Topic: social engineering attacks
-
CISOs' New Challenge: Mastering Human Behavior
Human behavior is the weakest link in cybersecurity, with attackers increasingly using AI-enhanced psychological tactics to bypass technical defenses through deception. A significant global rise in cyberattacks is reported, with many employees struggling to identify fraudulent messages due to sop...
Read More » -
Stop Cyber-Attacks with Simple IAM Controls
Cyber threats often stem from basic oversights like identity management failures, as seen in recent UK retailer breaches involving social engineering schemes. Human error and outdated practices, such as manual password resets, are major vulnerabilities, making organizations susceptible to imperso...
Read More » -
Chaos Ransomware Strikes: New Wave of Cyberattacks
The ransomware group Chaos employs aggressive double extortion tactics and psychological pressure, offering rewards for compliance while escalating threats like data leaks and DDoS attacks for non-payment. Chaos targets organizations globally, particularly in the U.S., UK, New Zealand, and India,...
Read More » -
Chanel targeted in widespread Salesforce data breach
Chanel confirmed a U.S. customer data breach involving unauthorized access to a third-party customer service database, exposing personal details like names and contact information. The breach, linked to cybercriminal group ShinyHunters, stemmed from social engineering attacks targeting Salesforce...
Read More » -
Scattered Spider Targets VMware ESXi in Latest Hacking Wave
A hacking group, Scattered Spider, is targeting VMware ESXi hypervisors via social engineering, compromising U.S. corporations by impersonating employees to gain network access. The attackers exploit privileged accounts to control VMware vCenter, enabling SSH on ESXi hosts and executing disk-swap...
Read More » -
TaskUs Staff Implicated in Coinbase Data Breach, Court Docs Claim
A TaskUs employee was identified as the central figure in a major data breach at Coinbase, involving stolen customer data and social engineering attacks. The breach compromised nearly 70,000 users' personal information, leading to a $20 million ransom demand and significant financial losses. Task...
Read More » -
Debunking the Top Cybersecurity Myths That Still Haunt Businesses
Persistent cybersecurity myths, such as Macs being immune to viruses or frequent password changes ensuring safety, mislead businesses and create protection gaps. AI cannot fully replace human security teams, as it requires oversight to avoid false positives and missed threats, with only 12% of pr...
Read More » -
Stolen Data Fuels a Booming Cybercrime Black Market
The underground cybercrime economy is booming, with stolen personal data treated as a high-value commodity, traded in sophisticated operations involving banking details, medical records, and more. Cybercriminals use AI-enhanced tactics like phishing, deepfakes, and multilingual chatbots to exploi...
Read More » -
Scattered Spider Attacks: 3 Crucial Lessons for Insurance Firms
Insurance companies are increasingly targeted by cybercriminals like Scattered Spider, exploiting weak identity security and help desk procedures to breach major insurers such as Aflac and Erie Insurance. Scattered Spider uses impersonation and social engineering to bypass multi-factor authentica...
Read More » -
Aflac Confirms Data Breach Amid Scattered Spider Cyberattacks
Aflac confirmed a cybersecurity breach potentially exposing sensitive customer data, with no ransomware deployed but possible data theft still under investigation. The breach, possibly linked to the cybercrime group Scattered Spider, may have compromised Social Security numbers, health records, a...
Read More » -
Trump's Chief of Staff Deepfaked in Phishing Scam
Each week, we round up the security and privacy news we didn't cover in depth ourselves. Despite Wiles’ reported claim of having her device hacked, it remains unconfirmed whether this was actually how attackers identified Wiles’ associates. It would also be possible to assemble such a target list from a combination of publicly available information and data sold by gray-market brokers. If so, that would make the incident one of the most significant cases yet of so-called deepfake software being ...
Read More » -
Google Confirms Hackers Stole Customer Data via Salesforce Breach
Google confirmed a security breach in its Salesforce system, exposing business contact details of small and medium-sized enterprises, attributed to the cybercriminal group ShinyHunters (UNC6040). The stolen data included publicly available business names and contact details, with no sensitive fin...
Read More »
