InfoSec and Phishing - Cyber Security Informer

ChatGPT: What are the Implications for Infosec?

SecureWorld News

DECEMBER 20, 2022

The ability to ask any question on just about any topic and have a very intelligent answer given has cybersecurity experts wondering if the infosec community is using it and, if so, for what; and, if so, how is it working for writing scripts and code or imitating phishing emails, for instance. I had it write a phishing email.

InfoSec

InfoSec Phishing Social Engineering Media

Phishing Attack Prevention: How to Identify & Avoid Phishing Scams in 2021

Digital Guardian

SEPTEMBER 9, 2021

A panel of infosec experts discuss the most common phishing attacks and how to prevent them.

Phishing

Phishing InfoSec Scams

Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec

Dark Reading

FEBRUARY 13, 2020

What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?

InfoSec

InfoSec Phishing

Ongoing Flipper Zero phishing attacks target infosec community

Bleeping Computer

JANUARY 3, 2023

A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. [.].

Phishing

Phishing InfoSec Cryptocurrency

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Cisco Security

NOVEMBER 2, 2022

“ Cisco Duo simplifies the passwordless journey for organizations that want to implement phishing-resistant authentication and adopt a zero trust security strategy. To top it off, Duo is connected to our SIEM and our InfoSec team is able to review detailed logs and setup alerts to be able to keep everything secure.”

Authentication

Authentication Passwords Phishing Mobile

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

I would like to opt-out of here to reduce the SPAM and Phishing emails. For example, mine was just one of many tens of thousands of Pfizer email addresses, and that sort of thing is going to raise the ire of some folks in corporate infosec capacities. If, like me, you're part of the 99.5%

Data breaches

Data breaches Passwords B2B Technology

Complete Guide to Phishing Attacks: What Are the Different Types and Defenses?

eSecurity Planet

MARCH 31, 2022

Approximately 83 percent of organizations said they faced a successful phishing attempt in 2021, up from 57 percent in 2020. This guide breaks down the different types of phishing attacks and provides examples to help organizations better prepare their staff to deal with them. What is Phishing? Spear Phishing.

Phishing

Phishing Banking Social Engineering Scams

Real Big Phish: Mobile Phishing & Managing User Fallibility

Threatpost

JANUARY 14, 2022

Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.

Phishing

Phishing CSO Mobile InfoSec

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

“The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of COVID-19 or the desire for information on it to trick regular internet users,” wrote Reuters’ Joe Menn. ” SURVIVING THE PANDEMIC.

Cybersecurity

Cybersecurity Cyber threats Government Phishing

Tis’ the Season for Online Holiday Shopping; and Phishing

Threatpost

NOVEMBER 19, 2020

Watch out for these top phishing approaches this holiday season.

Phishing

Phishing InfoSec

Phishing Benchmark Report Delivers Data, Tools to Mitigate End-User Risk

SecureWorld News

FEBRUARY 25, 2022

Proofpoint has announced its 2022 State of the Phish report, which is the latest in-depth look at end-user awareness, vulnerability, and resilience. The eighth annual study features an analysis of global survey responses, simulated phishing exercises, and real-world attacks.

Phishing

Phishing Risk Security Awareness Social Engineering

Phishing, Scam, & Marketing Emails: What’s the Difference?

Security Boulevard

MARCH 9, 2021

When it comes to email communications today, phishing and spam are both unwelcome nuisances in everyone's inbox. Even though the words “phishing” and “spam” are often used [.]. The post Phishing, Scam, & Marketing Emails: What’s the Difference? The post Phishing, Scam, & Marketing Emails: What’s the Difference?

Marketing

Marketing Scams Phishing InfoSec

Consent Phishing: The New, Smarter Way to Phish

Security Boulevard

JANUARY 3, 2025

What is consent phishing? Most people are familiar with the two most common types of phishingcredential phishing and phishing payloads, where attackers trick users into revealing credentials and downloading malicious software respectively. However, there is a third type of phishing on the rise: consent phishing.

Phishing

Phishing Authentication Accountability Threat Detection

State of the Phish Report 2021: 4 Key Metrics

SecureWorld News

FEBRUARY 15, 2021

The State of the Phish is the industry benchmark report around the world's leading cyberattack vector. We want to understand that average person, and the average InfoSec professional and what they are experiencing," says Gretel Egan Sr. "We Security Awareness Finding #2: what phishing attacks lead to. And we have 53% of U.S.

