InfoSec, Phishing, Social Engineering and Technology

ChatGPT: What are the Implications for Infosec?

SecureWorld News

DECEMBER 20, 2022

The ability to ask any question on just about any topic and have a very intelligent answer given has cybersecurity experts wondering if the infosec community is using it and, if so, for what; and, if so, how is it working for writing scripts and code or imitating phishing emails, for instance. I had it write a phishing email.

InfoSec

InfoSec Phishing Social Engineering Media

GUEST ESSAY: How and why ‘pen testing’ will continue to play a key role in cybersecurity

The Last Watchdog

MARCH 15, 2021

When we look at society today, we can see that we are moving further and further ahead with technology. In fact, there is evidence that technology grows exponentially fast. Since we are quickly putting out large technologies, security risks always come with this. As mentioned earlier, technology is rapidly expanding.

Penetration Testing

Penetration Testing Social Engineering Cybersecurity Engineering

The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15

Security Boulevard

SEPTEMBER 10, 2023

energy organization fell victim to a QR code phishing attack, highlighting the ever-evolving tactics used by attackers. Finally, we […] The post The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15 appeared first on Shared Security Podcast. Next, we explore how a major U.S.

Phishing

Phishing Cryptocurrency Ransomware Social Engineering

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Security Boulevard

MARCH 27, 2022

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1

Phishing

Phishing Software Hacking Social Engineering

Personal Cybersecurity Concerns for 2023

Security Through Education

JANUARY 18, 2023

The truth is technology has grown at an exponential rate and so has cybercrime. More than 90% of successful cyber-attacks start with a phishing email. Most if not, all social engineering attacks will attempt to trigger some emotion such as urgency, fear, greed, or curiosity. Turn on automatic updates. Rosa Rowles.

Cybersecurity

Cybersecurity Social Engineering Scams IoT

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

Security Boulevard

AUGUST 28, 2022

The post Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You appeared first on The Shared Security Show. The post Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You appeared first on The Shared Security Show.

Phishing

Phishing Social Engineering Surveillance Data privacy

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

CyberSecurity Insiders

DECEMBER 4, 2021

Of the 13 engineers who commented for this publication, none felt that the marketing associated with the products they were working on was completely accurate with respect to advertised capabilities. The paper explores those areas as well as malicious uses of ML and DL, specifically in social engineering and phishing.

Cybersecurity

Cybersecurity Artificial Intelligence Education Engineering

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Herjavec Group

MAY 19, 2022

Conduct regular social engineering tests on your employees to actively demonstrate where improvements need to be made. Build security awareness training modules to educate your employees on how to spot phishing emails or business-related scams. If you don’t have the talent in-house, employ a third-party security firm.

Penetration Testing

Penetration Testing Social Engineering Cybercrime InfoSec

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Additionally, cybercriminals may be able to use inflation to their advantage, such as by sending phishing emails that appear to be from legitimate companies offering discounts or assistance. Too many folks focus on the technology as opposed to the people or process. Investing in security awareness training has a bottom line impact.

Cybersecurity

Cybersecurity CISO Education Phishing

Top 8 Cybersecurity Podcasts of 2021

eSecurity Planet

APRIL 23, 2021

It requires some baseline industry knowledge, but it’s a great way to stay on top of InfoSec current events. Since 2007 (before podcasting in general had really taken off), Patrick Gray and his co-host Adam Boileau have covered a wide range of InfoSec topics with insight from fellow industry leaders. Malicious Life.

Cybersecurity

Cybersecurity InfoSec Cybercrime Hacking

Are Ethics and Social Engineering Compatible?

Security Through Education

DECEMBER 7, 2022

Many people assume that as professional social engineers (SE) we use EVERY method possible to achieve our objective. Are ethics and social engineering compatible? In our first scenario, let’s pretend a client just hired us to do phishing and vishing to test their corporation’s employees. No Code of Ethics.

Social Engineering

Social Engineering Engineering Education Phishing

The pros and cons of SOAR explained

SC Magazine

MAY 20, 2021

Social engineering, phishing scams, ransomware, DDoS attacks , and software vulnerabilities are just some of the threats facing overloaded security professionals with limited budgets. Bear in mind that SOAR requires a mix of technologies and tools that deliver the capabilities the infosec team requires.

Social Engineering

Social Engineering Internet Internet InfoSec

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

Threat actors have developed social engineering approaches that leverage the uncertainty and chaos of the pandemic in order to deliver their malicious software. When it comes to cyber risks, the most up-to-date cybersecurity technology or regimented program doesn’t make an organization immune to an attack.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

Massive AT&T Data Leak, The Danger of Thread Hijacking

Security Boulevard

APRIL 7, 2024

Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist.

Data breaches

Data breaches Accountability Social Engineering Data privacy

The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked

Security Boulevard

JANUARY 21, 2024

Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

Media

Media Accountability Hacking Scams

Phone Scam Targets Psychologists, All My Apes Gone, Supply Chain Skimmer Attack

Security Boulevard

JANUARY 10, 2022

A phone scam targeting psychologists reveals that even professionals can become victims, stolen multi-million-dollar NFT’s results in a “all my apes gone” plea for help, and details on a skimmer supply chain attack on more than 100 real estate websites. ** Links mentioned on the show ** The Phone Scam That Targets Psychologists [link] Thieves […].

