Common Business-Related Phishing Scams Include Fake HR and IT Subject Lines

KnowBe4 Security Awareness Advocate Erich Kron talked to TechRepublic about the importance of assessing a seemingly urgent email before clicking any links. Continue reading Common Business-Related Phishing Scams Include Fake HR and IT Subject Lines

More phishing campaigns are using IPFS network protocol

Learn how IPFS is used in phishing attacks and why it’s especially tricky to remove the impacted pages, as well as how to protect from this security threat.
The post More phishing campaigns are using IPFS network protocol appeared first on TechRepublic… Continue reading More phishing campaigns are using IPFS network protocol

New Generation of Phishing Hides Behind Trusted Services

The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible.  Phishing tactics have […]

The post New Generation of Phishing Hides Behind Trusted Services appeared first on Security Intelligence.

Continue reading New Generation of Phishing Hides Behind Trusted Services

OneNote, Many Problems? The New Phishing Framework

There are plenty of phish in the digital sea, and attackers are constantly looking for new bait that helps them bypass security perimeters and land in user inboxes. Their newest hook? OneNote documents. First noticed in December 2022, this phishing framework has seen success in fooling multiple antivirus (AV) tools by using .one file extensions, […]

The post OneNote, Many Problems? The New Phishing Framework appeared first on Security Intelligence.

Continue reading OneNote, Many Problems? The New Phishing Framework

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

Recently, investigators at Mandiant discovered a new software platform with an intuitive interface. The service has tools to orchestrate and automate core campaign elements. Some of the platform’s features enable self-service customization and campaign tracking.  Sounds like a typical Software-as-a-Service (SaaS) operation, right? Well, this time, it’s Caffeine, the latest Phishing-as-a-Service (PhaaS) platform. A basic […]

The post Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery appeared first on Security Intelligence.

Continue reading Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

An IBM Hacker Breaks Down High-Profile Attacks

On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website GTAForums.com. Gamers got an unsanctioned sneak peek of […]

The post An IBM Hacker Breaks Down High-Profile Attacks appeared first on Security Intelligence.

Continue reading An IBM Hacker Breaks Down High-Profile Attacks

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the […]

The post The 13 Costliest Cyberattacks of 2022: Looking Back appeared first on Security Intelligence.

Continue reading The 13 Costliest Cyberattacks of 2022: Looking Back

Black Hat SEO: Is Someone Phishing With Your Site Domain?

Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using what’s known as black hat SEO. If this happens, your business could pay the price. […]

The post Black Hat SEO: Is Someone Phishing With Your Site Domain? appeared first on Security Intelligence.

Continue reading Black Hat SEO: Is Someone Phishing With Your Site Domain?

Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because […]

The post Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing? appeared first on Security Intelligence.

Continue reading Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?