Phishing

Phishing Security Awareness Ransomware InfoSec

Friday Five 4/9

Digital Guardian

APRIL 9, 2021

New phishing schemes, a debate over rhetoric in cybersecurity, and the new Global Trends Report - catch up on all of the week's infosec news with the Friday Five!

InfoSec

InfoSec Phishing Cybersecurity

Friday Five 1/22

Digital Guardian

JANUARY 22, 2021

Copycats, searchable phishing campaigns, and cybersecurity policy in the new administration - catch up on all of the week's infosec news with the Friday Five!

InfoSec

InfoSec Phishing Cybersecurity

The Business Value of the Social-Engineer Phishing Service

Security Boulevard

JUNE 18, 2021

Phishing attacks continue to plague organizations across the globe with great success, but why? The post The Business Value of the Social-Engineer Phishing Service appeared first on Security Boulevard. Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an.

Social Engineering

Social Engineering Engineering Phishing Penetration Testing

Friday Five 7/16

Digital Guardian

JULY 16, 2021

chipmaking, and the disruption of a phishing ring - catch up on all of the week's infosec news with the Friday Five! iOS zero days, the state of U.S.

InfoSec

InfoSec Phishing

Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning

Security Boulevard

NOVEMBER 5, 2023

Next, we discuss the emerging threat of “quishing,” a combination of voice calls and phishing that preys on unsuspecting victims. The post Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning appeared first on Security Boulevard.

Phishing

Phishing Hacking Data privacy Data breaches

3 Top Tools for Defending Against Phishing Attacks

Threatpost

NOVEMBER 18, 2021

Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.

Phishing

Phishing InfoSec Malware

Friday Five 11/12

Digital Guardian

NOVEMBER 12, 2021

Apple fixes a macOS zero day, Microsoft warns of HTML smuggling phishing attacks, and more - catch up on the infosec news of the week with the Friday Five!

InfoSec

InfoSec Phishing

BSides Perth 2021 – Andre de Moeller Samarin & ‘There Are Plenty Of Phish In The Sea’

Security Boulevard

FEBRUARY 11, 2022

The post BSides Perth 2021 – Andre de Moeller Samarin & ‘There Are Plenty Of Phish In The Sea’ appeared first on Security Boulevard. Many thanks to BSides Perth for publishing their tremendous videos from the BSides Perth 2021 Conference on the organization’s YouTube channel.

Phishing

Phishing Education InfoSec Information Security

Cyber Defense Magazine – April 2019 has arrived. Enjoy it!

Security Affairs

APRIL 2, 2019

InfoSec Knowledge is Power. GARY BERMAN AND HIS TEAM BELIEVE THAT INFOSEC KNOWLEDGE IS POWERFUL – TAKE YOUR AVERAGE EMPLOYEE AND MAKE THEM A CYBER HERO – YOU WILL EMPOWERED THEM AGAINST THE LATEST SPEAR PHISHING ATTACKS AND RANSOMWARE, IN A FUN EDUCATIONAL WAY. Cyber Defense eMagazine April 2019 Edition has arrived.

InfoSec

InfoSec Advertising Education Media

Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?

Threatpost

SEPTEMBER 21, 2021

Nick Kael, CTO at Ericom, discusses how phishing is gaining sophistication and what it means for businesses.

Phishing

Phishing InfoSec Malware

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Security Boulevard

MARCH 27, 2022

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1

Phishing

Phishing Software Hacking Social Engineering

Phishing Awareness Training: Best Providers 2020

Spinone

SEPTEMBER 8, 2020

Phishing attacks are one of the main cyber threats involving mistakes by workers. Arranging training for your employees is a great way to protect your company against phishing and its expensive and time-consuming consequences. So, let’s take a look at notable phishing awareness training providers.

Phishing

Phishing InfoSec Social Engineering Backups

Choose Your Own Adventure game animates security awareness training

SC Magazine

MAY 4, 2021

Infosec’s Choose Your Own Adventure training game “Deep Space Danger” tests employees on their knowledge of social engineering. “B” is obviously the correct choice, but not all companies succeed in motivating their workers to learn the ins and outs of phishing, social engineering and other cyber threats. .

