Want to know more about this topic or about us? Contact us!
A new report from French-based cybersecurity company Sekoia describes evolutions in the financial sector threat landscape. The sector is the most impacted by phishing worldwide and is increasingly targeted by QR code phishing. The financial industry also suffers from attacks on the software supply chain and stands among the most . . . Read more
A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks. What will cybersecurity look like in 2024? Google Cloud’s global Cybersecurity Forecast found that generative AI can help attackers and defenders and urged security personnel to look out for nation-state backed attacks . . . Read more
A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store. A new report from ThreatFabric, a fraud protection company, exposes SecuriDropper malware, which is capable of bypassing Android 13 restricted settings. The malware makes Android consider the . . . Read more
Hacker Stephanie “Snow” Carruthers and her team found phishing emails written by security researchers saw a 3% better click rate than phishing emails written by ChatGPT. An IBM X-Force research project led by Chief People Hacker Stephanie “Snow” Carruthers showed that phishing emails written by humans have a 3% better . . . Read more
A new report from Netskope detailing the top techniques used by cybercriminals to attack organizations found that cloud apps are increasingly being used by threat actors, representing 19% of all clicks on spearphishing links. The report also shed light on the attackers’ targets according to their financial or geopolitical motivations. . . . Read more
The National Security Agency and the Cybersecurity and Infrastructure Security Agency published on October 4, 2023, a document titled Identity and Access Management: Developer and Vendor Challenges. This new IAM CISA-NSA guidance focuses on the challenges and tech gaps that are limiting the adoption and secure employment of multifactor authentication . . . Read more
Microsoft, the Dark Web and the name John Malkovich all factor into this EvilProxy phishing attack. The good news is there are steps IT can take to mitigate this security threat. A new EvilProxy phishing attack is leveraging an open redirection flaw from the legitimate Indeed.com job search site, according . . . Read more
Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware. Image: James Thew/Adobe Stock A new report from global cybersecurity company Truesec reveals a new attack campaign leveraging Microsoft Teams to infect companies’ users. While the . . . Read more
Image: Timon/Adobe Stock A significant portion of social engineering attacks, such as phishing, involve cloaking a metaphorical wolf in sheep’s clothing. According to a new study by Abnormal Security, which looked at brand impersonation and credential phishing trends in the first half of 2023, Microsoft was the brand most abused . . . Read more
This QR code phishing campaign is targeting multiple industries and using legitimate services such as Microsoft Bing to increase its efficiency and bypass security. Image: ronstik/Adobe Stock Cofense, a U.S.-based email security company, released a new report about a massive QR code phishing campaign that targets numerous industries. The campaign . . . Read more