Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing 144

Penetration Testing Retail Social Engineering Cybersecurity 144

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. Cybersecurity predictions offer a glimpse at the dangerous oncoming traffic and help leaders develop strategies to navigate their journey safely. Those in cybersecurity who fail to look ahead will be crushed by what they don’t see coming.

Risk 115

Risk Cybersecurity CISO Technology 115

Security Affairs

OCTOBER 19, 2023

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Social Engineering 106

Social Engineering Artificial Intelligence Engineering Ransomware 106

IT Security Guru

SEPTEMBER 25, 2023

The IT Security Guru caught up with Tarnveer Singh a CISO and finalist in the Security Serious Unsung Heroes Awards 2023 for his thoughts on how to get more professionals involved in the cybersecurity industry: There are many ways we can inspire new cybersecurity professionals to join our industry.

CISO 117

CISO Identity Theft Cybercrime Cybersecurity 117

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 97

Data breaches Social Engineering Malware Hacking 97

SecureWorld News

OCTOBER 27, 2021

See if you agree with this statement: cybersecurity awareness is a continuing effort , not a month-long cram session. This can rapidly overwhelm colleagues who might not be as familiar with cybersecurity 101 practices. Security awareness and how you talk about cybersecurity. Collaboration is where you get the value.

Cybersecurity 83

Cybersecurity Cybercrime Security Awareness Education 83

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 99

Social Engineering Spyware Data breaches Surveillance 99

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 84

Social Engineering Data breaches Ransomware Cybercrime 84

Malwarebytes

MAY 21, 2023

.” But the security community and other technology leaders have started raising the alarm, worried about the program’s potential to write malware and spread mis- and disinformation. Or do you believe implementing the platform will compromise your company’s cybersecurity posture?

Cybersecurity 76

Cybersecurity Artificial Intelligence Social Engineering Engineering 76

Spinone

OCTOBER 10, 2019

Cybersecurity is one of the most dynamic and quick-changing industries. The best way to stay up-to-date with the recent trends is by reading the top cybersecurity blogs. Here’s our list of the best cybersecurity blogs to read and follow. HackingVision has a great focus on technology and modern cybersecurity trends.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Affairs

APRIL 28, 2022

Cybercrime gang FIN7’s badUSB attacks serve as a reminder of two key vulnerabilities present among all organizations. Social engineering is a prerequisite to almost all cyberattacks. As FIN7 demonstrated, it was because of social engineering that the attacks were successful.

Social Engineering 86

Social Engineering Engineering Insurance DDOS 86

Security Affairs

NOVEMBER 4, 2022

I’m proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Cyber threats 113

Cyber threats Phishing Social Engineering Ransomware 113

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa.

Cybercrime 76

Cybercrime Scams DDOS Banking 76

Security Affairs

JANUARY 22, 2024

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. In an adaptive phishing campaign, attackers gather specific information about victims through various sources, such as social media, public websites, and previous data breaches.

Phishing 99

Phishing Education Social Engineering Media 99

Herjavec Group

DECEMBER 15, 2021

Needless to say, in 2021 cybersecurity was front and center for individuals, enterprises, and governments alike. Data breaches and cybersecurity threats were at an all-time high this past year. So let’s take a look at the big challenges, priorities, and trends we saw in cybersecurity over the past year.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 77

Data breaches Cybercrime Firewall Artificial Intelligence 77

Security Affairs

SEPTEMBER 21, 2019

Cybersecurity is an increasingly significant focus for many companies as cyberattacks become more frequent and more costly. Which are 5 Cybersecurity trends in the professional services sector? The cybersecurity landscape is changing, and every industry will need to adapt. Employee Training on Phishing and Digital Security.

Cybersecurity 74

Cybersecurity Data breaches Artificial Intelligence Phishing 74

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

Cisco Security

MARCH 4, 2021

It’s an opportunity to honor the political, social, economic and cultural achievements of women everywhere in every walk of life. That includes in the field of cybersecurity. According to the 2019 (ISC)2 Cybersecurity Workforce Study , higher percentages of women have reached senior positions in cybersecurity than men.

Cybersecurity 111

Cybersecurity Engineering Technology Education 111

Security Affairs

JANUARY 3, 2024

This approach was used to deceive individuals into sharing sensitive information with malicious actors. The use of Artificial Intelligence in cybercrime is not a completely novel concept. Utilizing AI-driven bots for advanced social engineering techniques. Decision-making and automation of cybercriminal operations.

Artificial Intelligence 111

Artificial Intelligence Banking Scams Cybercrime 111

eSecurity Planet

MAY 3, 2022

Researchers at Singapore-based cybersecurity company Group-IB recently discovered thousands of databases exposed to the internet that could have been exploited when they were left unprotected. According to Group-IB, the likelihood of the database systems being used in cybercrime and security breaches is high.

