Duo's Security Blog

APRIL 20, 2023

Through the first two months of 2023 alone, the Australian Competition and Consumer Commission’s Scamwatch reported more than 19,000 phishing reports with estimated financial losses of more than $5.2 What is phishing? This is part of what makes phishing attacks so dangerous.

Phishing

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. For more information, check out our on-demand webinar Your Zero Trust Roadmap.

Authentication

Duo's Security Blog

NOVEMBER 20, 2023

This group of English-speaking threat actors are known for launching sophisticated campaigns that can bypass weak MFA implementations, leveraging tactics such as SIM swapping, adversary-in-the-middle (AiTM) techniques, and social engineering to gain unauthorized access to organizations’ sensitive data.

Threat Detection

Duo's Security Blog

DECEMBER 19, 2024

Phishing is still one of the most common attack vectors, and the holidays provide an especially appealing time to launch an attack thats been supercharged by modern natural language processing models and novel QR codes. No industry is spared this phishing season, though some are targeted more often than others.

Phishing

SecureWorld News

OCTOBER 19, 2021

TAG reported that Iranian-government-backed actors, known as APT35 and by the aliases Rocket Kitten and Charming Kitten, are quickly picking up speed, especially when it comes to implementing slick phishing attacks. Developing advanced phishing techniques to lure victims. Rocket Kitten successfully attacks university website.

Phishing

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users. government stimulus payments are also on the rise.

Scams

SecureList

MAY 27, 2022

The attackers study their victims carefully and use the information they find to frame social engineering attacks. The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. You can find the recording of the webinar here and a summary/Q&A here.

Phishing

CyberSecurity Insiders

APRIL 10, 2023

In the current digital landscape, identity security has gained paramount importance due to the growing cyber risks posed by phishing and social engineering attacks utilizing AI. Why is identity management and security important in 2023? “In Batch training for the Identity Management key players.

Identity Theft

Security Boulevard

MARCH 19, 2021

Social engineering lures are a good example. These detect phishing emails and remove threats from messages, documents and other files and disable any URLs before they even enter the network, a process known as content sanitization. This is where advanced email security solutions can play an important role. Request a Demo.

Cybersecurity

NopSec

FEBRUARY 15, 2017

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? In today’s post, we share information with the goal that it will help everyone in your organization protect themselves from phishing attacks.

Phishing

Digital Shadows

AUGUST 17, 2021

What is Phish(ing)? But, never mind the dozens of other reports and white papers about phishing that come out every year from security industry leaders, let’s take a look at the 2021 Verizon DBIR. Why should I care about Phish? The reason why phishing is still reigning supreme?

Phishing

SecureWorld News

AUGUST 12, 2024

A : Educating employees about phishing, social engineering, and safe online practices helps prevent human errors that can lead to security breaches. Attending webinars is also important for staying updated on the latest trends; SecureWorld has some great ones.

Cybersecurity

SecureWorld News

OCTOBER 27, 2021

Representation of each guest comes from the private, non-profit, and education sectors, so there is sure to be helpful advice for everyone who tunes into the webinar, which is currently available online here. I can go into my [saved] folders, and find our folder on social engineering. social media safety. Ransomware.

Cybersecurity

Responsible Cyber

JULY 13, 2024

You will learn how to: Prevent hacking and phishing attacks by using secure wallets and enabling Multi-Factor Authentication (MFA). Recognize and avoid social engineering scams by educating yourself on common tactics. Phishing scams trick users into revealing sensitive information through fake websites or emails.

Cryptocurrency

Security Boulevard

OCTOBER 4, 2024

1 - CISA to promote MFA, software updates, phishing protection during Cybersecurity Awareness Month October has arrived, and with it Cybersecurity Awareness Month, now in its 21st year. Learn how to spot phishing attempts made via email, text or voice calls. Dive into six things that are top of mind for the week ending Oct.

Cybersecurity

Security Boulevard

APRIL 28, 2021

Networks can also be easily breached by social engineering, password theft, or tainted USBs, as in the Stuxnet attack. . . In later rounds, the Trojan spread through spear-phishing emails with malicious Excel or Word files. How the infection first started is uncertain, but the usual suspect of phishing is suspected.

