Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. You can find the full 2025 State of Malware report here.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

IT Security Guru

JANUARY 9, 2025

As we begin the New Year, it offers a chance for reflection on 2024 and to consider what we can do as security professionals and business leaders in 2025 that will keep us relevant and in the best position to counter cyber threats going forward. In the face of evolving cybersecurity threats, protecting privileged accounts is essential.

Cybersecurity 113

Cybersecurity Cyber threats Architecture Digital transformation 113

SecureWorld News

FEBRUARY 3, 2025

and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. Organizations should enforce least privilege access and enable multi-factor authentication (MFA) on all accounts that have it available.

Phishing 112

Phishing Cybercrime Scams Authentication 112

Malwarebytes

MARCH 26, 2025

A new phishing campaign that uses the fake CAPTCHA websites we reported about recently is targeting hotel staff in a likely attempt to access customer data, according to research from ThreatDown. Monitor your accounts. Check your accounts periodically for unexpected changes and notifications of suspicious login attempts.

Phishing 123

Phishing Malware Passwords Password Management 123

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services 121

Financial Services Passwords Accountability Antivirus 121

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Below is an exhaustive list of key cybersecurity trends to watch out for in 2025. Supply Chain Security on the Rise In 2025, the supply chain will remain a major cybersecurity risk.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Malwarebytes

APRIL 22, 2025

Cybercriminals are abusing Googles infrastructure, creating emails that appear to come from Google in order to persuade people into handing over their Google account credentials. Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. Instead create an account on the service itself.

Risk 145

Risk Accountability Scams Phishing 145

SecureWorld News

APRIL 23, 2025

In its 17th edition, Verizon's 2025 Data Breach Investigations Report (DBIR) continues to deliver one of the most comprehensive analyses of cyber incidents worldwide. Phishing accounted for nearly 25% of all breaches. More concerning: Verizon found that 50% of users who open phishing emails do so within the first hour.

Ransomware 101

Ransomware CISO Backups Risk 101

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

SecureList

DECEMBER 16, 2024

Verdict: prediction not fulfilled Our predictions for 2025 Data breaches through contractors When abusing company-contractor relationships (trusted relationship attacks), threat actors first infiltrate a supplier’s systems and then gain access to the target organization’s infrastructure or data.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Malwarebytes

APRIL 8, 2025

Brand impersonation: from Google ad to phishing page Accounting and tax preparation software has traditionally been a common lure for scammers, particularly those related to online support operating out of large call centres in India and surrounding areas. Malicious QuickBooks domains quicckboocks-accounting[.]com

Phishing 85

Phishing Scams Accountability Authentication 85

Graham Cluley

JUNE 5, 2025

ⓘ MailerLite warns of phishing campaign Graham Cluley @ 4:13 pm, June 5, 2025 @grahamcluley.com @ [email protected] The team at MailerLite have contacted their customers warning them about a phishing campaign that is trying to steal login details. Winner of the best new podcast award in 2025. Integrated 2FA.

Phishing 61

Phishing Accountability Passwords Hacking 61

Security Affairs

JUNE 11, 2025

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access.

Cybercrime 112

Cybercrime Data collection Scams Cyber threats 112

Krebs on Security

DECEMBER 29, 2024

In these attacks, the phishers abused at least four different Google services to trick targets into believing they were speaking with a Google representative, and into giving thieves control over their account with a single click. Here’s to a happy, healthy, wealthy and wary 2025. Hope to see you all again in the New Year!

Scams 241

Scams Cybercrime Cryptocurrency Social Engineering 241

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Use early detection tools like honeypots or CanaryTokens to counter attackers using tools like Nmap and Angry IP Scanner.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

Krebs on Security

MAY 7, 2025

The DOJ’s indictment includes no additional details about eWorldTrade’s business, origins or other activity, and at first glance the website might appear to be a legitimate e-commerce platform that also just happened to sell some restricted chemicals A screenshot of the eWorldTrade homepage on March 25, 2025. Image: archive.org.

