INDUSTRY INSIGHTS YOUR PEERS ARE READING
XBT/Webzilla Hosting Infrastructure Used for Nation-State Hacking, Expert Finds Web hosting firm XBT/Webzilla's infrastructure was used to attack the U.S. MORE
Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report. Most Recent ThreatLists Web Security Cryptocurrency Kaspersky Phishing rate of attacks scam social media phishing Spam tax phishing the report MORE
Mobile Security Lookout mobile first mobile tailored mobile threats Phishing kit VerizonThe kit's authors demonstrate a knowledge of Verizon's infrastructure. MORE
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them MORE
Bitcoin Exchange Job Lure Traces to Hackers Tied to North Korea Bitcoin-seeking phishing attacks have been trying to socially engineer would-be cryptocurrency exchange executives, warn researchers at Secureworks. MORE
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock). MORE
Social-Planning Website Says Pre-2014 User Database Has Been Stolen Online invitation site Evite has been hacked and information on an unspecified number of users stolen. MORE
Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. SecurityAffairs – phishing, Facebook). The post Facebook login phishing campaign can deceive tech-savvy users appeared first on Security Affairs. MORE
Our customers asked for a better way to monitor their simulated phishing campaigns, and we listened: Introducing our new Phishing Dashboard. Leaderboard for the groups who proactively avoid and report phishing threats. Show ROI for entire your simulated phishing initiative. MORE
That was one of the more memorable phishing email subject lines my colleagues recently spotted in their work inbox. the variety of phishing email attempts has blossomed. Phishing Defined. With 32% of confirmed breaches starting with phishing. How to Spot a Phishing Email. MORE
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams. MORE
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. MORE
Researchers warn that the phishing campaign looks "deceptively realistic.". Web Security Credentials Facebook Phishing phishing campaign social engineering MORE
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow MORE
Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. “However, one form of phishing, known as “ man in the middle ” (MITM), is hard to detect when an embedded browser framework (e.g., MORE
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps MORE
A phishing campaign targeting credit unions and other financial institutions recently found its way into the email inboxes of anti-money laundering officers. The post Phishing Campaign Hits Credit Unions appeared first on Adam Levin. MORE
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows. MORE
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign. MORE
On average, one in ten emails is a phishing scam. Very few respondents said they were likely to be lured by the most common pitfalls of phishing scams: Urgency: 10.7%. How does phishing work? >> These weren’t the only types of phishing scam that proved successful, though. MORE
Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Within five days, WSH RAT was observed being actively distributed via phishing. MORE
Researchers at AppRiver uncovered a very trivial phishing campaign targeting the streaming service Spotify, anyway, it is important to share info about it. Security researchers at AppRiver uncovered a phishing campaign targeting the popular streaming service Spotify. MORE
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca) MORE
Terranova's Lise Lapointe on How Cybersecurity Awareness Must Evolve As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. MORE
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING. MORE
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports. MORE
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals MORE
No Misuse of Exposed Data Has Been Reported - Yet Personal details for 30,000 Medicaid recipients in Florida may have been exposed after a government employee fell victim to a phishing attack, state officials warn. MORE
Experts Offer Tips for How to Avoid Falling Victim Several health data breaches involving phishing attacks - including one that potentially exposed data on more than 100,000 individuals - have been added to the federal health data breach tally this month. MORE
Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. These phishing emails pose as alerts sent by Google that inform users that their accounts were accessed from a new Windows device. MORE
Brent Maher of Johnson Financial Group Offers Real-World Lessons Learned The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group MORE
Hacks Vulnerabilities Web Security Akamai code reuse file upload vulnerability kit hijacking Open Source phishing kits vulnerabilities website compromiseThe vulnerable kits also offer a point of entry to compromise legitimate website servers. MORE
Incident Among Largest Health Data Breaches So Far in 2019 The Oregon Department of Human Services is among the latest entities to reveal a phishing breach impacting the protected health information of hundreds of thousands of individuals MORE
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage MORE
Phishing is one of the most longstanding and dangerous methods of cyber crime. Despite what people think they know about phishing, they consistently fall victim. According to Verizon’s 2019 Data Breach Investigations Report , 32% of all cyber attacks involved phishing. MORE
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. MORE
Cybercrime Gang Phoned Victims to Increase Phishing Attack Success Rates The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege. MORE
Security Experts Weigh In on Who Might Be the Culprit Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign. MORE
Breach Tally Shows Hacking Attacks Involving Email Continue to Plague the Sector With the year nearly over, hacking attacks - especially those involving phishing and other email attacks - continue to rack up big victim counts for health data breaches reported to federal regulators in 2018 MORE
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals MORE
Phishing Related Topics 
Krebs on Security
MAY 22, 2019
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca)
Data Breach Today
MAY 20, 2019
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage
Data Breach Today
APRIL 8, 2019
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down.
Krebs on Security
OCTOBER 1, 2018
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING.
Krebs on Security
NOVEMBER 26, 2018
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock).
|
Data Breach Today
DECEMBER 4, 2018
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps
Krebs on Security
NOVEMBER 2, 2018
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows.
Krebs on Security
MAY 29, 2019
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams.
Data Breach Today
DECEMBER 5, 2018
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports.
Data Breach Today
FEBRUARY 26, 2019
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals
|
Schneier on Security
OCTOBER 2, 2018
Brian Krebs is reporting on some new and sophisticated phishing scams over the telephone. fraud phishing scams socialengineeringI second his advice: "never give out any information about yourself in response to an unsolicited phone call."