Social Engineering 126

Social Engineering Internet Internet Risk 126

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 81

Spyware Hacking Malware Social Engineering 81

Herjavec Group

JULY 29, 2021

Halfway through 2021 and it’s been a year unlike any other in cybersecurity ! I know what you’re thinking – it’s hard not to feel overwhelmed by the current cybersecurity landscape. I’ve always believed that the best way to build a strong cybersecurity program is to utilize all the data.

Cybersecurity 52

Cybersecurity Digital transformation Cyber Attacks Ransomware 52

Security Affairs

AUGUST 21, 2020

The Federal Bureau of Investigation ( FBI ) and the Cybersecurity and Infrastructure Security Agency ( CISA ) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries.

Social Engineering 110

Social Engineering VPN Phishing Authentication 110

Security Affairs

JANUARY 24, 2022

Both routines use social engineering techniques to trick users into enabling document macros and automate malware execution. “We observed Emotet spam campaigns using hexadecimal and octal representations of IP addresses, likely to evade detection via pattern matching. ” reported Trend Micro.

Malware 118

Malware Social Engineering Ransomware Banking 118

Security Affairs

MAY 18, 2022

The increasing popularity of cryptocurrency is attracting cybercrime that is using different means to target the cryptocurrency industry. Experts also warn of scams and other social engineering attacks that cybercriminals use to trick victims into sending funds to the attackers’ wallets.

Cryptocurrency 86

Cryptocurrency Social Engineering Malware Cybercrime 86

Security Affairs

SEPTEMBER 15, 2023

The stolen data also includes driver’s license numbers and/or social security numbers. The intrusion resulted from a social engineering attack on a third-party IT support vendor used by Caesars Entertainment. ” The investigation is still ongoing to determine the extent of security incident.

Social Engineering 102

Social Engineering Ransomware Banking Cyber Attacks 102

Security Affairs

AUGUST 11, 2022

When operators receive a call, they use a variety of social engineering tactics, to convince victims to give remote desktop control , to help them cancel their subscription service. This group has the advanced social engineering capabilities of the three groups. The victim is tricked into contacting a special call center.

Ransomware 74

Ransomware Social Engineering Phishing Engineering 74

Security Affairs

DECEMBER 1, 2022

The hackers used social engineering techniques, sending phishing emails to several of Target’s vendors, and successfully breached Target’s network. They then installed malware, which helped them obtain customers’ credit/debit card information. Focusing on your own cybersecurity practices isn’t enough.

Data breaches 89

Data breaches Passwords Social Engineering Encryption 89

BH Consulting

NOVEMBER 15, 2022

Cybersecurity conferences aren’t usually places where you expect to feel better about the world, but IRISSCON 2022 struck a surprisingly hopeful tone. Mikko Hyppönen, WithSecure chief research officer, looked back at security’s evolution over decades and reached an unexpected conclusion. “I Cybersecurity focused on SMEs.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Security Affairs

NOVEMBER 7, 2021

Threat actors are impersonating cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Gmail credentials. Cybercriminals are impersonating the cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Google Gmail credentials. ” reads the post published by Armorblox.

Phishing 116

Phishing Social Engineering Accountability Engineering 116

SC Magazine

MAY 1, 2021

Each year, a select pool of experts from the cybersecurity community sets hours aside to review hundreds of entries received for the SC Trust and Excellence Awards. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program.

Computers and Electronics 126

Computers and Electronics Technology Education Information Security 126

Security Affairs

APRIL 23, 2022

The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. Telegram channels that were restricted to the core seven members of the group – Source KrebsonSecurity. ” wrote Krebs.

Mobile 93

Mobile VPN Social Engineering Telecommunications 93

Security Affairs

SEPTEMBER 5, 2022

Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American Express customers. The messages use a malicious attachment and their content attempt to trick cardholders into opening it. Pierluigi Paganini.

Phishing 95

Phishing Scams Social Engineering Password Management 95

Security Affairs

DECEMBER 12, 2021

The messages used in a campaign recently discovered by cybersecurity firm Cofense use QR codes to deceive users of two Geman financial institutions, Sparkasse and Volksbanken Raiffeisenbanken, and steal digital banking information. The phishing messages are carefully crafted, the content was well-structured and features bank logos.

Banking 134

Banking Phishing Social Engineering Engineering 134

Security Affairs

MAY 12, 2023

For over a decade, email has been a common source of cybersecurity threats. What started as notes from Nigerian princes that needed large sums of money to help them get home has evolved into bad actors that use refined social engineering tactics to convince the receiver to unknowingly share important information.

Phishing 84

Phishing Social Engineering Small Business B2B 84

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. Powered with Group-IB’s solution for online fraud prevention Secure Portal , the platform has managed to fight off over 220,000 requests from web-bots in just two months, shielding its 4.5

Cryptocurrency 57

Cryptocurrency Social Engineering eCommerce Engineering 57