#phishing
#phishing

Information security

What is a Passkey? Definition, How It Works and More

Passkeys combine private and public cryptographic keys for authentication.

Passkeys are phishing-resistant and eliminate the need for complex passwords. [ more ]

moreauthentication

#cybersecurity

Irish Independent

2 weeks ago

Information security

Dell data breach may affect up to 49 million customers

A data breach at Dell exposed customer names and addresses dating back to 2017, prompting security concerns and warnings about potential phishing attempts. [ more ]

TechCrunch

2 weeks ago

Privacy professionals

'Got that boomer!': How cyber-criminals steal one-time passcodes for SIM swap attacks and raiding bank accounts | TechCrunch

Cybercriminals trick victims into giving access codes, allowing hijacking of online accounts and digital wallets. [ more ]

TechCrunch

6 days ago

Information security

Bolster, creator of the CheckPhish phishing tracker, raises $14M led by Microsoft's M12 | TechCrunch

A dodgy email with a malicious link remains a top cyber threat. Bolster, an AI startup, raises $14 million to combat phishing attacks for businesses. [ more ]

ITPro

2 weeks ago

Information security

What is a TOAD attack?

TOAD attacks combine different phishing methods, posing a significant threat to businesses globally. [ more ]

TechRadar

1 week ago

Information security

Meta business accounts increasingly being hit by cyberattacks

Cybercriminals target Meta business accounts for malvertising campaigns, leveraging phishing kits to bypass multi-factor authentication. [ more ]

www.housingwire.com

1 week ago

Information security

Reducing risk bynhancing organizational cybersecurity

Phishing simulation training is an effective strategy for enhancing employees' ability to recognize and neutralize email phishing threats. [ more ]

morecybersecurity

BKReader

3 weeks ago

Information security

Top 10 Tips for Seniors to Defend Against Scammers

Seniors are frequent targets of scammers due to trust and digital unfamiliarity. [ more ]

#google

Mail Online

1 month ago

Information security

Hackers are using fake Facebook ads to steal bank account details

Cyberattack targets Facebook users with phishing ads disguised as 'sponsored' Google links. [ more ]

Engadget

2 months ago

Privacy professionals

Safe Browsing on Google Chrome adds real-time protection against malicious sites

Google updates Safe Browsing mode in Chrome to check sites against a real-time server-side list of known unsafe sites.

Real-time URL checks in Safe Browsing mode can help block 25% more phishing attempts. [ more ]

Entrepreneur

Deliverability

3 Email Changes Google and Yahoo Will Require You to Adopt By February 1st | Entrepreneur

Google and Yahoo have partnered to create new guidelines for mass email senders to combat spam, spoofing, and phishing attacks.

Email senders must authenticate their emails, enable one-click unsubscribing, and maintain a low spam complaint rate. [ more ]

moregoogle

#cyber-crime

ComputerWeekly.com

1 month ago

Privacy professionals

International police operation infiltrates LabHost phishing website used by thousands of criminals | Computer Weekly

Law enforcement shuts down major phishing-as-a-service platform LabHost, leading to 37 arrests worldwide and revealing 70,000 UK fraud victims. [ more ]

Theregister

Privacy professionals

Money-grubbing crooks abuse OAuth apps for BEC, phishing

Miscreants are misusing OAuth for financially motivated cyber crimes such as phishing and crypto mining.

Microsoft warns that compromised accounts without strong authentication are particularly vulnerable to OAuth abuse. [ more ]

morecyber-crime

#artificial-intelligence

Nextgov.com

1 month ago

Artificial intelligence

AI is creating 'more sophisticated' but not unprecedented election threats, DHS official says

AI tools contributing to more sophisticated misinformation.

Phishing campaigns using generative AI can increase likelihood of election personnel being targeted. [ more ]

english.elpais.com

moreartificial-intelligence

Artificial intelligence

Beware of ChatGPT's evil twin and other generative AI dangers

Generative artificial intelligence tools like FraudGPT and WormGPT are being used by cybercriminals for malicious purposes.

These AI tools can create convincing fake messages and emails, leading to scams, deepfakes, and misinformation campaigns. [ more ]

Theregister

2 months ago

Privacy professionals

IT helpdeskers increasingly targeted by cybercriminals

IT helpdesk workers are increasingly targeted by cybercriminals, a trend growing in success.

