Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
ChatGPT, an AI-based chatbot that specializes in dialogue, is raising concern among security professionals about how criminals could use cheap, accessible natural language AI to write convincing phishing emails and pull off nefarious deepfake scams. Peter Cassidy discusses the implications.
Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Cloud email security: It involves new strategies and tools to defend against a new wave of attacks. Arun Singh of Abnormal Security discusses the latest flavor of email attacks and the new Knowledge Bases created to help enterprises increase their education and defensive capabilities.
The losses from phishing and other forms of sophisticated email fraud in 2021 alone totaled over $44 million, and the volume of phishing and email spoofing attacks doubled in 2021. Many malicious data breaches are caused by stolen credentials rather than the installation of malware. In fact, IBM found that in 2021,...
The email attack vector. It may not earn much discussion, but the adversaries take full advantage of it with phishing, BEC and now email platform attacks. Mike Britton, CISO of Abnormal Security, talks about the latest threat trends and how to detect and defend against them.
What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to improve your organization’s authentication methods?
Password complexity, length, and rotation requirements are the bane of IT...
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
A large-scale cyberespionage campaign by notorious China-based advanced persistent threat actor Mustang Panda is targeting government, academic and other sectors globally. Its main targets include Asia-Pacific organizations in Myanmar, Australia, the Philippines, Japan and Taiwan.
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
