social engineering

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

Microsoft says hackers backed by the Iranian government targeted over 100 high-profile potential attendees of two international security and policy conferences. The group, known as Phosphorus (or APT

Decrypted: How Twitter was hacked, GitHub DMCA backfires

One week to the U.S. presidential election and things are getting spicy. It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week t

HacWare wants you to hate email security a little less

Let’s face it, email security is something a lot of people would rather think less about. When you’re not deluged with a daily onslaught of phishing attacks trying to steal your passwords,

Decrypted: Uber’s former security chief charged, FBI’s ‘vishing’ warning

A lot happened in cybersecurity over the past week. The University of Utah paid almost half a million dollars to stop hackers from leaking sensitive student data after a ransomware attack. Two major A

Twitter says ‘phone spear phishing attack’ used to gain network access in crypto scam breach

Twitter has revealed a little more detail about the security breach it suffered earlier this month when a number of high-profile accounts were hacked to spread a cryptocurrency scam — writing in

Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. Apple, Elo

Microsoft secretly seized domains used in COVID-19-themed email cyberattacks

A court granted Microsoft's request to take control of the domains used by the scammers.

Google says Iranian, Chinese hackers targeted Trump, Biden campaigns

Google security researchers say they’ve identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns. Shane Huntley, director for Google&#821

Anti-phishing startup Inky raises $20M to ramp up enterprise adoption

Anti-phishing startup Inky has raised $20 million in its Series B round of funding, led by Insight Partners. The funding will help the company push for greater enterprise adoption and expand to intern

What you need to know about COVID-19-related cyberattacks

Attack methods logically exploit changes in the global environment. Mass working over remote connection leads to mass remote login activity.

Red teams OK to push ethical limits but not on themselves, study says

Wake up, make breakfast, get the kids to school, drive to work, break into the chief financial officer’s inbox and steal the entire company’s employee tax records. Maybe later you’ll

Most of the largest US voting districts are vulnerable to email spoofing

Only 5% of the largest voting counties in the U.S. are protected against email impersonation and phishing attacks, seen as a key attack method by hackers who officials say want to disrupt the upcoming

Facebook bowed to a Singapore government order to brand a news post as false

Facebook added a correction notice to a post by a fringe news site that Singapore’s government said contained false information. It’s the first time the government has tried to enforce a new l

Only a few 2020 US presidential candidates are using a basic email security feature

Just one-third of the 2020 U.S. presidential candidates are using an email security feature that could prevent a similar attack that hobbled the Democrats during the 2016 election. Out of the 21 presi

TriNet sent remote workers an email that some thought was a phishing attack

It was the one of the best phishing emails we’ve seen… that wasn’t. Phishing remains one of the most popular attack choices for scammers. Phishing emails are designed to impersonate

Microsoft says Iranian hackers targeted a 2020 presidential candidate

Microsoft said it has found evidence that hackers associated with Iran have targeted a 2020 presidential candidate. The tech giant’s security and trust chief confirmed the attack in a blog post,

Justice Department indicts 80 individuals in a massive business email scam bust

The Justice Department has indicted dozens of individuals accused of involvement in a massive business email scam and money laundering scheme. Thom Mrozek, a spokesperson for the U.S. Attorneys Office

Bellingcat journalists targeted by failed phishing attempt

Investigative news site Bellingcat has confirmed several of its staff were targeted by an attempted phishing attack on their ProtonMail accounts, which the journalists and the email provider say faile

Justice Department charges Chinese hacker for 2015 Anthem breach

U.S. prosecutors have brought charges against a Chinese national for his alleged involvement in the data breach at health insurance giant Anthem announced in 2015 that resulted in the theft of 78.8 mi

Malware researcher Marcus Hutchins pleads guilty, ending his legal case

Malware researcher Marcus Hutchins has pleaded guilty to two counts of creating and selling a powerful banking malware, ending a long and protracted battle with U.S. prosecutors. Hutchins, a British n
Load More