Scams 270

Scams Marketing Advertising Technology 270

Thales Cloud Protection & Licensing

JANUARY 31, 2025

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA andrew.gertz@t Fri, 01/31/2025 - 15:17 Celebrate Change Your Password Day and 2FA Day by embracing passkeys and phishing-resistant 2FA. Start by auditing and updating passwords for all your critical accounts. This reality might be closer than you think.

Phishing 62

Phishing Passwords Password Management Authentication 62

eSecurity Planet

MARCH 14, 2025

A recent phishing campaign has raised alarms among cybersecurity professionals after it impersonated Booking.com to deliver a suite of credential-stealing malware. First detected in December 2024 and persisting into early 2025, the threat targets hospitality organizations across North America, Oceania, Asia, and Europe.

Phishing 63

Phishing Malware Social Engineering Authentication 63

Security Boulevard

MARCH 24, 2025

This is a news item roundup of privacy or privacy-related news items for 16 MAR 2025 - 22 MAR 2025. While MFA is primarily a security feature, its primary privacy benefit is adding another layer of security to prevent unauthorized access to information contained in particular important or sensitive accounts.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

The Last Watchdog

MARCH 19, 2025

19, 2025, CyberNewswire — The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. For further insights, the full 2025 SpyCloud Identity Exposure Report is available here. Austin, TX, Ma.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Thales Cloud Protection & Licensing

APRIL 22, 2025

The AI Bot Epidemic: The Imperva 2025 Bad Bot Report madhav Tue, 04/22/2025 - 17:10 The ubiquity of accessible AI tools has lowered the barrier to entry for threat actors, helping them create and deploy malicious bots at an unprecedented scale. The surge in AI-driven bot creation has serious implications for businesses worldwide.

Digital transformation 62

Digital transformation Accountability Risk Internet 62

Thales Cloud Protection & Licensing

MARCH 18, 2025

Thales OneWelcome Identity Platform and HIPAA Compliance in 2025 madhav Wed, 03/19/2025 - 05:58 The Health Insurance Portability and Accountability Act (HIPAA) has undergone significant changes in 2025, introducing enhanced requirements to address growing cyber threats and ensure comprehensive data protection.

Healthcare 62

Healthcare Encryption Authentication Penetration Testing 62

Krebs on Security

MAY 28, 2025

A report from the Pakistani media outlet Dawn states that authorities there arrested 21 people alleged to have operated Heartsender, a spam delivery service whose homepage openly advertised phishing kits targeting users of various Internet companies, including Microsoft 365, Yahoo, AOL, Intuit, iCloud and ID.me.

Malware 196

Malware Cybercrime Antivirus Scams 196

Thales Cloud Protection & Licensing

DECEMBER 17, 2024

Application and API Security in 2025: What Will the New Year Bring? madhav Wed, 12/18/2024 - 05:24 As we step into 2025, the critical importance of application and API security has never been more evident. Compounding the challenge, 46% of Account Takeover (ATO) attacks focused on API endpoints, up from 35% in 2022.

Risk 71

Risk Digital transformation Software Technology 71

Duo's Security Blog

JUNE 2, 2025

Identiverse 2025 is this week in Las Vegas, and the Duo team couldnt be more excited to engage with the brightest minds in identity and access management (IAM). From June 36, 2025, the identity community will gather in Las Vegas to share groundbreaking innovations, critical insights, and strategies for addressing todays identity challenges.

Phishing 59

Phishing Engineering Risk Authentication 59

Security Boulevard

MARCH 20, 2025

The just released ThreatLabz 2025 AI Security Report examines the intersection of enterprise AI usage and security, drawing insights from 536.5 For the full analysis and security guidance, download the ThreatLabz 2025 AI Security Report now. billion AI/ML transactions in the Zscaler Zero Trust Exchange.

