never spread beyond a headline. If it doesn’t look real then don’t click on it.

Phishing

Phishing Social Engineering Scams Mobile

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

While details remain sparse, reports suggest social engineering tactics like phishing, SIM swapping, and multi-factor authentication (MFA) fatigue attacks may have been used to infiltrate systems. Cybersecurity isnt just an IT problem; its central to risk management, operational continuity, and customer trust.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J. Awareness and vigilance.

Scams

Scams Social Engineering Mobile Phishing

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

SecureWorld News

MARCH 17, 2025

In response, Krispy Kreme immediately engaged external cybersecurity experts, implemented containment measures, and notified federal law enforcement. The breach not only halted a critical revenue stream but also incurred costs related to system restoration, cybersecurity consulting, and potential reputational damage.

Cyber Attacks

Cyber Attacks Digital transformation Threat Detection Penetration Testing

WHEN IS CYBERSECURITY IS WEEK

Hacker's King

OCTOBER 26, 2024

Cybersecurity Week, observed annually in the first week of October, is a vital initiative aimed at raising awareness about the ever-growing challenges in the digital landscape. YOU MAY ALSO WANT TO READ ABOUT: Are Cybersecurity Bootcamps Worth It? What is Cybersecurity Week?

Cybersecurity

Cybersecurity Cyber threats Education Passwords

RSA Conference 2025: Top Announcements and Key Takeaways from the Cybersecurity World’s Biggest Stage

eSecurity Planet

MAY 1, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. One Community) emphasized collaboration across diverse perspectives to tackle cybersecurity challenges.

Cybersecurity

Cybersecurity Mobile Phishing Artificial Intelligence

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

The world of cybersecurity is booming, with digital threats increasing and businesses needing to protect their data. But can cybersecurity make you a millionaire ? As the demand for cybersecurity professionals continues to rise, so do the financial opportunities for those who excel in this domain.

Cybersecurity

Cybersecurity CISO Engineering Education

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

The Last Watchdog

AUGUST 20, 2024

22, 2024, CyberNewsWire — In modern business, cybersecurity is not merely a technical concern but a crucial financial safeguard. With cyber threats growing in sophistication and frequency, the financial implications of neglecting cybersecurity training are severe and multifaceted. Cary, NC, Aug. million more in beach costs.

Cybersecurity

Cybersecurity Education Social Engineering Cyber threats

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

SecureWorld News

DECEMBER 17, 2024

This operation, which blends social engineering and technical exploitation, has resulted in the theft of more than 390,000 WordPress credentials. Implications for the Cybersecurity Community This campaign represents a striking example of the risks inherent in the offensive security space.

Phishing

Phishing Threat Detection Social Engineering Cybercrime

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

The Last Watchdog

MARCH 4, 2024

Charities and nonprofits are particularly vulnerable to cybersecurity threats, primarily because they maintain personal and financial data, which are highly valuable to criminals. Assess risks. Creating a solid cybersecurity foundation begins with understanding the organization’s risks. Keep software updated.

Social Engineering

Social Engineering Risk Cybersecurity Authentication

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

New York, the city that never sleeps, is also the city that takes cybersecurity very seriously. If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation. Dont fall into this trap.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

Webinars

Trending Sources

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

Webinars

Disability Access Within the Field of Social Engineering

Google's AI Trends Report: Key Insights and Cybersecurity Implications

F5 Warns Australian IT of Social Engineering Risk Escalation Due to Generative AI

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

EDR-as-a-Service makes the headlines in the cybercrime landscape

Why HNWIs are Seeking Personal Cybersecurity Consultants

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

Microsoft Expands Security Copilot with AI Agents

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

Grubhub Suffers Data Breach in Third-Party Vendor Incident

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

Understanding the Deepfake Threat

Social Engineering Stories: One Phish, Two Vish, and Tips for Stronger Defenses

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

Deceptive Google Meet Invites Lures Users Into Malware Scams

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

‘Fix It’ social-engineering scheme impersonates several brands

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

What are the key Threats to Global National Security?

iMessage text gets recipient to disable phishing protection so they can be phished

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

WHEN IS CYBERSECURITY IS WEEK

RSA Conference 2025: Top Announcements and Key Takeaways from the Cybersecurity World’s Biggest Stage

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Can Cybersecurity Make You a Millionaire?

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Stay Connected