The Last Watchdog

MARCH 28, 2025

Mar 28, 2025, CyberNewswire — From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Palo Alto, Calif., Critically, attackers can also gain access to all shared drives, including those shared by colleagues, customers and other third parties.

Antivirus 147

Antivirus Ransomware Social Engineering Engineering 147

SecureWorld News

MAY 28, 2025

In early May 2025, two of the United Kingdom's best-known grocers, Marks & Spencer (M&S) and the Co-op, as well as luxury retailer Harrods, were struck by sophisticated social-engineering attacks that tricked IT teams into resetting critical passwords and deploying ransomware across their networks.

Retail 105

Retail Social Engineering Passwords Ransomware 105

SecureWorld News

FEBRUARY 25, 2025

The 49-page report, " Google Cloud AI Business Trends 2025 ," confirms that AI is becoming an essential tool for both cybersecurity teams and malicious actors. One of the report's most pressing concerns is the role of Generative AI in social engineering attacks.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95

Security Boulevard

MARCH 20, 2025

The just released ThreatLabz 2025 AI Security Report examines the intersection of enterprise AI usage and security, drawing insights from 536.5 For the full analysis and security guidance, download the ThreatLabz 2025 AI Security Report now. billion AI/ML transactions in the Zscaler Zero Trust Exchange.

Social Engineering 76

Social Engineering Phishing Risk Insurance 76

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Organizations should implement domain monitoring, enforce DMARC policies, and train employees to recognize social engineering methods.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

SecureWorld News

APRIL 22, 2025

This incident highlights the critical vulnerability in cryptocurrency communities, where high-net-worth individuals or executives may be more prone to social engineering attacks due to the high volume of media and investor engagement they handle. billion hack of the Bybit exchange in February 2025.

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

The Last Watchdog

JANUARY 30, 2025

30, 2025, CyberNewswire — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. Palo Alto, Calif., This allows the extension to directly interact with local apps without further authentication.

Social Engineering 130

Social Engineering Engineering Authentication Accountability 130

SecureWorld News

OCTOBER 3, 2023

And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.

Social Engineering 109

Social Engineering Phishing Engineering Technology 109

SecureWorld News

MAY 9, 2025

The malware has been observed in campaigns as recent as April 2025, targeting advisors to Western governments and militaries, journalists, think tanks, NGOs, and individuals connected to Ukraine. The method, known as "ClickFix," leverages social engineering to bypass traditional email-based defenses.

Malware 86

Malware Social Engineering Engineering Government 86

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Aircraft themselves are nodes on data networks, constantly transmitting telemetry, engine performance metrics, and passenger connectivity data.

Cybersecurity 117

Cybersecurity Social Engineering Computers and Electronics Risk 117

Jane Frankland

MAY 16, 2025

Fraudsters use AI, social engineering, and emotional manipulation to steal not just money, but also trust, time, and peace of mind. The Ultimate Guide to Scams in the UK, in 2025 Fraudsters are blending cutting-edge tech with emotional manipulation to con even the most cautious. And it’s hitting home: 11.4

Scams 130

Scams Password Management Passwords Banking 130

eSecurity Planet

MAY 1, 2025

The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies. This years theme (Many Voices. This years updates: Complete lifecycle support for passwordless security.

Cybersecurity 57

Cybersecurity Mobile Phishing Artificial Intelligence 57

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error. High-profile breaches illustrate the devastating impact of credential-based attacks.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

BH Consulting

MAY 28, 2025

Common ways of infiltrating victim organisations include social engineering against employees and stolen credentials. Giving the example of a fictitious company that develops an AI app, she said that the company could publish a corporate and social responsibility (CSR) report, branded to look like its being responsible.

Scams 59

Scams Passwords Insurance Technology 59

The Hacker News

APRIL 23, 2025

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.

Social Engineering 111

Social Engineering Engineering Accountability 111

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples.

Accountability 100

Accountability Malware Banking Phishing 100

SecureList

NOVEMBER 25, 2024

In this article in the KSB series, we review the trends of the past year, reflect on the predictions we made for 2024 , and offer insights into what we can expect in 2025. The attackers employed social engineering techniques to gain persistent access to the software development environment and remained undetected for years.

IoT 119

IoT Energy and Utilities Phishing Cryptocurrency 119

eSecurity Planet

MARCH 14, 2025

First detected in December 2024 and persisting into early 2025, the threat targets hospitality organizations across North America, Oceania, Asia, and Europe. Heres what comes next: These emails lure victims with urgent requests, from resolving guest review issues to verifying account information.

Phishing 63

Phishing Malware Social Engineering Authentication 63

SecureWorld News

MARCH 13, 2025

While the AI-generated malware in this case required manual intervention to function, the fact that these systems can produce even semi-functional malicious code is a clear signal that security teams need to adapt their strategies to account for this emerging threat vector."

Malware 112

Malware Cybersecurity Cyber threats Threat Detection 112

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Consumers remained the primary target of financial cyberthreats, accounting for 73.69% of attacks. Mamont was the most active Android malware family, accounting for 36.7% million detections compared to 5.84

Phishing 77

Phishing Banking Scams Mobile 77

Security Boulevard

MARCH 11, 2025

Microsoft patched 56 CVEs in its March 2025 Patch Tuesday release, with six rated critical, and 50 rated as important. Important CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability CVE-2025-26633 is a security feature bypass vulnerability in the Microsoft Management Console (MMC).