Security Awareness

Security Awareness InfoSec Social Engineering Engineering

61 percent of employees fail basic cybersecurity quiz

SC Magazine

APRIL 12, 2021

James McQuiggan, security awareness advocate at KnowBe4, said organizations should hold repetitive simulated phishing assessments and additional training throughout the year, in addition to computer-based training.

Cybersecurity

Cybersecurity InfoSec Phishing Security Awareness

Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?

Security Boulevard

APRIL 28, 2024

In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing’s decreased prevalence, it remains the second most popular method for gaining initial network access.

Phishing

Phishing Data privacy Passwords Security Awareness

DEF CON 29 Main Stage – Jenko Hwong’s ‘New Phishing Attacks Exploiting OAuth Authentication Flows’

Security Boulevard

AUGUST 21, 2021

The post DEF CON 29 Main Stage – Jenko Hwong’s ‘New Phishing Attacks Exploiting OAuth Authentication Flows’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their outstanding DEFCON Conference Main Stage Videos on the groups' YouTube channel.

Authentication

Authentication Phishing Education InfoSec

Veridium Named Winner in the Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 22, 2021

NEW YORK–( BUSINESS WIRE )– Veridium , a leading developer of frictionless, passwordless authentication solutions, is proud to announce that it’s won the 2021 Global InfoSec Award in the category of Next-Gen in Passwordless Authentication. “We Veridium is the industry’s only end-to-end passwordless platform provider.

InfoSec

InfoSec B2C B2B Authentication

Nation-State Phishing: A Country-Sized Catch

Threatpost

OCTOBER 29, 2018

Sophisticated nation-state groups now integrate phishing as a core component of their statecraft.

Phishing

Phishing InfoSec Government Hacking

Social Media: Thwarting The Phishing-Data Goldmine

Threatpost

SEPTEMBER 4, 2020

Cybercriminals can use social media in many ways in order to trick employees.

Media

Media Phishing Authentication InfoSec

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

SC Magazine

FEBRUARY 18, 2021

A graph representing the NIST Phish Scale scoring methodology. Introduced in September 2020, the NIST Phish Scale scores phishing emails based on certain key properties to determine their level of sophistication and deceptiveness. their organization faces.”.

Phishing

Phishing Mobile Security Awareness Media

Oscorp, a new Android malware targets Italian users

Security Affairs

JANUARY 28, 2021

AddressIntel is actively tracking malicious #phishing #malware address [link] #Italy since 2021-01-25 #cybersecurity #infosec Follow trends and statistics on [link] — AddressIntel (@AddressIntel) January 25, 2021. ” read the advisory published by Italy’s CERT-AGID (Italian language).

Malware

Malware Phishing InfoSec Cryptocurrency

The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15

Security Boulevard

SEPTEMBER 10, 2023

energy organization fell victim to a QR code phishing attack, highlighting the ever-evolving tactics used by attackers. Finally, we […] The post The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15 appeared first on Shared Security Podcast. Next, we explore how a major U.S.

Phishing

Phishing Cryptocurrency Ransomware Social Engineering

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

HG Phishing HG Vulnerability Management . About CDM InfoSec Awards . This is Cyber Defense Magazine’s ninth year of honoring global InfoSec innovators. Join a webinar at [link] and realize that infosec knowledge is power. . HG Mana ged Detection & Response (MDR) . HG Security Engineering . HG Threat .

InfoSec

InfoSec Technology Marketing B2C

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. Once they get in— via RDP or Phishing or Drive-bys —they are not only extorting people who want to get their data back. They called it Cyber Pearl Harbor.

Ransomware

Ransomware Government Social Engineering Small Business

Friday Five: FCC Tightening Regulations, a Russian Botnet Taken Down, & More

Digital Guardian

FEBRUARY 16, 2024

Law enforcement notched another win in the fight against cybercrime this past week, but state hackers, phishing campaigns, and AI are keeping organizations on their toes. Catch up on the latest InfoSec news in this week's Friday Five!

