Security News

Social engineering scams sweep through financial institutions
2024-11-13 04:00

North American financial institutions fielded 10 times more reports of social engineering scams in 2024 than they did a year ago, according to BioCatch. The data shows scams now represent 23% of...

Clever Social Engineering Attack Using Captchas
2024-09-20 15:32

This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever.

North Korean hackers’ social engineering tricks
2024-09-04 12:18

“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a...

FBI warns crypto firms of aggressive social engineering attacks
2024-09-03 17:43

The FBI warns of North Korean hackers aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks, aiming to deploy malware that steals their...

Social Engineering Awareness Policy
2024-07-09 16:00

The purpose of this customizable Social Engineering Awareness Policy, written by Maria Carrisa Sanchez for TechRepublic Premium, is to provide guidelines for preventing, recognizing and addressing social engineering attacks. Regular update of passwords: The company believes passwords serve as the fundamental line of security against unwanted access.

Malware peddlers love this one social engineering trick!
2024-06-17 13:14

Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning. Getting users to install malware on their computers was always a matter of finding the right lure and bypassing security protections.

Protecting identity in a world of deepfakes and social engineering
2024-06-10 03:00

In this Help Net Security video round-up, security experts discuss various aspects of identity verification and security, including generative AI's impact, the state of identity fraud prevention, and the potential impact of identity challenges on the security sector. Complete videos Peter Violaris, Head of Legal, Compliance and Risk, EMEA for OCR Labs, discusses generative AI's impact on identity verification.

90% of threats are social engineering
2024-06-06 03:30

The report highlights significant trends and incidents in cybersecurity. Surge in social engineering attacks: Nearly 90% of threats blocked were social engineering-based, with scams and phishing on the rise, particularly utilizing deepfake technology and hijacked YouTube channels.

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
2024-05-19 08:00

How a GRC consultant passed the CISSP exam in six weeksAsk any IT security professional which certification they would consider to be the "Gold standard" in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. BLint: Open-source tool to check the security properties of your executablesBLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations. OWASP dep-scan: Open-source security and risk audit toolOWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.

Black Basta target orgs with new social engineering campaign
2024-05-13 12:39

The advisory lists indicators of compromise associated with Black Basta ransomware attacks and offers advice for organizations. Rapid7 analysts have also shared the latest social engineering trick by the Black Basta operators: they spam targets' inbox with junk email, then phone them posing as a member of their organization's IT team, and offer assistance.