Scams

Scams Social Engineering Engineering Technology

Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware

Security Boulevard

APRIL 10, 2022

Scott and Tom explain why privacy isn’t dead, why should everyone should care about their privacy, and how you should respond to someone that says “I don’t care about privacy, I have nothing to hide!”. Plus, details on a new attack using fake shopping apps and how a new malware toolkit called “Borat RAT” is […].

Malware

Malware Social Engineering Scams Engineering

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Longtime network and system administrator Jack Daniel is a technology community activist, mentor, and storyteller. Markstedter actively contributes to filling the infosec education gap.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication

Authentication Risk Social Engineering InfoSec

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

AI Use Danger As with any emerging technology, many organizations should expect errors and growing pains as teams learn the nuances of applying the technology. Some attacks will be aided by technology, while others will be more strategic in nature as companies strengthen cyberdefense against older attacks.

Cybersecurity

Cybersecurity CISO Government Technology

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. For a variety of reasons, I will no longer be sharing these updates on Twitter.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Introducing Behavioral Information Security

The Falcon's View

AUGUST 29, 2017

For those unfamiliar with Fogg's work, he started out doing research on Persuasive Technology back in the 90s, which has become the basis for most modern uses of technology to influence people (for example, use of Facebook user data to influence the 2016 US Presidential Election). Well, low-and-behold, it already exists!

Information Security

Information Security InfoSec Social Engineering Security Awareness

Top 5 Cybersecurity and Computer Threats of 2017

NopSec

FEBRUARY 9, 2017

The year 2016 will be remembered for some big moments in the world of cybersecurity: the largest known distributed denial of service (DDoS) attack, a phishing attack on a United States presidential candidate’s campaign, and ransomware attacks on major healthcare organizations are just a few. 2017 will see major advancements in technology.

Cybersecurity

Cybersecurity DDOS IoT Social Engineering

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

Security Boulevard

MARCH 1, 2023

Executive summary In May 2020 EclecticIQ Intelligence and Research Team published a report ( 1 ) on phishing lures impersonating the maritime industry. The campaign uses consistent maritime-related social engineering lures in spearphishing emails almost certainly targeting the maritime industry. The domain `trim[.]cfd`

Phishing

Phishing Social Engineering Ransomware Encryption

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

Herjavec Group

JULY 29, 2021

This means learning from the successes and the failures and using those learnings to enhance security measures, standards, and technology. Threat actors have developed social engineering approaches that leverage the uncertainty and chaos of the pandemic in order to deliver their malicious software. Ransomeware-as-a-Service.

Cybersecurity

Cybersecurity Digital transformation Cyber Attacks Ransomware

The Trouble with Politicians Sharing Passwords

Troy Hunt

DECEMBER 4, 2017

All the subsequent reasons given for why it’s necessary have technology solutions which provide traceability back to individual, identifiable users. Her approach to password sharing may simply be evidence of humans working around technology constraints: I don't blame her, I blame the I.T but the topic kept coming up.

Passwords

Passwords Accountability Technology InfoSec

Your New Stimulus Check Might Not Be Safe From Cybercriminals

Identity IQ

MARCH 13, 2021

Reports show phishing emails have been sent out regarding the newest stimulus package. The fraudulent email messages using the COVID-19 American Rescue Plan as bait target the infosec and technology sectors while employing subject lines ranging from “Joe Biden Rescue Plan Act” to “IRS Rescue Plan Form” to “President’s Rescue Plan Act.”

Identity Theft

Identity Theft Social Engineering InfoSec Insurance

Cyber Security Informer

ChatGPT: What are the Implications for Infosec?

GUEST ESSAY: How and why ‘pen testing’ will continue to play a key role in cybersecurity

Trending Sources

The FBI’s Qakbot Takedown, QR Code Phishing Attacks, Dox Anyone in America for $15

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Personal Cybersecurity Concerns for 2023

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Top 8 Cybersecurity Podcasts of 2021

Are Ethics and Social Engineering Compatible?

The pros and cons of SOAR explained

Cyber CEO: A Look Back at Cybersecurity in 2021

Massive AT&T Data Leak, The Danger of Thread Hijacking

The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked

Phone Scam Targets Psychologists, All My Apes Gone, Supply Chain Skimmer Attack

Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware

Top Cybersecurity Accounts to Follow on Twitter

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

5 Major Cybersecurity Trends to Know for 2024

Happy 13th Birthday, KrebsOnSecurity!

Introducing Behavioral Information Security

Top 5 Cybersecurity and Computer Threats of 2017

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

Cyber CEO: Cybersecurity in 2021 – What We’ve Learned So Far

The Trouble with Politicians Sharing Passwords

Your New Stimulus Check Might Not Be Safe From Cybercriminals

Stay Connected