Krebs on Security

JANUARY 3, 2019

A new phone-based phishing scam that spoofs Apple Inc. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company. is likely to fool quite a few people.

Scams 279

Scams Phishing Cyber Risk Engineering 279

Adam Levin

AUGUST 13, 2020

The SANS Institute, a company that provides cybersecurity training and certification, announced that a data breach compromised the personally identifiable data of roughly 28,000 records. The breach has been traced back to a phishing attack that targeted an employee of the company.

Phishing 196

Phishing Cybersecurity Social Engineering Data breaches 196

Webroot

APRIL 22, 2025

If a company you do business with becomes part of a data breach, cybercriminals may have full access to your confidential information. Unfortunately, data breaches are on the rise and affecting more companies and consumers than ever. billion people received notices that their information was exposed in a data breach.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

Daniel Miessler

MAY 19, 2021

This year they analyzed 79,635 incidents, 29,207 met their quality standards, and 5,258 were confirmed data breaches. Top three patterns in breaches were: social engineering, basic web application attacks, and system intrusion. 85% of breaches involved a human element. 61% of breaches involved credentials.

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

CyberSecurity Insiders

NOVEMBER 22, 2021

GoDaddy has made it official that a data breach has occurred on its database in September this year leaking email addresses to hackers that could lead to phishing attacks in the future. The post GoDaddy data breach could lead to Phishing Attacks appeared first on Cybersecurity Insiders.

Data breaches 120

Data breaches Phishing Social Engineering Passwords 120

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data. Revoke access to any app you no longer use or trust.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Mitnick Security

APRIL 5, 2021

Social engineering attacks account for a massive portion of all cyber attacks, and studies show that these attacks are on the rise. According to KnowBe4 , more than 90% of successful hacks and data breaches start with a common type of social engineering attack called phishing.

Social Engineering 130

Social Engineering Engineering Data breaches Cyber Attacks 130

Security Affairs

MAY 3, 2021

Which are the most common causes of a Data Breach and how to prevent It? Data breaches are highly damaging and equally embarrassing for businesses and consumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you can find some of the most common causes of data breaches.

Data breaches 145

Data breaches Social Engineering Engineering Network Security 145

Adam Levin

JULY 10, 2020

2020 is on the path to becoming a record-breaking year for data breaches and compromised personal data. While the number of publicly reported breaches in Q1 2020 decreased by 58% compared to 2019, the coronavirus pandemic gave cybercriminals new ways to thrive,” wrote Bitdefender researcher and blogger Alina Bizga.

Data breaches 252

Data breaches Social Engineering Antivirus Scams 252

The Last Watchdog

AUGUST 19, 2021

Could be phished credentials. It’s too early to assess compliance to data loss regulations. Often inadvertent data breaches stem from a well-meaning employee trying to meet the needs of clients but without the technical systems to facilitate. Could be weak application security practices. Could be a bad actor.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches 141

Data breaches Social Engineering Engineering Authentication 141

Security Affairs

MAY 13, 2025

BleepingComputer reported that DragonForce ransomware affiliates usedScattered Spider social engineering tacticsto target Marks and Spencer. ” The stolen M&S data may include contact info, birthdate, order history, household data, and masked card details, but not full payment info.

Data breaches 62

Data breaches Cyber Attacks Passwords Social Engineering 62

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Aircraft themselves are nodes on data networks, constantly transmitting telemetry, engine performance metrics, and passenger connectivity data.

Cybersecurity 117

Cybersecurity Social Engineering Computers and Electronics Risk 117

SecureWorld News

JANUARY 20, 2023

Popular email marketing service MailChimp recently fell victim to another data breach, this time caused by a successful social engineering attack on its employees and contractors. Such information could be exploited by threat actors in phishing attacks.

Social Engineering 98

Social Engineering Data breaches Engineering Accountability 98

Krebs on Security

JUNE 15, 2024

0KTAPUS In August 2022, KrebsOnSecurity wrote about peering inside the data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations. A Scattered Spider phishing lure sent to Twilio employees.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Malwarebytes

DECEMBER 18, 2023

In emails sent to MongoDB customers, MongoDB advises users to be alert about phishing and social engineering attacks that might use the leaked customer metadata to gain credibility. Scammers often try to take advantage of data breaches.

Data breaches 119

Data breaches Social Engineering Phishing Authentication 119

Security Boulevard

JULY 18, 2024

The number of data breach victims in the first half (H1) of 2024 has surged to 1,078,989,742, marking a 490% increase compared to the same period in 2023, which saw 182,645,409 victims. The post Data Breaches Impact Growing Number of Victims, ITRC Finds appeared first on Security Boulevard.

Data breaches 129

Data breaches Social Engineering Engineering Security Awareness 129

eSecurity Planet

MARCH 3, 2025

The report details how threat actors harness automation, artificial intelligence, and advanced social engineering to scale their operations. Their methods include using generative AI to create convincing phishing emails , fraudulent websites, and fictitious profiles designed to deceive and infiltrate organizational defenses.

