Most Phishing Campaigns Evade Traditional Filters
Reliance on known IoCs makes many phishing attempts appear “zero-day,” giving attackers a window to bypass defenses before they are flagged.
Read Morecybersecurity
Gmail Scam Puts 1.8 Billion Accounts at Risk
A new phishing campaign is targeting Gmail users. Experts advise enhanced security measures and caution when handling emails to avoid falling victim.
Read MoreUS Government Warns of Medusa Ransomware Targeting Critical Infrastructure
CISA and the FBI warn that Medusa ransomware has compromised more than 300 critical infrastructure organizations.
Read MoreNew AI-Powered Phishing Targeting YouTube Creators
YouTube creators are being targeted by a phishing campaign using AI-generated videos, and threaten loosing key features if they don’t agree to their fake YPP updates.
Read MoreSecurity Flaws Take Almost 9 Months to Patch
The fix time for vulnerabilities has increased to an average of eight and a half months – a 47% increase in the past 5 years.
Read MoreMobile Phishing Attacks Surge as Threats Become More Sophisticated
Cybercriminals are now using multiple forms of phishing: Smishing (SMS phishing), Quishing (QR code scams), Vishing (Voice-based phishing), and Mobile-targeted email phishing.
Read MoreMassive Brute-Force Attack Targets VPN Devices Using 2.8 Million IPs
This attack targeted many devices, including those from Palo Alto Networks, Ivanti, and SonicWall.
Read MoreWho Are The Chinese Hacker Groups, and What Are They Doing?
“Typhoon” Chinese hacker groups have been brought to light recently. One is attributed to hacking the US Treasury, and a Chinese firm and hacker have been sanctioned.
Read MoreFTC Orders GoDaddy to Address Inadequate Web Hosting Security Practices
The Federal Trade Commission (FTC) has taken action against GoDaddy, alleging the web hosting provider failed to implement adequate security measures to protect its customers’ data.
Read MoreNew “DoubleClickJacking” Exploit Bypasses Security Controls to Hijack Accounts
A new attack method, dubbed “DoubleClickJacking,” bypasses traditional clickjacking defenses and requires extra security to negate.
Read More