CSO Magazine

MARCH 28, 2022

Blame it on pandemic fatigue, remote work or just too much information, but employees appear to be lowering their guard when it comes to detecting social engineering tricks. Attackers were more successful with their social engineering schemes last year than they were a year earlier, according to Proofpoint.

Social Engineering 97

Social Engineering Engineering Phishing 97

CSO Magazine

JANUARY 13, 2022

On January 5, 2022, the Department of Justice (DoJ) announced the FBI’s arrest of Italian citizen Filippo Bernardini at JFK International Airport in New York for wire fraud and aggravated identity theft.

Social Engineering 139

Social Engineering Identity Theft Engineering 139

CSO Magazine

OCTOBER 19, 2021

Whether it’s advanced phishing techniques, credential stuffing, or even credentials compromised through social engineering or breaches of a third-party service, credentials are easily the most vulnerable point in defending corporate systems. Get the latest from CSO by signing up for our newsletters. ]

Authentication 130

Authentication CSO Social Engineering Engineering 130

CSO Magazine

MARCH 21, 2022

Sign up for CSO newsletters. ]. 2012: Court Ventures gets social-engineered. Sometimes all it takes is some brazen misrepresentation and social engineering skills. Hopefully you'll come away with some ideas on how not to suffer a disaster of your own.

Social Engineering 113

Social Engineering CSO Engineering Data breaches 113

CSO Magazine

NOVEMBER 2, 2021

Social engineering. Social engineering The easiest way for any hacker to break into any device is for the user to open the door themselves. Making that happen is easier said than done, of course, but it's the goal of most forms of social engineering attacks. 7 ways to hack a phone. Malvertising. Pretexting.

Social Engineering 137

Social Engineering Hacking Engineering Malware 137

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

CSO Magazine

SEPTEMBER 26, 2022

Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering , ransomware , and malware attacks continue to advance, exposing businesses to greater risk, according to a new report by cloud security company Zscaler. To read this article in full, please click here

Social Engineering 127

Social Engineering Engineering Risk Ransomware 127

CSO Magazine

MAY 25, 2021

Unfortunately, in some organizations, employees who fall victim to a social engineering ploy that leads to a ransomware attack are blamed for their actions. Social engineering attacks, like phishing emails, are common conduits of ransomware, and have become more sophisticated. Victim shaming is never OK.

Social Engineering 140

Social Engineering Engineering Phishing Ransomware 140

CSO Magazine

MAY 22, 2023

BEC attacks stand apart in the cybercrime industry for their emphasis on social engineering and the art of deception,” said Vasu Jakkal, corporate vice president of security, in a blog post. Successful BEC attacks cost organizations hundreds of millions of dollars annually.”

Social Engineering 126

Social Engineering Cybercrime Engineering Cybersecurity 126

CSO Magazine

APRIL 27, 2023

The five emerging cyber-attack vectors the speakers covered were adversarial AI, ChatGPT-powered social engineering, third-party developer, SEO, and paid advertising attacks. To read this article in full, please click here

Social Engineering 137

Social Engineering Cyber Attacks Advertising Engineering 137

CSO Magazine

JANUARY 11, 2023

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.

Scams 127

Scams Phishing Social Engineering Engineering 127

CSO Magazine

NOVEMBER 25, 2021

While ransomware attacks emphasize how criminals monetize their ability to socially engineer individuals to click that link or attachment, nation states are quietly working to fleece the IP and gain foothold within targets of interest. To read this article in full, please click here

Social Engineering 129

Social Engineering CISO Engineering Ransomware 129

CSO Magazine

APRIL 2, 2023

Darktrace has announced a new upgrade to its Darktrace/Email product with enhanced features that defend organizations from evolving cyberthreats including generative AI business email compromise (BEC) and novel social engineering attacks.

Social Engineering 108

Social Engineering Engineering Phishing Accountability 108

CSO Magazine

APRIL 25, 2023

The company — focused on protecting enterprises from targeted email attacks, such as phishing , social engineering , and business email compromise — is also adding data ingestion from new sources to better its AI model, which maps user identity behavior. To read this article in full, please click here

Social Engineering 79

Social Engineering Threat Detection Engineering Phishing 79

SecureWorld News

APRIL 10, 2023

The top security threat cited by respondents was software vulnerabilities and/or Zero-Days (53%), followed by phishing/social engineering threats (52%) and attacks targeting the supply chain (49%).

Data breaches 79

Data breaches CSO Social Engineering Cyber threats 79

The Last Watchdog

MAY 5, 2022

Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. It’s quick to deploy and simple to operate. Let’s talk VPNs. Food for thought, eh!

Risk 227

Risk Ransomware Internet Internet 227

CSO Magazine

JANUARY 31, 2023

According to a blog on the company’s website , threat actors satisfied Microsoft’s requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.

Social Engineering 88

Social Engineering Engineering Cybersecurity 88

CSO Magazine

FEBRUARY 18, 2022

Oh, and the bad guys go looking for these open doors using automated scanning tools, software exploits, social engineering scams, or anything else that works. Because every IT widget represents a potential entry point for cyber-adversaries. To read this article in full, please click here

Social Engineering 118

Social Engineering Scams Engineering Software 118

CSO Magazine

AUGUST 10, 2022

By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems.

Social Engineering 106

Social Engineering Engineering Phishing 106

CSO Magazine

APRIL 12, 2022

These attacks use social engineering techniques to trick the email recipient into believing that the message is something they want or need—a request from their bank, for instance, or a note from someone in their company—and to click a link or download an attachment. Phishing definition.

