The Last Watchdog

JULY 27, 2023

Tel Aviv, Israel, July 27, 2023 — Perception Point , a leading provider of advanced threat prevention across digital communication channels, today published a new report analyzing global cyberattack trends in H1 2023 amidst the paradigm shift brought about by advances in generative AI (GenAI) capabilities.

Phishing 186

Phishing Social Engineering Engineering Media 186

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Use early detection tools like honeypots or CanaryTokens to counter attackers using tools like Nmap and Angry IP Scanner.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

Security Affairs

SEPTEMBER 2, 2023

Identity services provider Okta warned customers of social engineering attacks carried out by threat actors to obtain elevated administrator permissions. Okta is warning customers of social engineering attacks carried out in recent weeks by threat actors to obtain elevated administrator permissions.

Social Engineering 144

Social Engineering Engineering Authentication Accountability 144

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Tech Republic Security

JUNE 6, 2023

In Verizon’s just-released 2023 Data Breach Investigations Report, money is king, and denial of service and social engineering still hold sway. The post Verizon 2023 DBIR: DDoS attacks dominate and pretexting lead to BEC growth appeared first on TechRepublic.

DDOS 164

DDOS Social Engineering Data breaches Engineering 164

Security Boulevard

APRIL 18, 2023

Phishing attacks continue to be one of the most significant threats facing organizations today. As businesses increasingly rely on digital communication channels, cybercriminals exploit vulnerabilities in email, SMS, and voice communications to launch sophisticated phishing attacks.

Phishing 122

Phishing Social Engineering Education Retail 122

Security Affairs

NOVEMBER 21, 2024

Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks. ” reads the press release published by DoJ. In January 2024, U.S.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

SecureWorld News

JUNE 9, 2025

Global data reveals that cyberattacks rose by 131% between 2022 and 2023 across the aviation industry, with a 74 percent increase since 2020, underscoring the profundity of this threat. In the first half of 2023 alone, aviation cyberattacks surged by 24% worldwide, fueling disruptions from flight-planning systems to passenger services.

Cybersecurity 117

Cybersecurity Social Engineering Computers and Electronics Risk 117

Krebs on Security

JUNE 15, 2024

— and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. 0KTAPUS In August 2022, KrebsOnSecurity wrote about peering inside the data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Malwarebytes

MAY 1, 2023

Both Staffin and his employer were victims of business email compromise (BEC) , also known as CEO fraud, a type of social engineering attack. Social engineering attacks are cyberattacks where a criminal tricks a victim into doing something against their interests, such as revealing sensitive information of making a bank transfer.

Social Engineering 97

Social Engineering Small Business Engineering Banking 97

Security Affairs

OCTOBER 11, 2024

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. They also attempted to send malware-laden emails to OpenAI employees, but the spear-phishing campaign was detected and neutralized.

Malware 138

Malware Social Engineering Engineering Hacking 138

SecureWorld News

MAY 9, 2025

The development marks a significant escalation in COLDRIVER's cyber espionage activities, which have traditionally focused on credential phishing. The method, known as "ClickFix," leverages social engineering to bypass traditional email-based defenses. Cedric Leighton , CNN Military Analyst; U.S.

Malware 86

Malware Social Engineering Engineering Government 86

Duo's Security Blog

APRIL 20, 2023

Through the first two months of 2023 alone, the Australian Competition and Consumer Commission’s Scamwatch reported more than 19,000 phishing reports with estimated financial losses of more than $5.2 What is phishing? This is part of what makes phishing attacks so dangerous.

Phishing 106

Phishing Social Engineering Authentication Engineering 106

Security Affairs

MARCH 24, 2025

The Cloak ransowmare group has been active since at least 2023 and breached more than one hundred organizations across the years. Initially, the group published screenshots of stolen data as proof of the attack, now the whole archive can be downloaded from the leak page. ” reads a report published by Halcyon.

Ransomware 104

Ransomware Hacking Social Engineering Manufacturing 104

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 77

Phishing Banking Scams Mobile 77

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. billion (equal to USD 326 million) between 2021 and 2023. Notably, some of them were registered between September and November 2024.

Social Engineering 112

Social Engineering Phishing Banking DNS 112

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. Image credit: Amitai Cohen of Wiz. Twilio disclosed in Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

SecureWorld News

FEBRUARY 15, 2024

The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand. The hackers rely heavily on social engineering tactics to distribute the malware. GoldPickaxe is part of a suite of mobile banking trojans attributed to GoldFactory, including variants like GoldDigger and GoldDiggerPlus.

Social Engineering 103

Social Engineering Mobile Authentication Engineering 103

SecureWorld News

FEBRUARY 13, 2025

According to a 2023 study by Sumsub , deepfake fraud attempts increased by 704% between 2022 and 2023. Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions.

