Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.
Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
What began as a moment of panic in the wake of what I thought was a phishing attempt ended up being a valuable lesson about a quirky Gmail feature and how it impacts the email security landscape.
According to a new U.K.-based study, 100 percent of test spear phishing attacks gained access to sensitive university data in less than two hours.
Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.
A massive brute-force attack campaign used both legacy protocols and credential dumps to compromise cloud user accounts, according to security researchers.
Security researchers observed a Turkish-speaking group of cybercriminals using an Instagram hack to extort money, nude photos and other information from social media influencers.
Security researchers spotted a new attack campaign that's targeting organizations in several countries with a new variant of Qbot banking malware.
Danna Pelleg's childhood curiosity, early technology education and compulsion to fight the bad guys led her to a career as a fraud specialist and security operations team lead at IBM Trusteer.
Social engineering and security awareness training exercises can help business leaders uncover gaps in their incident response plans and identify poor security hygiene among employees.