eSecurity Planet

NOVEMBER 6, 2024

This data reportedly includes everything from names and addresses to Social Security numbers and bank account details. The stolen data reportedly includes highly personal information — names, dates of birth, Social Security numbers, bank account details, and even records of residents’ interactions with city services.

Ransomware 113

Ransomware Authentication Identity Theft Penetration Testing 113

Schneier on Security

MAY 30, 2025

And third, using flawed mental shortcuts, like believing PDFs to be safer than Microsoft Word documents, or that mobile devices are safer than computers for opening suspicious emails. Even if we do this all well and correctly, we can’t make people immune to social engineering.

Cybersecurity 222

Cybersecurity Scams Security Awareness Phishing 222

Malwarebytes

JUNE 10, 2025

Confusingly, even legitimate businesses now lean on outreach tactics that have long been favored by online scammers—asking people to scan QR codes, download mobile apps, and trade direct messages with, essentially, strangers. READ THE REPORT Here are some of the key findings: 77% of people worry about mobile scams and threats.

Scams 89

Scams Mobile Identity Theft Social Engineering 89

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. A month earlier, Dubai and Abu Dhabi Police warned citizens not to share their confidential information, including their account, card details or online banking credentials.

Social Engineering 115

Social Engineering Phishing Banking DNS 115

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples.

Accountability 94

Accountability Malware Banking Phishing 94

Thales Cloud Protection & Licensing

MAY 7, 2025

Todays threat actors use AI to craft compelling phishing campaigns and advanced social engineering tactics to slip past MFA, resulting in credential theft and account takeovers. Phishing-resistant MFA ensures that even if a bad actor deceives a user, they cannot get their hands on reusable credentials or compromise accounts.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

SecureList

DECEMBER 17, 2024

The agent requests shipping details We were notified the following day that our order had shipped and could be tracked with a special mobile app linked in a message from the manager. We reported the scam accounts and channels to Telegram, but the messaging service had done nothing to block them at the time of writing this.

Scams 92

Scams Malware Banking Social Engineering 92

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Consumers remained the primary target of financial cyberthreats, accounting for 73.69% of attacks.

Phishing 72

Phishing Banking Scams Mobile 72

Hacker's King

DECEMBER 25, 2024

However, its immense popularity has made it a target for malicious actors seeking unauthorized access to user accounts. Tools designed for password cracking often exploit weak security practices, but understanding these methods is vital for safeguarding your account. This is one of the most prevalent methods of account compromise.

Passwords 52

Passwords Social Engineering Accountability Scams 52

Malwarebytes

APRIL 24, 2025

They can then focus on finding and targeting victims with social engineering attacks, which Cleafy says they’ve been doing in Italy. The telephone number connects the victim to the attacker, who then persuades them to give up their PIN and log into their bank account.

Malware 93

Malware Banking Software Social Engineering 93

Zero Day

JUNE 22, 2025

Here's how to check if your accounts are at risk and what to do next. And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit.   Think you've been involved in a data breach?

Passwords 101

Passwords Data breaches Password Management Accountability 101

eSecurity Planet

MAY 1, 2025

RSA targets passwordless and help desk threats RSA unveiled a new enterprise-ready passwordless platform aimed at thwarting advanced identity attacks, especially those that attempt to bypass help desks using social engineering. Key findings: Smishing (SMS phishing) now makes up over two-thirds of mobile phishing attacks.

Cybersecurity 57

Cybersecurity Mobile Phishing Artificial Intelligence 57

SecureList

NOVEMBER 29, 2024

Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. IT threat evolution in Q3 2024 IT threat evolution in Q3 2024.

Energy and Utilities 98

Energy and Utilities Ransomware Malware Government 98

Security Affairs

JULY 10, 2025

No credit card, financial, or passport info was accessed, and Frequent Flyer accounts remain secure. million Phone number (mobile, landline and/or business) – 900,000 Gender – 400,000. Meal preferences – 10,000 Customer records are based on unique email addresses and customers with multiple email addresses may have multiple accounts.

Data breaches 83

Data breaches Social Engineering Engineering Accountability 83

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. They can open accounts in your name, apply for loans, and even file false tax returns.

Data breaches 75

Data breaches Identity Theft Passwords eCommerce 75

Malwarebytes

JUNE 9, 2025

Scammers are getting better at social engineering and are using Artificial Intelligence (AI) to sound more authentic and eliminate any spelling errors. Secure your accounts Change the passwords on all your online accounts, especially financial and email accounts. Importantly, acting quickly can limit the damage.

Scams 70

Scams Banking Artificial Intelligence Accountability 70

Security Boulevard

JANUARY 9, 2025

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

CISO 112

CISO Phishing Accountability Social Engineering 112

SecureList

MAY 28, 2025

The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates.

Banking 98

Banking Malware Encryption Energy and Utilities 98

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 76

Cybercrime Firewall Social Engineering Phishing 76

Zero Day

JULY 9, 2025

An incessant drumbeat of advice about how to choose and use strong passwords and how not to fall prey to social engineering attacks has done little to keep threat actors at bay.  The basic journey is the same on mobile, but there are some differences that I won't cover.

Passwords 84

Passwords Password Management Authentication Artificial Intelligence 84

Security Boulevard

JANUARY 15, 2025

Dont Mess With Texas Privacy: We will hold all these companies accountable, rants state attorney general Ken Paxton (pictured). The post Allstate Violates Drivers Privacy, Texas AG Alleges appeared first on Security Boulevard.

