Security News

Black Basta target orgs with new social engineering campaign
2024-05-13 12:39

The advisory lists indicators of compromise associated with Black Basta ransomware attacks and offers advice for organizations. Rapid7 analysts have also shared the latest social engineering trick by the Black Basta operators: they spam targets' inbox with junk email, then phone them posing as a member of their organization's IT team, and offer assistance.

How to make your web apps resistant to social engineering
2024-04-16 14:02

Despite this, there are still things that you can do to make your web apps more resistant to social engineering. With this in mind, consider implementing these strategies at your organization to protect your web applications and reduce the chance of falling victim to social engineering.

4 Ways Hackers use Social Engineering to Bypass MFA
2024-02-12 11:14

When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential...

Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware
2023-12-12 19:00

Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. A new report from U.S.-based cybersecurity company Proofpoint exposes a new attack campaign operated by a financially-oriented threat actor dubbed TA4557 with high financial data theft risks and possibly more risks such as intellectual property theft.

Webinar — Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker
2023-12-11 10:53

In the ever-evolving cybersecurity landscape, one method stands out for its chilling effectiveness – social engineering. But why does it work so well? The answer lies in the intricate dance...

Stop social engineering at the IT help desk
2023-11-23 09:09

Sponsored Post Ransomware can hit any organization at any time, and hackers are proving adept at social engineering techniques to gain access to sensitive data in any way they can. Reports suggest the attack will cause an estimated US$100m hit to its revenue after the hotel and gambling firm was forced to shut down its IT systems to contain the damage after customer contact information, gender, date of birth, social security, passport and driver's license numbers were stolen.

F5 Warns Australian IT of Social Engineering Risk Escalation Due to Generative AI
2023-10-11 09:32

Experts from security firm F5 have argued that cyber criminals are unlikely to send new armies of generative AI-driven bots into battle with enterprise security defences in the near future because proven social engineering attack methods will be easier to mount using generative AI. The release of generative AI tools, such as ChatGPT, have caused widespread fears that democratization of powerful large language models could help bad actors around the world supercharge their efforts to hack businesses and steal or hold sensitive data hostage. F5, a multicloud security and application delivery provider, tells TechRepublic that generative AI will result in a growth in social engineering attack volumes and capacity in Australia, as threat actors deliver a higher volume of better quality attacks to trick IT gatekeepers.

Understanding the dangers of social engineering
2023-09-11 03:00

Social engineering is a manipulative technique used by individuals or groups to deceive or manipulate others into divulging confidential or sensitive information, performing actions, or making decisions that are not in their best interest. It often involves exploiting human psychology and trust to gain access to information, systems, or physical spaces.

Emerging threat: AI-powered social engineering
2023-09-06 04:30

Deepfake videos use AI and deep learning techniques to create highly realistic but fake or fabricated content. The most effective evaluation of deepfake technology can be made when watching videos in which the "Deepfaked" person is a celebrity or individual whom the viewer is visually familiar with.

Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
2023-09-02 04:12

Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. "In recent weeks, multiple US-based Okta customers have reported a consistent pattern of social engineering attacks against IT service desk personnel, in which the caller's strategy was to convince service desk personnel to reset all multi-factor authentication factors enrolled by highly privileged users," the company said.