Social Engineering 85

Social Engineering Authentication Identity Theft Engineering 85

Security Affairs

OCTOBER 17, 2023

With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. This method was identified as vishing – a voice-based phishing attack. Why should employers educate employees about cyber security?

Social Engineering 139

Social Engineering Ransomware Engineering Phishing 139

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 134

Phishing Banking Mobile Scams 134

SecureList

NOVEMBER 28, 2022

Although the main types of threats (phishing, scams, malware, etc.) The list can go on, as cybercriminals are quick to adapt to new social, political, economic, and cultural trends, coming up with new fraudulent schemes to benefit from the situation. 2023 promises a wealth of new releases. Games and streaming services.

Education 137

Education Phishing Scams Social Engineering 137

SecureList

FEBRUARY 20, 2025

The number of high-severity incidents decreased by 34% compared to 2023. Human-driven targeted attacks accounted for 43% of high-severity incidents 74% more than in 2023 and 43% more than in 2022. User Execution and Phishing remain top threats. Human-driven targeted attacks are increasing.

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique was first disclosed in Poland in July 2023 and later observed in Czechia and other countries like Hungary and Georgia. SMS campaigns sent phishing links indiscriminately to Czech phone numbers.

Phishing 134

Phishing Mobile Banking Social Engineering 134

Anton on Security

APRIL 20, 2023

The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-) Mandiant M-Trends 2023 Detection by Source SURPRISING “Mandiant experts note a decrease in the percentage of global intrusions involving ransomware between 2021 and 2022.

Social Engineering 130

Social Engineering Ransomware Cybercrime Cyber Attacks 130

Malwarebytes

OCTOBER 11, 2023

In other news, both LockBit and the Akira ransomware gang, the latter of which has tallied 125 victims since we first began tracking them in April 2023, were confirmed last month to be exploiting a specific zero-day flaw ( CVE-2023-20269 ) in Cisco VPN appliances. In September, they had a staggering 53 victims.

Ransomware 140

Ransomware Social Engineering Backups Engineering 140

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 144

Phishing Marketing Scams Accountability 144

The Hacker News

SEPTEMBER 18, 2023

Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The fact that Google Authenticator syncs to

Social Engineering 135

Social Engineering Phishing Engineering Accountability 135

CyberSecurity Insiders

DECEMBER 21, 2022

However, while few things may be certain in life, with rising global conflicts, a looming recession, and the continued use of weak and breached credentials, we can be sure that more cyberattacks will be on the horizon in 2023. 2 – Cybersecurity budget cuts introduce new threats.

Social Engineering 134

Social Engineering Passwords Password Management Engineering 134

SecureList

NOVEMBER 9, 2022

What cyberthreats for business will be the greatest in 2023? The ongoing geopolitical storm brings not only classical cyberthreats for business, but also unpredictable risks and ‘black swans’ The main problem for 2023 will be supply-chain stability and cybersecurity. Threat modeling approaches will be changed in 2023.

Cybersecurity 144

Cybersecurity Cyber Insurance Cybercrime IoT 144

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 133

Social Engineering Authentication Accountability Engineering 133

Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. Big game attacks extort vast ransoms from organizations by holding their data hostage—either with encryption, the threat of damaging data leaks, or both.

Ransomware 131

Ransomware Cybercrime Malware Social Engineering 131

CyberSecurity Insiders

NOVEMBER 29, 2022

As we look forward to 2023 a number of emerging trends are top security areas that executives should focus. This area will continue to be an ongoing challenge for organizations in 2023. This challenge will continue in 2023 and we expect that the growth in this area will be in the double digits. Phishing Targeted Attacks.

Phishing 134

Phishing Mobile Ransomware Technology 134

SecureList

JUNE 26, 2023

According to a report by the Barracuda cybersecurity company, in 2021, businesses with fewer than 100 employees experienced far more social engineering attacks than larger ones. In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe.

Cybercrime 123

Cybercrime Phishing Banking Malware 123

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023.

Media 140

Media Social Engineering Ransomware Hacking 140

SecureList

JULY 5, 2023

Hence, cybercriminals have little motivation to invest heavily into phishing campaigns, and so, techniques used in email attacks on hot wallets are hardly ever original or complex. Sample phishing email that targets Coinbase users After the user clicks the link, they are redirected to a page where they are asked to enter their seed phrase.

Scams 131

Scams Phishing Cryptocurrency Accountability 131

Malwarebytes

FEBRUARY 4, 2025

Generative AI tools can more convincingly write phishing emails so that the tell-tale signs of a scamlike misspellings and clumsy grammarare all but gone. In 2023, Malwarebytes Labs subverted these boundaries to successfully get ChatGPT to write ransomware twice. But sometimes the AI pushes back. That could change in 2025.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144