Graham Cluley

JUNE 5, 2025

Skip to content Graham Cluley Cybersecurity and AI keynote speaker BOOK ME Speaking · Writing · Podcasts · Video · Contact · About · Games 🔍 ⁠This weeks sponsor: Proton Pass - Easily create unique, secure passwords. Sync across unlimited devices. Integrated 2FA. Found this article interesting?

Phishing

Security Affairs

APRIL 30, 2025

. “The analyses of the TTPs used during APT28 campaigns since 2021 and the recommendations published in October of 2023 remain relevant and may be consulted on the website of the CERT-FR” APT28’s attack chain begins with phishing and brute-force attacks, along with zero-day exploitation (e.g. CVE-2023-23397 ).

Government

The Last Watchdog

JUNE 9, 2025

Users can book a demo time in advance here. Powered by AI, Browser Total offers CISOs and security teams a comprehensive, hands-on environment to test browser security defenses against today’s most sophisticated threats.

Risk

The Hacker News

JUNE 27, 2025

The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians' Convention on Tibet (WPCT), China's education policy in the Tibet Autonomous Region (TAR), and a recently published book by the 14th Dalai Lama,

Malware

Jane Frankland

JUNE 27, 2025

” This observation, from Chris Hayes’ book T he Sirens’ Call: How Attention Became the World’s Most Endangered Resource cuts to the heart of a growing challenge in every domain of modern society. It’s why we train employees, run phishing simulations, and issue compliance mandates.

Cybersecurity

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Employee training is paramount as staff awareness can thwart phishing and social-engineering attempts before any significant damage occurs.

Cybersecurity

Malwarebytes

MARCH 17, 2025

38% of people said they will book their next travel opportunity through a general search, which could leave them vulnerable to malvertising. Take, for example, the 38% of people who told Malwarebytes that they would conduct a general search online in booking their next vacation.

Scams

SecureWorld News

FEBRUARY 17, 2025

AI-enabled threats: Attackers are using AI to automate phishing, generate deepfakes, and bypass traditional security measures. As I look to explore this issue a possible book , what are your thoughts on the future of cybersecurity governance? It must evolve as rapidly as the threats it seeks to mitigate. I would welcome your options.

Government

Malwarebytes

FEBRUARY 4, 2025

AI chat tools like ChatGPT, Google Gemini, and Claudefrom OpenAI competitor Anthropiccan brainstorm ideas for marketing materials, write book reports, compose poems, and even review human-written text for legibility. They can even mimic the styles of famous artists, like Van Gogh, Rembrandt, and Picasso. That could change in 2025.

Artificial Intelligence

Hacker's King

OCTOBER 22, 2024

With increasing threats, such as ransomware, data breaches, and phishing attacks, the demand for skilled cybersecurity experts is on the rise. Writing books, offering online courses, speaking at conferences, and being active on social media can create additional streams of income.

Cybersecurity

The Last Watchdog

JUNE 30, 2025

Users can instruct these agents to automate browser-based tasks such as flight bookings, scheduling meetings, sending emails, and even simple research tasks. Browser AI Agents are software applications that act on behalf of users to access and interact with web content.

Security Awareness

Malwarebytes

MAY 28, 2025

Over a year ago the FBI warned about what was then a new form of smishing (phishing via SMS) scam: text messages that demanded payment for toll fees. The FTCs 2024 Annual Data Book shows that 16% of the reported fraud attempts were text-based, with a criminal revenue of some $470 Million.

Scams

Penetration Testing

MARCH 15, 2025

A sophisticated phishing campaign impersonating Booking.com is targeting organizations in the hospitality industry, using a novel social engineering The post Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware appeared first on Cybersecurity News.

Phishing

BH Consulting

JULY 30, 2025

“We know that if you’re giving advice to an older person living at home, you can say: ‘write down your passwords in a little book and keep them in a drawer’. But if you’re advising a CEO, you’re not going to say, ‘write down your passwords in a little book and put them in the drawer’,” Dr Murray says.

Cybersecurity

BH Consulting

OCTOBER 24, 2024

Following complaints from customers, the DPC also opened an inquiry into Ryanair’s processing of personal data as part of the verification processes for flights booked through third party websites or online agents. MORE Cofense looks at a recent phishing campaign that used HR-related themes.

Social Engineering

BH Consulting

APRIL 16, 2025

He then covered over the air (OTA) listening using blogs, books and videos, then shortwave listening which, interestingly, requires no licence. Two other points I took from his talk were that the rise of autonomous attack systems that mimic voices or generate phishing content is terrifying.

Risk

Security Affairs

FEBRUARY 15, 2025

Sorry, It’s Windows Malware Malware Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Deep Learning-Driven Malware Classification with API Call Sequence Analysis and Concept Drift Handling Hacking (..)

