Duo's Security Blog

JANUARY 29, 2024

As a new semester begins, we at Cisco Duo want to share some findings and trends pertaining to threat activity we have seen across higher education customers. In analyzing de-identified customer data over the latter half of 2023, we found a pattern of threat activity targeting multiple universities using shared attack infrastructure.

Education 131

Education Authentication Passwords Phishing 131

Security Affairs

JANUARY 22, 2024

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing tactics, as attackers seek to overcome defenses using more personalized and targeted approaches.

Phishing 134

Phishing Education Social Engineering Media 134

eSecurity Planet

MARCH 10, 2025

Employee training: Educate staff about cybersecurity best practices , including recognizing phishing attempts and using strong, unique passwords. Advanced threat detection: Deploy intrusion detection and prevention systems to monitor network traffic for suspicious activities.

Penetration Testing 98

Penetration Testing Media Encryption Threat Detection 98

eSecurity Planet

DECEMBER 4, 2024

With cyberattacks on operating systems, applications, and networks becoming more sophisticated, the tech giant formulated a strategy to enhance the protection of Windows systems, focusing strongly on phishing attacks. During the Ignite 2024 conference, Microsoft announced the Windows Resiliency Initiative to address these security concerns.

Encryption 107

Encryption Phishing Passwords Authentication 107

Hacker's King

DECEMBER 16, 2024

In 2023, major ransomware incidents targeted healthcare providers, educational institutions, and large corporations. Phishing and Social Engineering : Phishing remains a popular attack method, leveraging emails, fake websites, and social media to deceive users into providing sensitive information.

Cyber Attacks 59

Cyber Attacks Phishing Artificial Intelligence Penetration Testing 59

SecureWorld News

MARCH 18, 2025

Some reports indicate that Chinese smishing groups are selling SMS phishing kits, enabling scammers to efficiently spoof toll operators and target users in multiple states, including Massachusetts, Florida, and Texas. This level of sophistication underscores why public education is our first line of defense.

Scams 88

Scams Mobile Phishing Education 88

SC Magazine

JANUARY 26, 2021

companies as a primary target of a new phishing scheme. Cybercriminals have been using a phishing kit featuring fake Office 365 password alerts as a lure to target the credentials of chief executives, business owners and other high-level corporate leaders. The company could not be certain, however, if the V4 phishing kit was involved.

Phishing 118

Phishing Passwords Security Awareness Social Engineering 118

SecureWorld News

OCTOBER 3, 2023

Cybercriminals have been quick to recognize and take advantage of these new capabilities, which has given birth to a new epoch of phishing called "deepfake phishing." The mechanics of deepfake phishing The way traditional phishing works is rather simple. Nowadays, being a successful "black hat" takes a lot of effort.

Social Engineering 109

Social Engineering Phishing Engineering Technology 109

Security Boulevard

JANUARY 3, 2025

What is consent phishing? Most people are familiar with the two most common types of phishingcredential phishing and phishing payloads, where attackers trick users into revealing credentials and downloading malicious software respectively. However, there is a third type of phishing on the rise: consent phishing.

Phishing 83

Phishing Authentication Accountability Threat Detection 83

Security Boulevard

APRIL 24, 2025

Gone are the days of mass phishing campaigns. Evolving phishing trends to watch in 2025ThreatLabz uncovered many significant evolving trends in phishing attacks, with attackers adopting advanced tactics to bypass defenses and exploit human trust.

Phishing 71

Phishing Scams Cryptocurrency Authentication 71

The Last Watchdog

DECEMBER 12, 2023

Organizations should likewise leverage GenAI to better detect AI-enhanced threats and counter the attack volumes that we expect to see in 2024. Ongoing education and skill development requires educating teams and ensuring employees become proactive contributors to organizational defense.

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

eSecurity Planet

AUGUST 23, 2023

Spear phishing is a more targeted and effective phishing technique that attempts to exploit specific individuals or groups within an organization. While phishing uses a broader range of tactics, such as mass emailing to random recipients, spear phishing is often well-researched and tailored to high-value targets.

Phishing 98

Phishing Social Engineering Authentication Security Awareness 98

CyberSecurity Insiders

MARCH 20, 2021

Today, we are reviewing the GreatHorn Cloud Email Security Platform, an email security solution to protect organizations against phishing attacks and advanced communication threats. Phishing attacks have been growing dramatically in the wake of the COVID-19 pandemic and the resulting massive increase in employees working from home.