Threat Reports 105

Threat Reports Cybercrime Artificial Intelligence Social Engineering 105

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 139

Phishing Data breaches Cryptocurrency Social Engineering 139

Webroot

FEBRUARY 22, 2022

According to the latest ISACA State of Security 2021 report , social engineering is the leading cause of compromises experienced by organizations. Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method.

Social Engineering 116

Social Engineering Engineering Cybercrime Hacking 116

Malwarebytes

MARCH 14, 2025

Unless youre able to reverse engineer an app, there is not a lot you can do after the fact. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. 2FA that relies on a FIDO2 device cant be phished. Take your time.

Passwords 87

Passwords Data breaches Phishing Password Management 87

CyberSecurity Insiders

FEBRUARY 27, 2023

Details are in that the data leak of students pursuing Economics PH.D Hackers can use stolen data for launching social engineering attacks such as phishing. The post Data Breach occurs at Stanford University appeared first on Cybersecurity Insiders.

Data breaches 112

Data breaches Social Engineering Healthcare Cyber Attacks 112

Duo's Security Blog

DECEMBER 14, 2023

But as it turns out, John was a victim of a phishing scam, a type of social engineering attack where the cybercriminal impersonated John’s IT department to gain his trust and trick him into revealing his login credentials. What is social engineering? Every day criminals send millions of phishing emails.

Social Engineering 130

Social Engineering Engineering Phishing Passwords 130

Security Affairs

JANUARY 22, 2024

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing tactics, as attackers seek to overcome defenses using more personalized and targeted approaches.

Phishing 136

Phishing Education Social Engineering Media 136

Approachable Cyber Threats

MARCH 12, 2025

Category Awareness, Social Enginering Risk Level Phishing emails are getting harder to detect. What is phishing, and why is it such a big deal?" Phishing is one of the oldest tricks in the hacker playbook - but its also one of the most effective. Alright, but cant I just spot and delete phishing emails?"

Phishing 53

Phishing Scams Social Engineering Artificial Intelligence 53

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 In comparison, the global average cost per data breach was $4.88

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Boulevard

APRIL 18, 2023

Phishing attacks continue to be one of the most significant threats facing organizations today. As businesses increasingly rely on digital communication channels, cybercriminals exploit vulnerabilities in email, SMS, and voice communications to launch sophisticated phishing attacks.

Phishing 122

Phishing Social Engineering Education Retail 122

SecureWorld News

NOVEMBER 8, 2023

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. Given the much more psychologically focused and methodical ways that social engineering attacks can be conducted, it makes spotting them hard to do.

Social Engineering 113

Social Engineering Engineering Cyber Attacks Artificial Intelligence 113

Security Boulevard

JANUARY 20, 2025

Successful exploitation requires social engineering users into manipulating a specially crafted file. Phishing and Scams Covers popular phishing schemes affecting end users - smishing, vishing, and any new scam/phish. CVE-2025-21308. This is probably a CVE most users should tune into.

Surveillance 97

Surveillance Malware Data breaches Scams 97

The Last Watchdog

FEBRUARY 4, 2025

The impact of these exposures is evident: nearly a quarter of data breaches resulted from compromised identity data. million in related costs per breach and took the longest to identify and contain. Credential attacks led to $4.81

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Graham Cluley

JANUARY 19, 2023

For the second time in less than a year, email newsletter service Mailchimp has found itself in the embarrassing position of admitting it has suffered a data breach, putting its customers' subscribers at risk.

Social Engineering 144

Social Engineering Engineering Data breaches Risk 144

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. “voice phishing” a.k.a. “vishing”).

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Mobile 342

Mobile Phishing Authentication Accountability 342

Security Boulevard

SEPTEMBER 15, 2023

A data breach late last month of software development platform firm Retool led to the accelerated acquisition of one of its users and put a spotlight on an account synchronization feature that Google introduced earlier this year. The post Attackers Target Crypto Companies in Retool Data Breach appeared first on Security Boulevard.

Data breaches 111

Data breaches Accountability Software Social Engineering 111

Security Affairs

JANUARY 23, 2023

The recent Mailchimp data breach has impacted multiple organizations, some of them are already notifying their customers. The popular email marketing and newsletter platform Mailchimp recently disclosed a news data breach , the incident exposed the data of 133 customers. reads the notice published by the company.

Data breaches 98

Data breaches Accountability Social Engineering Small Business 98

Krebs on Security

JANUARY 30, 2024

Multiple trusted sources told KrebsOnSecurity that Sosa/King Bob was a core member of a hacking group behind the 2022 breach at Twilio , a company that provides services for making and receiving text messages and phone calls. 0ktapus often leveraged information or access gained in one breach to perpetrate another. According to an Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359