Attacks involve pretending to be an employee, requesting changes to identity access, and registering their device for insider access. [ more ]

The Globe and Mail

2 months ago

Privacy professionals

Manitoba government could boost security for remote work, auditor-general says

Manitoba government implements IT security measures for remote work, but improvements needed

Auditor-General highlights weaknesses in encryption settings and outdated remote work security policies. [ more ]

TNW | Data-Security

Deliverability

New Russian PSYOPs mix disinformation, spam, and Navalny

Russia-aligned PSYOPs campaign involved espionage, disinformation, and phishing.

ESET uncovered Operation Texonto, linking it to Russian propaganda, targeting Ukrainians, and Navalny-related domains. [ more ]

#data-breach

Mail Online

Privacy professionals

Warning to Facebook Marketplace users as 200,000 accounts leaked

Hundreds of thousands of Facebook Marketplace accounts have been leaked online, putting users at risk of phishing and cyberattacks.

The leaked data includes personal information such as names, phone numbers, email addresses, and Facebook profile information. [ more ]

ReadWrite

Privacy professionals

Massive data breach in France affects 33 million citizens

A massive security breach has affected almost half of French citizens, involving two service providers for medical insurance companies.

Around 33 million customers' data was stolen, including personal information such as birth dates, social security numbers, and insurance details. [ more ]

BleepingComputer

Privacy professionals

Data breach at French healthcare services firm puts millions at risk

French healthcare services firm Viamedis suffered a cyberattack exposing the data of policyholders and healthcare professionals.

The data breach includes sensitive information such as social security numbers and names of health insurers.

The breach was the result of a successful phishing attack on an employee, not ransomware. [ more ]

TechCrunch

Privacy professionals

Framework says hackers accessed customer data after phishing attack on accounting partner | TechCrunch

U.S. repairable laptop maker Framework confirmed a data breach after an employee at its accounting service provider was phished.

Hackers accessed customers' personal information, including names, email addresses, and balances owed.

It's unclear if any other clients of the accounting service provider were affected. [ more ]

moredata-breach

Hubspot

Privacy professionals

4 Phishing Email Examples Even I Could Fall For (& How to Spot Them)

Phishing emails are online scams that trick recipients into providing sensitive information.

Phishing emails come in various types, each designed to exploit specific vulnerabilities or scenarios. [ more ]

DevOps.com

Privacy professionals

The Code Caveat: When Developer Credentials Become the Hacker's Pickaxe - DevOps.com

Developers are often the weakest link in cloud security.

Common ways developers can compromise cloud security include exposing credentials, falling victim to phishing campaigns, and using weak passwords. [ more ]

#ai

ComputerWeekly.com

Privacy professionals

Security Think Tank: The phishing forecast for 2024 | Computer Weekly

Phishing campaigns leveraging AI capabilities expected to increase in 2024.

Automation behind cyber attacks and AI will continue to expand, allowing for more sophisticated targeted attacks. [ more ]

Tripwire

Privacy professionals

NCSC Warns That AI is Already Being Used by Ransomware Gangs

Malicious attackers are using artificial intelligence (AI) for more effective cyber attacks, and the volume and impact of threats will increase in the next two years.

AI tools make it easy to generate believable text, images, audio, and deepfake videos that can be used to deceive targets. [ more ]

moreai

WIRED

Artificial intelligence

Staying One Step Ahead of Hackers When It Comes to AI

Generative AI is being used by cybercriminals to automate the creation of personalized phishing emails.

Generative AI may make biometric hacking easier and allow hackers to target chatbots and inject malware into their generated output. [ more ]

www.fastcompany.com

Artificial intelligence

5 cybersecurity predictions for 2024

Cybersecurity costs are predicted to rise globally to $10.5 trillion by 2025 as cybercrime becomes more sophisticated.

AI-powered scams and advanced phishing techniques are expected to increase in 2024. [ more ]

Theregister

Information security

The Russians are coming! Err, they've already infiltrated

Russia-backed attackers named defense-industrial firms and energy facilities as new targets for phishing campaigns.

The Russian group Star Blizzard, believed to be affiliated with the FSB, is responsible for the attacks. [ more ]

ComputerWeekly.com