SecureWorld News

FEBRUARY 25, 2025

One of the report's most pressing concerns is the role of Generative AI in social engineering attacks. Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. As AI takes a larger role in cybersecurity, governance and ethical AI usage must become a priority.

Cybersecurity 102

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 102

SecureWorld News

MAY 9, 2025

The development marks a significant escalation in COLDRIVER's cyber espionage activities, which have traditionally focused on credential phishing. The malware has been observed in campaigns as recent as April 2025, targeting advisors to Western governments and militaries, journalists, think tanks, NGOs, and individuals connected to Ukraine.

Malware 97

Malware Social Engineering Government Engineering 97

Penetration Testing

MAY 7, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian government The post APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics appeared first on Daily CyberSecurity.

Phishing 83

Phishing Government Cybersecurity Social Engineering 83

Security Boulevard

NOVEMBER 14, 2022

This is why you should never reuse passwords.Hacking Software and ToolsWhile there are software tools for various types of cyber attacks, the one I’m going to focus on is social engineering attacks. These software packages have everything you need to launch and scale a phishing attack.

Social Engineering 112

Social Engineering Engineering Passwords Cyber Attacks 112

CSO Magazine

JUNE 8, 2023

Researchers warn of a social engineering campaign by the North Korean APT group known as Kimsuky that attempts to steal email credentials and plant malware. Operating since at least 2012, the group often employs targeted phishing and social engineering tactics to gather intelligence and access sensitive information."

Social Engineering 108

Social Engineering Engineering Phishing Government 108

Schneier on Security

MAY 30, 2025

Current phishing attacks have evolved from those older Nigerian scams filled with grammar mistakes and typos. Even if we do this all well and correctly, we can’t make people immune to social engineering. But—we get it—the government isn’t going to step in and regulate the Internet.

Cybersecurity 230

Cybersecurity Scams Security Awareness Phishing 230

SecureWorld News

MARCH 24, 2025

AI agents are identitiesand they need governance One of the most pressing concerns from industry leaders is that AI agents often operate as non-human identities (NHIs)with broad system access but minimal oversight. You can't stop attackers from manipulating AI, just like you can't stop them from phishing employees," Feinberg said.

Social Engineering 110

Social Engineering Government Risk Phishing 110

SecureWorld News

APRIL 22, 2025

Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages. According to Security Alliance's findings, the campaign relied on social engineering and Zoom's remote control feature to infect targets with malware.

Cryptocurrency 100

Cryptocurrency Social Engineering Cybercrime Engineering 100

Identity IQ

JUNE 20, 2023

What Are Social Engineering Scams? Thanks, Your CEO This common scenario is just one example of the many ways scammers may attempt to trick you through social engineering scams. Read on to learn how to recognize social engineering attacks, their consequences, and tactics to avoid falling for them.

Social Engineering 94

Social Engineering Scams Engineering Identity Theft 94

SecureWorld News

FEBRUARY 13, 2025

Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions. Attackers now impersonate executives, government officials, and even family members to gain trust and manipulate victims.

Social Engineering 95

Social Engineering Authentication Identity Theft Engineering 95

The Hacker News

DECEMBER 1, 2021

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts.

Phishing 145

Phishing Social Engineering Banking Engineering 145

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Organizations face rising risks of AI-driven social engineering and personal device breaches. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk 173

Risk Threat Detection Technology Phishing 173

Malwarebytes

MARCH 19, 2025

” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. .” ” “482 Spots Remaining! gov domains).

Scams 92

Scams Government Identity Theft Phishing 92

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency 353

Cryptocurrency Financial Services Banking Government 353

The Last Watchdog

SEPTEMBER 21, 2022

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service. Phishing-as-a-Service (PhaaS). Related: Utilizing humans as security sensors. Rising popularity.

Phishing 198

Phishing Artificial Intelligence Cybercrime Social Engineering 198

Heimadal Security

APRIL 18, 2022

A warning about a new wave of social engineering cyberattacks that distribute the IcedID malware and employ Zimbra exploits for sensitive data theft purposes has been recently issued by the Computer Emergency Response Team of Ukraine (CERT-UA).

Government 131

Government Malware Hacking Social Engineering 131

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. Twilio disclosed in Aug.

