Why Every Employee in Your Organization Should Learn Social Engineering Vocabulary
When it comes to social engineering training, make sure every employee learns the names of specific attacks.
Spear Phishing Report Card: Perfect Scores in School Security Pen Testing
According to a new U.K.-based study, 100 percent of test spear phishing attacks gained access to sensitive university data in less than two hours.
Workplace Expectations and Personal Exceptions: The Social Flaws of Email Security
While current email security solutions can help mitigate phishing impacts, companies must recognize the role of corporate email as a social network to address the human components of this risk.
Threat Actors Utilize Spear Phishing Emails Impersonating US Department of State Employees
Microsoft Windows Defender Research discovered an attack campaign that utilized spear phishing emails impersonating U.S. Department of State employees to gain remote access to victims' machines.
SNAKEMACKEREL Group Uses Brexit-Themed Spear Phishing Attack to Target Government Agencies
Analysts discovered a new spear phishing attack campaign from the SNAKEMACKEREL group that uses fake Brexit-related documents to infiltrate major government agencies and steal information.
New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools
A PDF attack campaign conducted by the Cobalt Gang used a specially crafted document to evade dection by static analysis tools.
APT Group GreyEnergy Sparks Worry About BlackEnergy Successor
Researchers believe that a new APT group known as GreyEnergy, which they observed targeting ICS consoles across Poland and Ukraine, may be a successor to BlackEnergy, the group that authored NotPetya.
New Gallmaker Attack Group Using Living-off-the-Land Tactics in Espionage Campaign
A new attack group known as Gallmaker spied on military and government organizations by employing living-off-the-land tactics.
OilRig Group Aims BONDUPDATER Trojan Malware at Middle Eastern Governments
The OilRig threat group recently targeted government offices in the Middle East with a spear phishing attack that involved the Trojan malware BONDUPDATER.
Here’s Why Business Email Compromise Is Still Driving Executive Identity Theft
Business email compromise scams are still surprisingly lucrative. In fact, the volume and frequency of BEC attacks have skyrocketed in recent years, according to FBI data.