Artificial Intelligence 118

Artificial Intelligence Phishing Education Risk 118

Spinone

JANUARY 15, 2019

This is not limited to corporate environments but also includes today’s educational institutions. For IT administrators looking at leveraging the public cloud to deliver powerful cloud-driven resources to educators and students, let’s take a look at the top benefits for school IT administrators looking at G Suite for Education.

Education 64

Education Backups Mobile Malware 64

SecureWorld News

OCTOBER 8, 2024

Moreover, encouraging cross-functional collaboration between AI specialists, security professionals, and software engineers can help teams stay ahead of evolving threats. Regular employee training remains essential in combating phishing threats, but training must evolve beyond static lessons.

Phishing 117

Phishing Threat Detection Education Cloud Migration 117

The Last Watchdog

OCTOBER 5, 2023

Byron: On the software side of things, some exciting breakthroughs are about to gain meaningful traction in leveraging machine learning and automation to shape new security platforms and frameworks that are much better suited to helping companies implement cyber hygiene, as well as execute effective, ongoing threat detection and incident response.

Cyber threats 203

Cyber threats Cyber Insurance Threat Detection Cybersecurity 203

eSecurity Planet

OCTOBER 6, 2023

Despite all the advances in cybersecurity, email remains the starting point for the vast majority of cyberattacks, as phishing, malware and social engineering remain effective attack techniques. As some of these solutions are pretty low-cost, they potentially offer high ROI considering the enormity of the email threat problem.

Software 131

Software Phishing Mobile Threat Detection 131

Hacker's King

DECEMBER 17, 2024

How the Malware Operates Initial Access : Attackers gain access to the targeted network using phishing, exploiting vulnerabilities, or leveraging stolen credentials. Advanced tools employing AI can enhance threat detection capabilities. Establish frameworks for reporting and sharing information about cyber incidents.

Banking 52

Banking Social Engineering Malware Cyber threats 52

Responsible Cyber

MARCH 2, 2025

Security Features Comparison: Zoom Free Plan vs. Business, Enterprise, and Education Plans Zooms popularity as a video conferencing tool makes it a prime candidate for a security-focused comparison, especially considering the risks of Shadow IT (e.g., school email logins), enhancing security for educational settings.

Education 40

Education Marketing Encryption Threat Detection 40

SecureWorld News

FEBRUARY 14, 2023

Despite Tonto Team being known for its sophisticated techniques and ability to evade detection, Group-IB was able to detect and block the attack before any damage could be done. The threat actor has been targeting government, military, energy, financial, educational, healthcare, and technology sector companies since 2009.

Phishing 117

Phishing Cybersecurity Threat Detection Healthcare 117

CyberSecurity Insiders

NOVEMBER 29, 2021

The best way to arm yourself against such attacks is by educating yourself. Even though many consider spam and phishing outdated techniques, they are still employed by cybercriminals today. In August 2021, a Revere Health employee was hacked through a phishing email attack which exposed approximately 12,000 patient medical records.

Phishing 124

Phishing Healthcare Data breaches Cyber Attacks 124

SecureWorld News

JULY 8, 2024

Education, education, education: Stay informed about the latest cybersecurity threats and best practices. Companies need to make it a priority to set up strong MFA and real-time phishing protection to reduce the risks that come with compromised passwords.

Passwords 127

Passwords Password Management Education Accountability 127

Responsible Cyber

JULY 13, 2024

This shortage not only increases the risk of cyber threats but also strains existing security teams, leading to potential burnout and operational inefficiencies. Education and training play a pivotal role in addressing this gap. New Threat Vectors : Cyber threats are constantly evolving.

Education 52

Education Cybersecurity Cyber threats Technology 52

SecureWorld News

FEBRUARY 15, 2024

This includes sending phishing messages posing as government agencies or local banks to convince victims to click on links leading to fake apps infected with the malware. As threats continue to evolve at "AI speed" in the words of Gallagher, AI-enabled defenses will likely play an elevated role as well.

Social Engineering 105

Social Engineering Mobile Authentication Engineering 105

SecureWorld News

FEBRUARY 12, 2025

Promote AI security guidelines to mitigate risks posed by generative AI and deepfake-driven cyber threats. Detecting and disrupting cyber threat actors Cybercrime, ransomware, and state-sponsored attacks remain top concerns. Ensuring transparent funding mechanisms to promote equitable resource allocation across sectors.

