CSO Magazine

MARCH 28, 2022

Blame it on pandemic fatigue, remote work or just too much information, but employees appear to be lowering their guard when it comes to detecting social engineering tricks. Attackers were more successful with their social engineering schemes last year than they were a year earlier, according to Proofpoint.

Social Engineering 97

Social Engineering Engineering Phishing 97

Krebs on Security

AUGUST 21, 2020

“In mid-July 2020, cybercriminals started a vishing campaign—gaining access to employee tools at multiple companies with indiscriminate targeting — with the end goal of monetizing the access.” Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.

Social Engineering 363

Social Engineering VPN Authentication Engineering 363

Digital Guardian

JANUARY 25, 2021

SOX compliance, preventing social engineering attacks, and data classification. In this blog, we count down the most read blogs of 2020.

Social Engineering 111

Social Engineering Engineering 111

Security Affairs

OCTOBER 30, 2024

The group is known for the SolarWinds supply chain attack that in 2020 hit more than 18,000 customer organizations, including Microsoft. The emails were highly targeted, using social engineering lures relating to Microsoft, Amazon Web Services (AWS), and the concept of Zero Trust.”

Phishing 124

Phishing Social Engineering Government Hacking 124

Krebs on Security

APRIL 6, 2022

In some ways, the attacks from LAPSUS$ recall the July 2020 intrusion at Twitter , wherein the accounts for Apple, Bill Gates, Jeff Bezos, Kanye West, Uber and others were made to tweet messages inviting the world to participate in a cryptocurrency scam that promised to double any amount sent to specific wallets.

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. It just so happened that the year 2020 gave hackers a large number of powerful news topics, with the COVID-19 pandemic as the biggest of these.

Mobile 145

Mobile Malware Adware Banking 145

Krebs on Security

NOVEMBER 21, 2020

2019 that wasn’t discovered until April 2020. In response to questions from KrebsOnSecurity, GoDaddy acknowledged that “a small number” of customer domain names had been modified after a “limited” number of GoDaddy employees fell for a social engineering scam. and 11:00 p.m. PST on Nov.

Cryptocurrency 364

Cryptocurrency Scams Social Engineering VPN 364

Krebs on Security

AUGUST 19, 2021

billion in 2020. “For decades, West African scammers, primarily located in Nigeria, have perfected the use of social engineering in cybercrime activity.” Image: FBI. DON’T QUIT YOUR DAY JOB.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Krebs on Security

FEBRUARY 17, 2021

million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York. million in August 2020 from a financial services company based in New York. Image: CISA.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

Krebs on Security

JANUARY 24, 2020

In the case of e-hawk.net, however, the scammers managed to trick an OpenProvider customer service rep into transferring the domain to another registrar with a fairly lame social engineering ruse — and without triggering any verification to the real owners of the domain. ” REGISTRY LOCK.

DNS 334

DNS Social Engineering Engineering Accountability 334

SecureList

JULY 21, 2021

This article contains some analytical findings from Managed Detection and Response (MDR) operations during Q4 2020. In Q4 2020, the average number of collected raw events from one host was around 15 000. Social engineering. What is Kaspersky MDR. Data processing pipeline and security operations. DDOS/DOS with impact.

Social Engineering 120

Social Engineering Engineering Adware Technology 120

Security Affairs

MARCH 3, 2021

The Perl.com domain was hijacked in January, but a senior editor at the site revealed that the hackers took control of the domain in September 2020. The Perl.com domain was hijacked in January 2021, but according to Brian Foy , senior editor of Perl.com, the attack took place months before, in September 2020. ” added Foy.

Social Engineering 126

Social Engineering Malware Hacking Engineering 126

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. This rapid growth owes a lot to the surge in mobile gaming and focus on social interaction during the pandemic. Pandemic-related statistics cover the period of January 2020 through June 2021.

Adware 140

Adware Mobile Malware Phishing 140

Malwarebytes

MARCH 17, 2021

The so-called “mastermind” behind the 2020 Twitter hack that compromised the accounts of several celebrities and public figures—including President Barack Obama, Bill Gates, and Elon Musk—pleaded guilty to several charges on Tuesday in a Florida court. He will also earn credit for the 229 days that he has already spent in jail.

Hacking 110

Hacking Social Engineering Scams Accountability 110

SecureWorld News

FEBRUARY 13, 2025

Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions. Deepfakes are revolutionizing social engineering attacks, making them more deceptive and harder to detect.

Social Engineering 84

Social Engineering Authentication Identity Theft Engineering 84

Krebs on Security

JANUARY 19, 2021

The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. 2015 by criminals who social engineered PayPal employees over the phone into changing my password and bypassing multi-factor authentication.

Identity Theft 349

Identity Theft Government Accountability Social Engineering 349

SecureWorld News

JUNE 9, 2025

Global data reveals that cyberattacks rose by 131% between 2022 and 2023 across the aviation industry, with a 74 percent increase since 2020, underscoring the profundity of this threat. Aircraft themselves are nodes on data networks, constantly transmitting telemetry, engine performance metrics, and passenger connectivity data.

Cybersecurity 116

Cybersecurity Social Engineering Computers and Electronics Risk 116

SecureWorld News

NOVEMBER 6, 2024

To gain support, highlight how Zero Trust mitigates current threats like the SolarWinds supply chain attack in 2020, which exposed vulnerabilities in traditional defenses. Deepfake social engineering: Deepfakes can mimic legitimate users to manipulate access. These evolving threats often exploit gaps in traditional security.

