Security researchers noticed fraudsters incorporating QR codes into various phishing attack campaigns as a way to evade URL analysis.
When it comes to social engineering training, make sure every employee learns the names of specific attacks.
High-risk, low-noise lateral movement attacks are becoming more common, and organizations need to adapt their strategic, tactical and operational defenses.
Online fraudsters are exploiting users' excitement for March Madness by targeting them with phishing attacks and streaming scams.
A recent phishing campaign used a fake Google reCAPTCHA as part of its efforts to target Polish bank employees with malware.
While current email security solutions can help mitigate phishing impacts, companies must recognize the role of corporate email as a social network to address the human components of this risk.
Social engineering and security awareness training exercises can help business leaders uncover gaps in their incident response plans and identify poor security hygiene among employees.
Since governments have so many potential attack vectors to manage, government cybersecurity professionals need clear processes, procedures and authority to harden vulnerable environments.
Ahead-of-threat detection enables security professionals and consumers to identify potential phishing websites faster than traditional browser protection apps can blacklist active cyberthreats.
Researchers reported that threat actors are using web services such as Google Drive, SharePoint and Dropbox to host files containing malicious links as part of phishing campaigns.