Social Engineering 69

Social Engineering DNS Engineering Authentication 69

SecureList

MAY 28, 2025

The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates. 2025: Latest campaign In mid-January of 2025, we identified new samples indicating an updated version of Zanubis.

Banking 107

Banking Malware Energy and Utilities Encryption 107

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams 73

Scams Cybercrime Phishing Social Engineering 73

Security Affairs

FEBRUARY 8, 2024

Cyber Skills Gap: By 2025, there could be 3.5 trillion annually by 2025, rising by 15% each year. trillion annually by 2025, rising by 15% each year. Healthcare Spending: From 2020 to 2025, the healthcare sector plans to spend $125 billion on cyber security to tackle its vulnerability.

Social Engineering 142

Social Engineering Cyber Attacks Cyber Insurance IoT 142

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. They can open accounts in your name, apply for loans, and even file false tax returns.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72

Digital Shadows

NOVEMBER 13, 2024

While 2024 generally saw the same tried-and-true techniques, 2025 is expected to bring new vulnerabilities and increased targeting of certain organizations by hacktivist groups due to geopolitical shifts. In 2025, we anticipate more vishing (voice phishing) and fake IT helpdesk scams targeting English-speaking firms.

Social Engineering 59

Social Engineering Cybersecurity DDOS Ransomware 59

NetSpi Executives

DECEMBER 3, 2024

The cybersecurity landscape is always changing, and 2025 is a continuation of this evolution. An opportunity to rethink resilience, innovation, and accountability in cybersecurity. An opportunity to rethink resilience, innovation, and accountability in cybersecurity.

Cybersecurity 59

Cybersecurity CISO Social Engineering Accountability 59

Security Boulevard

JANUARY 22, 2025

My favorite quotes from the report followbelow: Nearly half (46.4%) of the observed security alerts were due to overprivileged service accounts. As I said in other THR blogs, the main news here is that there is no news; a lot of cloud security problems in 2025 are 2020 problems, at best. These attacks accounted for 17.1%

Passwords 69

Passwords Social Engineering Accountability Cybersecurity 69

Security Boulevard

JANUARY 14, 2025

10 Critical 147 Important 0 Moderate 0 Low Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs publicly disclosed prior to patches being made available. All three vulnerabilities were assigned a CVSSv3 score of 7.8

Artificial Intelligence 52

Artificial Intelligence Authentication Social Engineering Accountability 52

Thales Cloud Protection & Licensing

APRIL 7, 2025

Identity at a Crossroads: Why Existential Identity Matters madhav Tue, 04/08/2025 - 04:31 Imagine waking up one morning to find your digital identity compromised your accounts hijacked, your access revoked, and your data in someone elses hands. Are We Sacrificing Safety for Simplicity? But at what cost?

Authentication 62

Authentication Identity Theft Digital transformation Passwords 62

Security Through Education

JANUARY 21, 2025

Password sharing, and the use of personal information in passwords, can drastically reduce the security of your online accounts and information. Uniqueness: Using a different password for each account helps reduce the chance of a single breach impacting multiple accounts. Storage: A shared secret is not a secret!

Social Engineering 52

Social Engineering Passwords Engineering Password Management 52

Security Through Education

JANUARY 21, 2025

Password sharing, and the use of personal information in passwords, can drastically reduce the security of your online accounts and information. Uniqueness: Using a different password for each account helps reduce the chance of a single breach impacting multiple accounts. Storage: A shared secret is not a secret!

Social Engineering 52

Social Engineering Passwords Engineering Password Management 52

Digital Shadows

NOVEMBER 14, 2024

While 2024 generally saw the same tried-and-true techniques, 2025 is expected to bring new vulnerabilities and increased targeting of certain organizations by hacktivist groups due to geopolitical shifts. In 2025, we anticipate more vishing (voice phishing) and fake IT helpdesk scams targeting English-speaking firms.

Social Engineering 52

Social Engineering Cybersecurity DDOS Ransomware 52

Security Affairs

JANUARY 12, 2025

cannabis dispensary STIIIZY disclosed a data breach A novel PayPal phishing campaign hijacks accounts Banshee macOS stealer supports new evasion mechanisms Researchers disclosed details of a now-patched Samsung zero-click flaw Phishers abuse CrowdStrike brand targeting job seekers with cryptominer China-linked APT group MirrorFace targets Japan U.S.

Data breaches 62

Data breaches Phishing Social Engineering Engineering 62

Digital Shadows

JANUARY 14, 2025

To gain access to internal networks, Akira targeted local accounts with disabled multifactor authentication (MFA) and SonicOS firmware versions vulnerable to exploitation, often exposed to the internet for virtual private network (VPN) access.

Ransomware 126

Ransomware Social Engineering Phishing Manufacturing 126

Andrew Hay

DECEMBER 10, 2024

As we approach 2025, the ever-evolving landscape of cybersecurity continues to challenge professionals and organizations alike. In 2025, adversaries will use AI more effectively to bypass traditional defences. At the same time, social engineering attacks will grow more nuanced, targeting emotional and psychological vulnerabilities.

Cybersecurity 52

Cybersecurity IoT Artificial Intelligence Social Engineering 52