Social Engineering 362

Social Engineering Cybercrime Mobile Passwords 362

SecureWorld News

FEBRUARY 15, 2024

The hackers rely heavily on social engineering tactics to distribute the malware. This includes sending phishing messages posing as government agencies or local banks to convince victims to click on links leading to fake apps infected with the malware. Experts warn that biometric authentication alone is not foolproof.

Social Engineering 106

Social Engineering Mobile Authentication Engineering 106

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. billion (equal to USD 326 million) between 2021 and 2023. Notably, some of them were registered between September and November 2024.

Phishing 110

Phishing Social Engineering Banking DNS 110

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% User Execution and Phishing remain top threats. in IT, 18.3% in industrial, and 11.9%

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Heimadal Security

JULY 15, 2022

Researchers have uncovered a new phishing kit that, under the guise of security controls, injects malware into legitimate WordPress sites and uses a fake PayPal-branded social engineering scam to trick targets into handing over their most sensitive data. Researchers from Akamai said that the attackers […].

Phishing 111

Phishing Social Engineering Scams Engineering 111

Krebs on Security

AUGUST 19, 2021

“According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Hassold wrote. – Government entities. – Canada. – Australia. – the UK.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

SC Magazine

MARCH 24, 2021

A California state agency was victimized by a phishing incident last week in which an employee clicked on a link that provided access to the employee’s account for some 24 hours. Unfortunately, it seems to occur too commonly in government institutions that we must absolutely trust to place our social interests above all else,” Wade said.

Phishing 129

Phishing Social Engineering Accountability Government 129

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom.

Technology 109

Technology Cyber Attacks Government Risk 109

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Phishing Software Social Engineering 134

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing 120

Phishing Social Engineering Government Accountability 120

Malwarebytes

JULY 19, 2022

A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. The data it’s after includes government documents like passport, as well as selfie photos. PayPal phishing sites are a dime a dozen due to the number of people and companies using it as another form of payment method.

Phishing 114

Phishing Social Engineering Accountability Engineering 114

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. Phishers primarily seek to extract confidential information from victims, such as credentials or bank card details, while scammers deploy social engineering to persuade targets to transfer money on their own accord.

Scams 132

Scams Phishing Social Engineering Banking 132

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Social engineering attacks Social engineering attacks occur when someone uses a fake persona to gain your trust.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Malwarebytes

JULY 2, 2025

Qantas says the breach occurred after a cybercriminal targeted a call centre and managed to gain access to the third party platform, presumably via social engineering. The breach at a third party provider is extra painful since Qantas concluded an uplift of third and fourth-party cyber-risk governance processes in 2024.

Social Engineering 72

Social Engineering Cyber Risk Data breaches Passwords 72

CyberSecurity Insiders

JANUARY 5, 2023

All the ministers and government employees working in the UK were issued a warning when their official contact details were publicly available online until March 2020. The post Data Security Threat to UK Government Ministers and Civil Servants appeared first on Cybersecurity Insiders.

Government 109

Government Social Engineering Advertising Media 109

eSecurity Planet

NOVEMBER 6, 2024

This data reportedly includes everything from names and addresses to Social Security numbers and bank account details. This attack underscores a critical lesson for businesses: even the most vital institutions, such as a city government, are vulnerable to cyberthreats.

Ransomware 115

Ransomware Authentication Identity Theft Penetration Testing 115

Hacker's King

DECEMBER 16, 2024

In the digital age, cyber-attacks are a growing concern for individuals, businesses, and governments worldwide. Recent incidents include attacks on government agencies, critical infrastructure, and major corporations, highlighting the vulnerability of national cybersecurity defenses.

Cyber Attacks 59

Cyber Attacks Phishing Penetration Testing Healthcare 59

Duo's Security Blog

JUNE 26, 2025

End-to-end phishing resistance means we protect your users from phishing attacks at every step of the identity lifecycle, starting with enrollment, to OS and application login, all the way to the help desk.

Authentication 95

Authentication Social Engineering Passwords Phishing 95

Jane Frankland

JUNE 27, 2025

It’s why we train employees, run phishing simulations, and issue compliance mandates. Mistakes, like clicking on a phishing link, or oversights, like weak password maintenance, often take center stage. For instance, phishing simulations or MFA reminders delivered in context are far more effective than annual compliance exercises.

Cybersecurity 130

Cybersecurity Risk Phishing Education 130

Security Affairs

AUGUST 3, 2023

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Microsoft Threat Intelligence reported that the cyberspies conducted highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chat.

Phishing 98

Phishing Authentication Government Social Engineering 98