Energy and Utilities

eSecurity Planet

APRIL 22, 2022

Other cyber incidents are common, including phishing attacks , business email compromise, exploitation of cloud and software vulnerabilities , social engineering , third-party exposures, and more. It hosts Cybercrime Spotlight webinars on emerging cyber threats and the most effective controls to prevent them.

Cyber Insurance

Webroot

FEBRUARY 5, 2025

Check out our recent webinar where we discuss passkeys How do passkeys work? This makes passkeys resistant to phishing, credential stuffing, and brute-force attacks. Enhanced security No passwords mean no risk of phishing attacks, password leaks, or brute-force attacks. Illustration: Google Ask a Techspert Pros of passkeys 1.

Authentication

Centraleyes

FEBRUARY 26, 2025

It serves as a warning to regularly backup company data and train every employee on how to identify phishing and social engineering attacks. Binu Manaf, CEO of the company, noted that it was not a crude phishing attack but an attack that involved a high level of sophistication.

Cybersecurity

NopSec

JULY 25, 2017

The on-demand webinar features a live demo of password self auditing. Click here to watch the demo. References Hashcat – [link] John the Ripper – [link] Impacket – [link] [link] [link] The post Password Cracking: Top Tools Hackers Use to Crack Passwords appeared first on NopSec.

Passwords

LRQA Nettitude Labs

JULY 5, 2023

In addition to the topics below that you can expect to see reviewed and discussed in the forms of blog posts or webinars, LRQA Nettitude would also like to extend an open invitation for feedback and collaboration.

Artificial Intelligence

eSecurity Planet

MAY 28, 2024

Malware in Cloud Storage Buckets Malware threatens cloud storage buckets due to misconfigurations, infected data, and phishing. Offer regular workshops: Provide monthly training, webinars, and seminars on cloud security. APTs seek to steal critical information and retain long-term access.

Risk

NetSpi Executives

APRIL 27, 2024

Ransomware, a definition Ransomware is a set of malware technologies, hacking techniques, and social engineering tactics that cybercriminals use to cause harm, breach data, and render data unusable. Ransomware attackers get into a network in many ways: Social engineering. Unpatched exploits.

Ransomware

NetSpi Executives

APRIL 27, 2024

Each type of penetration test focuses on a different target: Network penetration testing Network penetration testing , also called network security testing , focuses on internal and external networks, wireless endpoints and wireless networks, email phishing, and other types of social engineering. appeared first on NetSPI.

Penetration Testing

CyberSecurity Insiders

MAY 19, 2023

To achieve full zero-trust access, MFA is being replaced by phishing-resistant MFA and the standards that define it. To give you a complete picture, I have identified key terminology and concepts surrounding phishing-resistant authentication and put them together in this handy glossary.

Phishing

Duo's Security Blog

MAY 23, 2023

In our previous two features, we covered the dangers of phishing (one method of credential compromise) and how to mitigate its impact on users. The answer, like most other cybersecurity-adjacent answers, lies in a combination of factors including social engineering , weak passwords, and other risky security moves or attacks.

Authentication

SecureList

APRIL 27, 2022

You can find the recording of the webinar here and a summary/Q&A here. We found overlaps in the infrastructure used by a tunneling tool used by the actor and several possible phishing websites set up within the above time frame. The attack targets victims with spear-phishing emails containing malicious OOXML files.

Malware

NopSec

DECEMBER 7, 2016

The attack vectors have broadened past spear phishing and vulnerable software. Compromised USB drives are a common attack vector, and one that requires vigilance in order to avoid a supply chain attack or an attack that exploits social engineering tactics. We’re glad you asked.

Cyber threats

SecureWorld News

DECEMBER 2, 2021

Ryan Witt, Proofpoint's Managing Director for Healthcare, who joined the SecureWorld webinar Protecting Healthcare from Email Fraud Attacks, also shared the sentiment that BEC attacks have a larger impact than ransomware. Educate and defend against phishing attacks. Ransomware is kind of one of those kitchen table sort of topics.

Cybercrime