Social Engineering 76

Social Engineering Phishing Risk Insurance 76

The Last Watchdog

FEBRUARY 4, 2025

4, 2025, CyberNewswire — SpyClouds Identity Threat Protection solutions spearhead a holistic identity approach to security, illuminating correlated hidden identity exposures and facilitating fast, automated remediation. Austin, TX, Feb.

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Security Affairs

APRIL 7, 2025

. “PoisonSeed threat actors are targeting enterprise organizations and individuals outside the cryptocurrency industry.They have been phishing CRM and bulk email providers credentials to export email lists and send bulk spam from the accounts. ” reads the report published by Silent Push. These are later used to steal funds.

Scams 74

Scams Cryptocurrency Phishing Cybercrime 74

Thales Cloud Protection & Licensing

FEBRUARY 11, 2025

Together for a Better Internet: Celebrating Safer Internet Day 2025 andrew.gertz@t Tue, 02/11/2025 - 14:57 At a time when technology is integral to our lives, Safer Internet Day (SID) has never been more relevant. By holding platforms to account and mandating guardrails, the DSA aims to make the internet a safer place.

Internet 62

Internet Internet Education Technology 62

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. Lured in by similar color schemes, company logos, and familiar layouts, victims log in to their account by entering their username and password.

Small Business 93

Small Business Cybersecurity Scams Passwords 93

Security Boulevard

MARCH 31, 2025

This is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 - 29 MAR 2025. Proton Drive and Docs now support collaboration with users without Proton accounts Proton Proton users can now collaborate on documents with anyone -- including those without Proton accounts. of its photos app.

VPN 59

VPN Surveillance Malware Data breaches 59

Thales Cloud Protection & Licensing

DECEMBER 17, 2024

Application and API Security in 2025: What Will the New Year Bring? madhav Wed, 12/18/2024 - 05:24 As we step into 2025, the critical importance of application and API security has never been more evident. Compounding the challenge, 46% of Account Takeover (ATO) attacks focused on API endpoints, up from 35% in 2022.

Risk 62

Risk Technology CISO Threat Detection 62

Webroot

MAY 5, 2025

Phishing attacks are a significant threat to consumers, with cybercriminals constantly evolving their tactics to deceive unsuspecting individuals. The integration of artificial intelligence (AI) into phishing schemes has made these attacks even more sophisticated and challenging to detect. How AI enhances phishing attacks 1.

Phishing 62

Phishing Education Antivirus Artificial Intelligence 62

Jane Frankland

MAY 16, 2025

The Ultimate Guide to Scams in the UK, in 2025 Fraudsters are blending cutting-edge tech with emotional manipulation to con even the most cautious. From AI-generated voices to realistic websites and stolen accounts, scams today are slick, fast, and global. Impersonation and Fake Accounts Unfamiliar or spoofed sender addresses (e.g.,

Scams 130

Scams Password Management Passwords Banking 130

Security Boulevard

FEBRUARY 17, 2025

This is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 - 15 FEB 2025. The more accounts you have, the bigger your attack surface and potential exposure to data breaches. The more accounts you have, the bigger your attack surface and potential exposure to data breaches. CVE-2025-21418.

Surveillance 52

Surveillance Data breaches VPN Malware 52

eSecurity Planet

MAY 1, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. AI phishing coach: This tool replaces traditional, static training with real-time, personalized coaching.

Cybersecurity 57

Cybersecurity Mobile Phishing Artificial Intelligence 57

eSecurity Planet

APRIL 2, 2025

Although Hudson Rock flagged the credentials years ago, Samsung reportedly failed to rotate or secure them, allowing the hacker to access the system years later, in 2025, and release the data. Identity theft and account takeover: By impersonating customers using leaked support tickets, hackers can gain unauthorized access to accounts.

Identity Theft 122

Identity Theft Scams Cybersecurity Accountability 122