Spyware

Webroot

JUNE 17, 2025

As soon as you start booking your trip, the cybercriminals start circling. Fake travel websites and rental listings : When you find a killer price on a luxury cruise, a European tour or an oceanfront Airbnb, take another look before you book! Phishing scams: Phishing scams that target travel-related platforms are on the rise.

VPN

Cisco Security

JULY 7, 2025

From a threat standpoint, attackers mostly used brute force to break down perimeter defenses while phishing, zero-days and other adaptive and evasive attacks weren’t on many people’s radar. Read the e-book, see the video, dive into the infographic and more. Get expert perspectives now Why Cisco Security?

Cyber Risk

Zero Day

JULY 10, 2025

Together, these tech giants can introduce billions of global users to the phishing and smishing-resistant technology. If you have goods or services to sell, Shopify is an e-commerce service provider that makes it quick and easy to set up an online storefront and start booking sales.

Password Management

eSecurity Planet

JUNE 25, 2025

EXTRA SAFE E2EE, no data retention, blockchain tech, no registration, browser-based ephemeral chats Web (native apps in development) No data available Messenger E2EE, AI assistant, spam/phishing detection Android, iOS, Web, Windows, macOS Over 1.04 You don’t need to share your phone number, email, or address book.

Encryption

SecureWorld News

MAY 29, 2025

Attackers employ smishing (SMS phishing) and vishing (voice phishing) techniques, now augmented with AI-generated content, to deceive victims. According to an FBI alert , t he campaign, active since April 2025, primarily targets current and former federal and state government officials and their contacts.

Scams

eSecurity Planet

JUNE 25, 2025

EXTRA SAFE E2EE, no data retention, blockchain tech, no registration, browser-based ephemeral chats Web (native apps in development) No data available Messenger E2EE, AI assistant, spam/phishing detection Android, iOS, Web, Windows, macOS Over 1.04 You don’t need to share your phone number, email, or address book.

Encryption

Javvad Malik

JULY 1, 2025

Do we really need a fancy website if it will only be visited by an AI agent that will compare prices, read reviews, and book an entire vacation without the owner knowing (or even caring) who the provider is? AI agents don’t fall for phishing emails because they don’t have emotions to manipulate.

Internet

The Hacker News

MARCH 13, 2025

Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware.

Phishing

Adam Levin

NOVEMBER 26, 2019

One terabyte of data belonging to a major hotel booking platform was found leaked online. Using the information and accesses exposed, they could create effective phishing campaigns, or target companies with various forms of malicious software attacks: malware, spyware, ransomware, and more,” the article continued.

B2B

Penetration Testing

JULY 26, 2024

On the popular pirate e-book site Z-Library, or rather its phishing clone Z-lib, created in late 2022, there was a recent data breach affecting nearly 10 million users. On June 27, 2024, the Cybernews... The post 10 Million Users Compromised in Z-Library Phishing Site Hack appeared first on Cybersecurity News.

Phishing

The Hacker News

DECEMBER 12, 2023

A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs researcher Cara Lin said.

Malware

Anton on Security

DECEMBER 21, 2021

The SRE book says the same: “For SRE, automation is a force multiplier, not a panacea.” However, the book also adds that “multiplying force does not naturally change the accuracy of where that force is applied.” Another great idea for your SOC is hiding deep inside the book. and to make new discoveries in this process too.

Engineering

Security Affairs

JANUARY 22, 2024

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing tactics, as attackers seek to overcome defenses using more personalized and targeted approaches.

Phishing

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware. Just to name a few.

Phishing

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. that are easier for computers to manage.

DNS

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. ua-passport[.]space space and id[.]bigmir[.]space.

Phishing

CSO Magazine

DECEMBER 8, 2021

When it comes to cybersecurity, phishing is one of the oldest tricks in the book. Phishing has evolved,” says Chester Wisniewski, principal research scientist at Sophos. These days phishing emails often lead to ransomware, crypto jacking, or data theft. But it is still incredibly hard to defend against. The reason?

Phishing

Penetration Testing

DECEMBER 7, 2023

In a digital age teeming with cyber threats, FortiGuard Labs recently identified an email phishing campaign that spread MrAnon Stealer malware.

Phishing

Hot for Security

MARCH 1, 2021

The UK has been dealing with some of the harshest lockdown restrictions since the coronavirus was declared a pandemic, and many citizens are looking forward to booking a much-needed vacation. Remember, if a deal sounds too good to be true, it usually is.”

Scams

SecureWorld News

JANUARY 28, 2021

Recent reports have indicated that there is an active phishing campaign faking a message from the UK' s National Health Service (NHS) telling people they are eligible to receive the COVID-19 vaccine. COVID-19 related phishing emails. Reaction to phishing scams. This has resulted in many of those targeted falling for the scam.

Scams