Accountability 95

Accountability Insurance Social Engineering Spyware 95

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Cloud services alerts increased by 20% due to rising cloud account usage, while malicious file alerts in phishing attacks remain high, exploiting users’ tendencies to open files.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Duo's Security Blog

APRIL 23, 2025

New threat types such as push-bombing, social engineering, and spear phishing are forcing organizations to do more than rely on MFA alone. But times change, and what solved our challenges in the past doesnt necessarily work today, at least not in the same form. Attacks have evolved.

Authentication 59

Authentication Risk Social Engineering Accountability 59

eSecurity Planet

FEBRUARY 6, 2025

These include password synchronization, enterprise SSO, federated SSO, web SSO, and mobile SSO: Password Synchronization: This is the simplest and most common form of SSO, where a single username and password are automatically updated and used across different systems or platforms.

Authentication 57

Authentication Passwords Mobile Encryption 57

Zero Day

JUNE 20, 2025

Here's how to check if your accounts are at risk and what to do next. And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit. Close Home Tech Security Heard about the 16 billion passwords leak?

Passwords 106

Passwords Data breaches Password Management Identity Theft 106

Security Boulevard

JUNE 2, 2025

Other students can benefit from networking by finding accountability partners, joining study groups, discovering new exploitation strategies, and staying emotionally grounded throughout this challenging process. The skills these courses help you develop are essential to advanced post-exploitation, red teaming, and custom implant engineering.

Penetration Testing 52

Penetration Testing Engineering Wireless Cybersecurity 52

SecureWorld News

APRIL 18, 2025

I once assumed our cloud backup vendor's SOC 2 covered mobile access; it didn't. Good responses are clear, specific, and show accountability. The key takeaway: even strong internal controls can be bypassed through social engineering. Never assume the report covers everything the vendor provides.

Risk 65

Risk Social Engineering Passwords Backups 65

Security Boulevard

APRIL 22, 2025

Your time-management strategy should also account for the maintenance of your own body: plan your meals in advance, step away from the screen while eating, and stay well hydrated. GitHub , GitLab , or OneNote ) Terminate unnecessary screen-sharing programs (e.g.,

Penetration Testing 52

Penetration Testing Engineering Risk Social Engineering 52

Krebs on Security

JULY 10, 2025

Scattered Spider is the name given to an English-speaking cybercrime group known for using social engineering tactics to break into companies and steal data for ransom, often impersonating employees or contractors to deceive IT help desks into granting access. ”

Cybercrime 242

Cybercrime Social Engineering Retail Mobile 242

Troy Hunt

MAY 5, 2025

Imagine you're logging on to a website like this: And, because you want to protect your account from being logged into by someone else who may obtain your username and password, you've turned on two-factor authentication (2FA). Let me start by very simply explaining the problem we're trying to solve with passkeys.

Passwords 314

Passwords Authentication Phishing Password Management 314

SecureWorld News

DECEMBER 27, 2024

and its allies must keep up; GenAI; mobile threats; RaaS makes it easier for the bad actors; non-human identity management; OT, IoT, and IIoT security and threats; cyber resiliency; SOC models; and improving cybersecurity education and programming. What the Practitioners Predict Jake Bernstein, Esq.,

Cybersecurity 123

Cybersecurity CISO Risk Government 123

Webroot

JULY 21, 2025

New devices, new online accounts, and relaxed summer screen habits could make your children vulnerable to a slew of online threats. Real-life risks in your child’s digital day Phishing & social engineering: Let’s say your teenage daughter gets a text that reads, “Your grades won’t post unless you verify your information now.”

Media 65

Media Passwords Password Management Scams 65

Malwarebytes

JULY 24, 2025

According to a new analysis from Malwarebytes, when compared to iPhone users, Android users share less of their personal information for promotional deals, more frequently use security tools, and more regularly create and manage unique passwords for their many online accounts. They also, it turns out, fall victim to fewer scams.

Scams 135

Scams Passwords Password Management Accountability 135

DoublePulsar

MAY 2, 2025

The individuals operating under the DragonForce banner and attacking UK high street retailers are using social engineering for entry. So you need to stop them gaining access via Microsoft 365, VPNs and Virtual Desktop systemsand/or be able to detect accounts goingrogue. DragonForces lovely PR team claim more are tocome.

Retail 92

Retail Ransomware Social Engineering Education 92

Security Boulevard

JUNE 18, 2025

Podcast TechstrongTV - Twitch Library Related Sites Techstrong Group Cloud Native Now DevOps.com Security Boulevard Techstrong Research Techstrong TV Techstrong.tv Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam Guardrails Breached: The New Reality of GenAI-Driven Attacks OAuth 2.0

Social Engineering 52

Social Engineering Data privacy Security Awareness Mobile 52

Krebs on Security

AUGUST 12, 2020

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. ” In short, although you may not be required to create online accounts to manage your affairs at your ISP, the U.S. .”

Accountability 362

Accountability Mobile Banking Passwords 362

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. This stolen booty reportedly included social security numbers, phone numbers, names, home addresses, unique IMEI numbers, and driver’s license information. This was not a sophisticated attack.

Data breaches 235

Data breaches Mobile Authentication Accountability 235