eBook and Social Engineering - Cyber Security Informer

Retail and Hospitality Trending Holiday Cyber Threats

Duo's Security Blog

DECEMBER 12, 2022

And in our ebook, Retail Cybersecurity: The Journey to Zero Trust , we share ways that Duo can help retailers improve their security posture. Get started by downloading our ebook, Retail Cybersecurity: The Journey to Zero Trust , today. In this post, we break down some of the threats facing retail security teams.

Retail

Retail Cyber threats Social Engineering Data breaches

News Alert: Survey shows vast majority of IT pros consider ‘passwordless’ access a top priority

The Last Watchdog

JUNE 21, 2023

The top-five data points from the survey include: •92% of respondents are concerned about compromised credentials because of phishing or social engineering attacks, which points to the recent rise and success of both these attack vectors. •59% and Canada were surveyed.

Authentication

Authentication Social Engineering Passwords Phishing

Intro to Phishing: How Dangerous Is Phishing in 2023?

Duo's Security Blog

APRIL 20, 2023

Accounting for nearly a quarter of reported incidents in Australia, phishing is a broad category of social engineering with several variations. These social engineering techniques tricked employees into revealing their login credentials, which allowed attackers to access additional systems and data. What is phishing?

Phishing

Phishing Social Engineering Authentication Engineering

Why Cybersecurity Strategy Must Start With Identity

Duo's Security Blog

NOVEMBER 15, 2024

However, attackers have become adept at finding the gaps where MFA is not required or subverting MFA altogether through technical mechanisms like adversary-in-the-middle or even just particularly nuanced social engineering.

Threat Detection

Threat Detection Cybersecurity Digital transformation Authentication

Identity-Based Breaches: Navigating the Aftermath

Duo's Security Blog

OCTOBER 8, 2024

Educated employees are less likely to fall victim to social engineering attacks, reducing the risk of future breaches. If you’d like to learn more about building a playbook for breach response, check out our eBook: Building an Identity Security Program.

Passwords

Passwords Accountability Education Social Engineering

New Duo E-Book, Attack Vectors Decoded: Securing Organizations Against Identity-Based Threats

Duo's Security Blog

MARCH 4, 2024

They can take advantage of the less secure methods of authentication, like one-time passcodes, and socially engineer a user to hand over codes or intercept them before they reach the end user. However, attackers are finding ways around MFA.

Authentication

Authentication Social Engineering Passwords Risk

Watching the Watchmen: Securing Identity Administrators

Duo's Security Blog

SEPTEMBER 19, 2024

They famously use a variety of social engineering techniques (e.g., If you’re interested to learn more about building a robust Identity Security program to handle identity admin security and much more, check out our ebook: Building an Identity Security Program. What is the response workflow when risky admin activity is detected?

Accountability

Accountability Risk Authentication Social Engineering

How to Stop Phishing Attacks with Protective DNS

Security Boulevard

OCTOBER 2, 2023

Phishing attackers are increasingly using social engineering techniques to personalize their attacks and target specific individuals or organizations. For example, attackers may research their victims on social media or other online sources to gather personal information that can be used to make their phishing emails more believable.

DNS

DNS Phishing Social Engineering Engineering

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

Malicious actors will continue to improve their social engineering tactics, making it more difficult to recognize deception and make it increasingly easier to become a victim, predicts Milbourne. Earlier in 2021, we detailed the hidden costs of ransomware in our eBook. Ransomware.

Cybercrime

Cybercrime Ransomware Phishing Cryptocurrency

Abusing Entra ID Misconfigurations to Bypass MFA

NetSpi Technical

NOVEMBER 2, 2023

These credentials can be brute forced through password sprays, found in online dumps, or obtained through social engineering. Find more stories like these in our Azure Pentesting eBook. The post Abusing Entra ID Misconfigurations to Bypass MFA appeared first on NetSPI.

Authentication

Authentication Accountability Social Engineering Penetration Testing

To Achieve Zero Trust Security, Trust The Human Element

Thales Cloud Protection & Licensing

MAY 6, 2021

Jenny Radcliffe, People Hacker & Social Engineer. From a social engineering perspective, Zero Trust is a good mindset to have, mostly because it avoids the “guard the perimeter”, the "castle and moat" idea of security. A malicious social engineer might gain access to a system through compromising an insider.

Social Engineering

Social Engineering Authentication Passwords Technology

Chinese fraudsters: evading detection and monetizing stolen credit card information

CyberSecurity Insiders

APRIL 4, 2023

Additionally, NFTs and eBooks are also suitable for money laundering. They may use methods such as pretending to be the rightful owner (social engineering) and calling the card company's call center to confirm the limit, disabling the one-time password authentication required for card use, or using other social engineering tactics.

Phishing

Phishing Social Engineering Authentication eCommerce

Machine Identities, Human Identities, and the Risks They Pose

Security Boulevard

MAY 10, 2022

They can do that by leveraging security awareness training to augment their familiarity with phishing attacks and other social engineering techniques. TLS Machine Identity Management for Dummies - the FREE eBook! It goes without saying that organizations need to continue to protect their human identities. UTM Medium. UTM Source.

Risk

Risk Phishing Digital transformation Security Awareness

Zero Trust Is a Journey and Businesses Have Many Rivers to Cross

Thales Cloud Protection & Licensing

MARCH 31, 2021

Jenny Radcliffe, People Hacker & Social Engineer. If you would like to discover what other professionals have said and what advice they give to overcome these challenges, read our How Can You Trust an Untrusted Environment eBook. This higher likelihood of mistakes presents a unique challenge to achieving the Zero Trust Model.”.

Digital transformation

Digital transformation VPN Technology Architecture

Hacker Personas Explained: Know Your Enemy and Protect Your Business

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users.

Scams

Scams Phishing Firewall Social Engineering

Lifting Each Other Up: A Celebration of Women in Cybersecurity and Their Advocates – Part 1

Cisco Security

MARCH 4, 2021

Without knowing much about me, she was very responsive and shared trust, insights, and tips in the right direction with me that contributed to my success and towards winning the social engineering capture-the-flag contest at DEF CON. Read Cisco’s eBook, Lifting Each Other Up: A Celebration of Women in Cybersecurity and Their Advocates.

Cybersecurity

Cybersecurity Engineering Technology Education

Cyber Security Informer

Retail and Hospitality Trending Holiday Cyber Threats

News Alert: Survey shows vast majority of IT pros consider ‘passwordless’ access a top priority

Trending Sources

Intro to Phishing: How Dangerous Is Phishing in 2023?

Why Cybersecurity Strategy Must Start With Identity

Identity-Based Breaches: Navigating the Aftermath

New Duo E-Book, Attack Vectors Decoded: Securing Organizations Against Identity-Based Threats

Watching the Watchmen: Securing Identity Administrators

How to Stop Phishing Attacks with Protective DNS

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Abusing Entra ID Misconfigurations to Bypass MFA

To Achieve Zero Trust Security, Trust The Human Element

Chinese fraudsters: evading detection and monetizing stolen credit card information

Machine Identities, Human Identities, and the Risks They Pose

Zero Trust Is a Journey and Businesses Have Many Rivers to Cross

Hacker Personas Explained: Know Your Enemy and Protect Your Business

Lifting Each Other Up: A Celebration of Women in Cybersecurity and Their Advocates – Part 1

Stay Connected