Social Engineering 103

Social Engineering Authentication Architecture Ransomware 103

Adam Levin

AUGUST 26, 2020

In 2020 alone, we’ve seen ransomware attacks bring the operations of international corporations and high-powered law firms to a standstill. Since email addresses and phone numbers are sensitive personal information that can be used in social engineering, you may want to consider the adoption of these email security tips.

Backups 246

Backups Education Social Engineering Engineering 246

The Hacker News

JANUARY 26, 2021

An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information.

Phishing 124

Phishing Social Engineering Manufacturing Engineering 124

Hot for Security

MARCH 24, 2021

Fraud losses climbed to $56 billion in 2020 and identity fraud scams accounted for a staggering $43 billion of that cost, according to a new report. As consumers relied increasingly on digital payment products during 2020, identity fraud scams kept pace with this shift in behavior, the report reveals.

Scams 122

Scams Accountability Authentication Internet 122

Daniel Miessler

MAY 19, 2021

Top three patterns in breaches were: social engineering, basic web application attacks, and system intrusion. Top three patterns in incidents were: denial of service, basic web application attacks, and social engineering. Ransomware doubled from 5% of breaches to 10% in 2020. 61% of breaches involved credentials.

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

Krebs on Security

FEBRUARY 25, 2021

Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. A new report (PDF) from the Labor Department’s Office of Inspector General (OIG) found that from March through October of 2020, some $3.5

Scams 336

Scams Insurance DDOS Authentication 336

Krebs on Security

JANUARY 30, 2024

2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software. Twilio disclosed in Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

APRIL 20, 2023

This ongoing North Korean espionage campaign using LinkedIn was first documented in August 2020 by ClearSky Security , which said the Lazarus group operates dozens of researchers and intelligence personnel to maintain the campaign globally. Microsoft Corp.

Malware 331

Malware Software Technology Accountability 331

Krebs on Security

OCTOBER 2, 2023

These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners to phishing and other social engineering attacks. Image: @Pressmaster on Shutterstock. And that was from just a few minutes of searching.

Encryption 323

Encryption Engineering Social Engineering Healthcare 323

Security Affairs

FEBRUARY 9, 2021

The two CSRF vulnerabilities, tracked as CVE-2020-35942, were discovered by researchers at security firm Wordfence. An attacker could trigger the flaws with social engineering techniques by tricking WordPress admins into clicking specially crafted links or attachments to perform malicious actions.

Social Engineering 131

Social Engineering Firewall Engineering Phishing 131

SecureWorld News

MAY 11, 2023

RELATED: Famous Twitter Accounts Hacked: Insider Threat or Social Engineering Attack? ] Lastly, the DOJ says that O'Connor stalked and threatened a minor victim in June and July 2020, orchestrating a series of swatting attacks on this third victim. Now, the U.S.

Accountability 97

Accountability Social Engineering Hacking Media 97

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

Security Affairs

NOVEMBER 18, 2020

“We’re tracking an active credential phishing attack targeting enterprises that uses multiple sophisticated methods for defense evasion and social engineering,” reads a message published by Microsoft via Twitter. pic.twitter.com/YpUVEfmlUH — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2020.

Phishing 144

Phishing Social Engineering Passwords Security Intelligence 144

Duo's Security Blog

FEBRUARY 25, 2021

In this report, we walk through a real-world case study of how a socially engineered phishing attack worked on a popular company, and show you some steps on how it could have been prevented. This report guides you through some big questions and answers about phishing, including: What is social engineering?

Phishing 106

Phishing Social Engineering Engineering Authentication 106

Security Affairs

AUGUST 2, 2021

According to the 2020 Insider Threat Report , contractors, service providers, and temporary workers pose the greatest risk to 50% of organizations. The cleaner’s insider access takes care of the physical access challenge, while detachment to the organization makes the individual more susceptible to social engineering.

Social Engineering 139

Social Engineering Healthcare Engineering Hacking 139

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Cryptocurrency 140

Cryptocurrency Social Engineering Computers and Electronics Engineering 140

CyberSecurity Insiders

FEBRUARY 22, 2022

And security experts from Check Point believe that the malicious software has so far targeted over 140,000 victims since November 2020, hitting high profile victims including those on PayPal, Microsoft, Amazon, Bank of America and Wells Fargo.

Malware 122

Malware Social Engineering Banking Phishing 122

Security Affairs

MAY 11, 2020

Researchers discovered two security flaws impacting Oracle’s iPlanet Web Server, tracked as CVE-2020-9315 and CVE-2020-9314, that could cause sensitive data exposure and limited injection attacks. The CVE-2020-9314 issue resides in the “productNameSrc” parameter of the console.

Social Engineering 126

Social Engineering Phishing Advertising Encryption 126

Malwarebytes

FEBRUARY 15, 2021

The UK’s National Crime Agency (NCA)—working alongside the US Secret Service, Homeland Security, the FBI, Europol, and the District Attorney’s Office of Santa Clara California—spearheaded the arrest of eight British citizens in the UK and Scotland, aged between 18 to 26, for a string of SIM swapping attacks that occurred in 2020.

Social Engineering 141

Social Engineering Cryptocurrency Accountability Authentication 141

The Last Watchdog

APRIL 14, 2022

For starters, attackers leverage social engineering tactics and information gleaned from websites and social media profiles to determine employees’ working relationships and connections. billion in annual losses during 2020, resulting from 19,369 incidents. Prevention is the cure.

Phishing 247

Phishing Accountability Scams Authentication 247