Cyber threats 66

Cyber threats Cybercrime Cybersecurity Government 66

SecureWorld News

SEPTEMBER 30, 2024

Microsoft previously observed threat actors such as Octo Tempest and Manatee Tempest targeting both on-premises and cloud environments and exploiting the interfaces between the environments to achieve their goals." Implement advanced threat detection tools to identify and block ransomware campaigns early.

Ransomware 116

Ransomware Social Engineering Healthcare Phishing 116

SecureWorld News

SEPTEMBER 5, 2024

Focusing solely on compliance can create a misleading sense of security since current regulatory standards often need to catch up with new and evolving threats, leaving organizations exposed. Continuous monitoring and threat detection It is important to implement continuous monitoring systems to maintain a robust security posture.

Threat Detection 117

Threat Detection Phishing Penetration Testing Education 117

CyberSecurity Insiders

MAY 13, 2023

Latest email security trends Phishing and spear-phishing attacks: Phishing is a type of social engineering attack where cybercriminals use deceptive emails to trick recipients into divulging sensitive information or downloading malware.

Phishing 111

Phishing Encryption Education Small Business 111

IT Security Guru

MARCH 17, 2023

Naive or careless employees pose a significant threat to security, as it only takes one wrong decision to deliver information into the wrong hands. Particular attacks include: Phishing and spear phishing attacks , in which criminals purport to be a trusted source and solicit information from their target.

Risk 117

Risk Phishing Threat Detection Cybercrime 117

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. This increase is likely driven by high employee turnover and easy access to phishing kits. Unsurprisingly, threat actors prefer to “work smart, not hard” to achieve their goals.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

SecureWorld News

NOVEMBER 21, 2024

Cyber Threats: AI-powered phishing and deepfakes are cited as major risks by late adopters, while early adopters are more worried about advanced threats like model poisoning and tampering. Dr. Peter Holowka , Director of Educational Technology at West Point Grey Academy in Vancouver, B.C.,

Artificial Intelligence 115

Artificial Intelligence Threat Detection Risk Banking 115

Duo's Security Blog

OCTOBER 8, 2024

Enhance Monitoring and Detection Capabilities: Implement or upgrade security monitoring tools to detect suspicious activities and potential breaches in real-time. One way to do this is by leveraging Duo’s new Identity Intelligence functionality, which provides dedicated Identity Threat Detection & Response capabilities.

Passwords 111

Passwords Accountability Education Social Engineering 111

SecureWorld News

JULY 22, 2024

Among the risks are an increased attack surface—stemming from the adoption of IoT devices, precision farming technologies, and digital supply chain management systems—and more sophisticated attacks leveraging advanced techniques like AI-driven malware, ransomware, and phishing schemes tailored to exploit specific vulnerabilities.

Risk 105

Risk Cybersecurity Small Business IoT 105

eSecurity Planet

DECEMBER 10, 2023

It also allows for centralized tracking of firewall activity, which simplifies threat detection and response. By offering insights into previous traffic, this technique improves threat detection, troubleshooting, and overall security by enabling for educated decision-making and proactive optimization of firewall configurations.

Firewall 120

Firewall Network Security Backups Education 120

Cisco Security

AUGUST 24, 2022

Once a threat is seen, whether it’s a phishing URL or an IP address hosting malware, detections are created and indicators of compromise are categorized and blocked across our Cisco Secure portfolio. Accelerating threat detection and response. Fadi Aljafari, Information Security and Risk Manager, Deakin University.

Engineering 142

Engineering Education Information Security Architecture 142

CyberSecurity Insiders

SEPTEMBER 21, 2021

Awareness training should be incorporated across all organizations, not just limited to governance, threat detection, and incident response plans. Don’t take the phishing bait. This also needs to be part of a broader top-down effort starting with senior management. Develop a ‘security champions’ program.

Threat Detection 91

Threat Detection InfoSec Wireless Firewall 91

CyberSecurity Insiders

JUNE 1, 2023

With the widespread use of technology and the increasing amount of data being stored and shared electronically, financial institutions must ensure that they have robust cybersecurity measures in place to protect against evolving threats. Online banking phishing scams have advanced constantly.

Cybersecurity 99

Cybersecurity Computers and Electronics Phishing Banking 99