InfoSec

InfoSec Cybercrime Phishing

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

SecureWorld News

MARCH 17, 2022

These attackers will use a variety of lures to pull people in, but a lot of the phishing has been centered around updating the VPN for a client or employee, or redirecting users to phishing sites that look a lot like their collaborative platform login page. And you know, that can cause a potential loss for that organization.".

InfoSec

InfoSec Social Engineering Phishing Cybercrime

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Once obtained the credentials, the attackers launched voice phishing attacks in an attempt to trick the victim into accepting the MFA push notification started by the attacker. cybersecurity #infosec #ransomware pic.twitter.com/kwrfjbwbkT — CyberKnow (@Cyberknow20) August 10, 2022.

Ransomware

Ransomware Hacking VPN Phishing

BSides Berlin 2021 – Sourya Biswas’ ‘Psychology Of The Phish: Leveraging the 7 Principles of Influence’

Security Boulevard

JANUARY 11, 2022

The post BSides Berlin 2021 – Sourya Biswas’ ‘Psychology Of The Phish: Leveraging the 7 Principles of Influence’ appeared first on Security Boulevard. Our thanks to BSides Berlin for publishing their tremendous videos from the BSides Berlin 2021 Conference on the organization’s’ YouTube channel.

Phishing

Phishing Education InfoSec Information Security

Analysis of the 2020 Verizon Data Breach Report

Daniel Miessler

MAY 19, 2020

Verizon’s Breach Report is one of the best infosec reports out there, and I’m always excited when I hear it’s been released. 22% involved phishing. Phishing is usually going after credentials, but stealing money is continues to rise in popularity. The top 2 incident threat actions were DoS, and Phishing.

Data breaches

Data breaches Phishing Malware Hacking

New data could help CISOs quantify the value of a strong security culture

SC Magazine

FEBRUARY 26, 2021

Phishing warning seen on Google Chrome when visiting a website that has been recognized as phishing website. The goal was to see if they could quantify the correlation between implementing a strong security culture and the reduction of unwanted phishing behaviors such as link clicking and credential sharing.

CISO

CISO Security Awareness Phishing InfoSec

ChatGPT: What are the Implications for Infosec?

Phishing Attack Prevention: How to Identify & Avoid Phishing Scams in 2021

Trending Sources

Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec

Ongoing Flipper Zero phishing attacks target infosec community

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Inside the DemandScience by Pure Incubation Data Breach

Complete Guide to Phishing Attacks: What Are the Different Types and Defenses?

Real Big Phish: Mobile Phishing & Managing User Fallibility

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Tis’ the Season for Online Holiday Shopping; and Phishing

Phishing Benchmark Report Delivers Data, Tools to Mitigate End-User Risk

Phishing, Scam, & Marketing Emails: What’s the Difference?

Consent Phishing: The New, Smarter Way to Phish

State of the Phish Report 2021: 4 Key Metrics

Friday Five 4/9

Friday Five 1/22

The Business Value of the Social-Engineer Phishing Service

Friday Five 7/16

Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning

3 Top Tools for Defending Against Phishing Attacks

Friday Five 11/12

BSides Perth 2021 – Andre de Moeller Samarin & ‘There Are Plenty Of Phish In The Sea’

Cyber Defense Magazine – April 2019 has arrived. Enjoy it!

Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Phishing Awareness Training: Best Providers 2020

Choose Your Own Adventure game animates security awareness training

61 percent of employees fail basic cybersecurity quiz

Privacy Challenges in Relationships, Phishing Down but Vulnerabilities Up?

DEF CON 29 Main Stage – Jenko Hwong’s ‘New Phishing Attacks Exploiting OAuth Authentication Flows’

Veridium Named Winner in the Coveted Global InfoSec Awards During RSA Conference 2021

Nation-State Phishing: A Country-Sized Catch

Social Media: Thwarting The Phishing-Data Goldmine

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

Oscorp, a new Android malware targets Italian users

The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Friday Five: FCC Tightening Regulations, a Russian Botnet Taken Down, & More

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

Cisco was hacked by the Yanluowang ransomware gang

BSides Berlin 2021 – Sourya Biswas’ ‘Psychology Of The Phish: Leveraging the 7 Principles of Influence’

Analysis of the 2020 Verizon Data Breach Report

New data could help CISOs quantify the value of a strong security culture

Stay Connected