Data Breach Today
APRIL 16, 2019
Security Experts Weigh In on Who Might Be the Culprit Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign.
Data Breach Today
MARCH 25, 2019
Incident Among Largest Health Data Breaches So Far in 2019 The Oregon Department of Human Services is among the latest entities to reveal a phishing breach impacting the protected health information of hundreds of thousands of individuals
MediaPro
JUNE 15, 2019
That was one of the more memorable phishing email subject lines my colleagues recently spotted in their work inbox. the variety of phishing email attempts has blossomed. Phishing Defined. With 32% of confirmed breaches starting with phishing. How to Spot a Phishing Email.
Security Affairs
JUNE 17, 2019
Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Within five days, WSH RAT was observed being actively distributed via phishing.
IT Governance
JUNE 11, 2019
On average, one in ten emails is a phishing scam. Very few respondents said they were likely to be lured by the most common pitfalls of phishing scams: Urgency: 10.7%. How does phishing work? >> These weren’t the only types of phishing scam that proved successful, though.
Krebs on Security
AUGUST 2, 2018
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign.
IT Governance
JUNE 6, 2019
Phishing is one of the most longstanding and dangerous methods of cyber crime. Despite what people think they know about phishing, they consistently fall victim. According to Verizon’s 2019 Data Breach Investigations Report , 32% of all cyber attacks involved phishing.
Data Breach Today
NOVEMBER 27, 2018
Breach Tally Shows Hacking Attacks Involving Email Continue to Plague the Sector With the year nearly over, hacking attacks - especially those involving phishing and other email attacks - continue to rack up big victim counts for health data breaches reported to federal regulators in 2018
Threatpost
FEBRUARY 15, 2019
Researchers warn that the phishing campaign looks "deceptively realistic.". Web Security Credentials Facebook Phishing phishing campaign social engineering
Adam Levin
FEBRUARY 11, 2019
A phishing campaign targeting credit unions and other financial institutions recently found its way into the email inboxes of anti-money laundering officers. The post Phishing Campaign Hits Credit Unions appeared first on Adam Levin.
Security Affairs
FEBRUARY 8, 2019
Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. These phishing emails pose as alerts sent by Google that inform users that their accounts were accessed from a new Windows device.
Data Breach Today
JUNE 11, 2019
Social-Planning Website Says Pre-2014 User Database Has Been Stolen Online invitation site Evite has been hacked and information on an unspecified number of users stolen.
Data Breach Today
JANUARY 17, 2019
Experts Offer Tips for How to Avoid Falling Victim Several health data breaches involving phishing attacks - including one that potentially exposed data on more than 100,000 individuals - have been added to the federal health data breach tally this month.
Data Breach Today
FEBRUARY 25, 2019
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals
Krebs on Security
JULY 23, 2018
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.
Data Breach Today
MARCH 21, 2019
Terranova's Lise Lapointe on How Cybersecurity Awareness Must Evolve As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests.
Threatpost
MARCH 12, 2019
Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report. Most Recent ThreatLists Web Security Cryptocurrency Kaspersky Phishing rate of attacks scam social media phishing Spam tax phishing the report
Threatpost
JUNE 5, 2019
Hacks Vulnerabilities Web Security Akamai code reuse file upload vulnerability kit hijacking Open Source phishing kits vulnerabilities website compromiseThe vulnerable kits also offer a point of entry to compromise legitimate website servers.
Data Breach Today
AUGUST 7, 2018
Cybercrime Gang Phoned Victims to Increase Phishing Attack Success Rates The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege.
Data Breach Today
MARCH 18, 2019
XBT/Webzilla Hosting Infrastructure Used for Nation-State Hacking, Expert Finds Web hosting firm XBT/Webzilla's infrastructure was used to attack the U.S.
MediaPro
MAY 3, 2019
Our customers asked for a better way to monitor their simulated phishing campaigns, and we listened: Introducing our new Phishing Dashboard. Leaderboard for the groups who proactively avoid and report phishing threats. Show ROI for entire your simulated phishing initiative.
Data Breach Today
DECEMBER 18, 2017
Bitcoin Exchange Job Lure Traces to Hackers Tied to North Korea Bitcoin-seeking phishing attacks have been trying to socially engineer would-be cryptocurrency exchange executives, warn researchers at Secureworks.
Security Affairs
FEBRUARY 17, 2019
Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. SecurityAffairs – phishing, Facebook). The post Facebook login phishing campaign can deceive tech-savvy users appeared first on Security Affairs.
Security Affairs
APRIL 20, 2019
Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. “However, one form of phishing, known as “ man in the middle ” (MITM), is hard to detect when an embedded browser framework (e.g.,
Data Breach Today
JANUARY 8, 2018
No Misuse of Exposed Data Has Been Reported - Yet Personal details for 30,000 Medicaid recipients in Florida may have been exposed after a government employee fell victim to a phishing attack, state officials warn.
Threatpost
APRIL 2, 2019
Mobile Security Lookout mobile first mobile tailored mobile threats Phishing kit VerizonThe kit's authors demonstrate a knowledge of Verizon's infrastructure.
Data Breach Today
JULY 11, 2018
Brent Maher of Johnson Financial Group Offers Real-World Lessons Learned The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group
Security Affairs
NOVEMBER 25, 2018
Researchers at AppRiver uncovered a very trivial phishing campaign targeting the streaming service Spotify, anyway, it is important to share info about it. Security researchers at AppRiver uncovered a phishing campaign targeting the popular streaming service Spotify.
233 
Let's personalize your content