Phishing 120

Phishing Social Engineering Banking Engineering 120

CSO Magazine

JULY 30, 2021

The education sector is a top target for cybercriminals, and faces “an unusually large percentage” of social engineering attacks, according to the 2021 Verizon Data Breach Investigations Report. The coronavirus pandemic, which spurred many individuals to study and work remotely, added to the industry’s challenges.

Social Engineering 128

Social Engineering Data breaches Education Engineering 128

CSO Magazine

MARCH 9, 2022

This provides a "sign of life" confirmation to the bad actor establishing that the target account is valid and inclined to open malicious emails with social engineering content. To read this article in full, please click here

Social Engineering 126

Social Engineering Accountability Engineering Cybersecurity 126

CSO Magazine

APRIL 28, 2022

Most phishing attacks are less about the technology and more about social engineering. A key factor in protecting your business from phishing is to understand your vulnerabilities, weigh the potential risk to your business, and decide what tools offer the best protection to match your business needs. Why phishing is successful.

Phishing 136

Phishing Social Engineering Engineering Technology 136

CSO Magazine

MARCH 29, 2023

APT43 specializes in credential harvesting and social engineering with a focus on foreign policy and nuclear security issues, topics that align with North Korea’s strategic nuclear goals.

Social Engineering 108

Social Engineering Cybercrime Banking Government 108

CSO Magazine

APRIL 7, 2022

Spear phishing messages are often crafted with care using pernicious social engineering techniques and are difficult to defend against with mere technical means. To read this article in full, please click here

Phishing 101

Phishing Social Engineering Engineering Malware 101

CSO Magazine

JULY 1, 2021

After all, employees need to click on links to do their jobs, and social engineering makes phishing links difficult to identify. Despite advancements in anti-phishing techniques and employee training, phishing attacks are increasingly popular. That’s because they work so well.

Phishing 112

Phishing Social Engineering Engineering 112

CSO Magazine

APRIL 11, 2022

had been successfully socially engineered into providing customer data in response to “emergency data requests” to individuals who they believed to be representing the U.S. A recent Bloomberg piece highlighted how Meta Platforms, Inc., parent company of Facebook) and Apple, Inc., government.

Social Engineering 83

Social Engineering CISO Scams Government 83

CSO Magazine

SEPTEMBER 14, 2022

Incident response company Mandiant recently reported with medium confidence that APT42 operates on behalf of the Islamic Revolutionary Guard Corps (IRGC)’s Intelligence Organization (IRGC-IO) and specializes in highly targeted social engineering. To read this article in full, please click here

Phishing 76

Phishing Social Engineering Engineering 76

CSO Magazine

APRIL 1, 2021

Phishing is a social attack, directly related to social engineering. Editor's note: This article, originally published on August 7, 2018, has been updated to include new information on phishing kit features. Commonly centered around email, criminals use phishing to obtain access or information.

Phishing 118

Phishing Social Engineering Engineering 118

CSO Magazine

MARCH 29, 2022

Alethe Denis was on maternity leave when she decided to participate in DEF CON's Social Engineering Capture the Flag competition in 2019. She took her three-month-old daughter and her husband to Las Vegas and planned the trip to the finest detail. Things could have gone wildly wrong," Denis says. "It

Social Engineering 94

Social Engineering Engineering 94

CSO Magazine

FEBRUARY 9, 2023

Trustwave SpiderLabs researchers have cited an increased prevalence of HTML smuggling activity whereby cybercriminal groups abuse the versatility of HTML in combination with social engineering to distribute malware.

Malware 80

Malware Social Engineering Engineering Internet 80

CSO Magazine

JUNE 14, 2022

The same actions taken to quash ransomware activity might end up forging alliances among financially motivated threat actors to create hybrid cyber-attacks that meld social engineering with ransomware. To read this article in full, please click here

Ransomware 84

Ransomware Social Engineering Cyber Attacks Engineering 84

CSO Magazine

MAY 9, 2023

Malware, social engineering, data leakage, and Wi-Fi interference are among the many mobile security risks organizations face, while novel technologies such as generative AI are predicted to create new opportunities for cybercriminals to target mobile devices.

Mobile 71

Mobile Social Engineering Engineering Technology 71

CSO Magazine

SEPTEMBER 20, 2021

Any time an organization shifts an employee’s workspace and network usage, they may be less adept at identifying phishing attacks, social engineering or other security threats. If this was true when on-site work was the norm, it is even more so in a hybrid work environment.

Social Engineering 109

Social Engineering Phishing Education Security Awareness 109

CSO Magazine

NOVEMBER 21, 2022

Callback phishing – or telephone-oriented attack delivery (TOAD) – is a social engineering attack that requires a threat actor to interact with the target to accomplish their objectives. Unit 42 stated that the campaign has cost victims hundreds of thousands of dollars and is expanding in scope.

Phishing 76

Phishing Malware Social Engineering Retail 76

Malwarebytes

APRIL 28, 2022

” Former Facebook Chief Security Officer (CSO) turned consultant Alex Stamos said in an interview with Bloomberg : “I know that emergency data requests get used in real life-threatening emergencies every day. However, it is accepted practice that tech companies comply with such requests as a sign of “good faith.”

CSO 99

CSO Accountability Authentication Cybersecurity 99

The Security Ledger

FEBRUARY 19, 2019

And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components. Vijay Balasubramaniyan of Pindrop joins us to talk about it.

Authentication 40

Authentication CSO Artificial Intelligence Social Engineering 40