The Adwind cross-platform, malware-as-a-service Trojan has been around since 2012. Spread by phishing emails claiming to be invoices, purchase orders, and requests for quotations, it's aimed at high value targets like finance departments.

While it never completely disappeared in recent years the number of attacks did die down. However, security awareness training company KnowBe4 has noted an upsurge in Adwind emails during October of this year.

The people behind phishing attacks are always looking for ways to improve their profitability. They quite often re-use material by bundling site resources into a phishing kit, uploading that kit to a server and sending a new batch of emails.

Sometimes though they get careless and leave the kits behind allowing them to be analyzed. Trusted access specialist Duo Security carried out a month-long experiment to track down these abandoned kits.

As part of Cybersecurity Awareness Month, Google has announced numerous security-related updates including revamped phishing protection. Now the company has also announced what it is referring to as its "strongest security, for those who need it most."

Aimed at protecting people who are most likely to find themselves the target of attacks -- Google suggests journalists and human rights workers as examples -- the new Advanced Protection Program is being made available to anyone who wants to use it. It will protect Gmail, Google Drive and YouTube data with a variety of measures including a physical authentication key.

We're in the middle of Cybersecurity Awareness Month and Google is taking part. The company has launched two updated protection tools to help keep internet users safe online.

While Google refers to "two new protections," these are really updates rather than completely new offerings. Both the Security Checkup tool and Google Safe Browsing have been updated to make them more personal, and both of them will adapt over time to protect against new threats.

Phishing is still a key tool for cyber criminals as they seek to insert malware onto machines and to get hold of personal details.

Although most people are aware of the threat there are still some subject lines that are much more likely to deliver results for the phishermen than others, according to security awareness training specialist KnowBe4, which has released its Top 10 Global Phishing Email Subject Lines report for the third quarter of 2017.

Microsoft is opening itself up to submissions from the public, making it possible for people to provide information about malicious websites. A new page on the Windows Defender Security Intelligence (WDSI) website gives anyone the opportunity to pass on details of phishing sites and other malicious pages directly to Microsoft.

The WDSI portal is described by Microsoft as being in preview, so it's possible that what you see now may change over time.

In the wake of the recent breach at credit agency Equifax it's only natural that people are keeping a close eye on their bank statements and credit reports.

Of course the bad guys know this too and a new report by Barracuda Networks looks at an email attack that is impersonating a 'secure message' from financial institutions.

Threat detection company RiskIQ has released the latest of its quarterly reports into threat trends, this one looking at phishing.

It finds that in the second quarter of 2017 there were 39,320 unique phishing domains, down from 45,025 back in the first quarter. However, there were 316 targeted phishing brands in Q2 -- up 15.7 percent from the 273 brands targeted in Q1.

Every month, almost 1.5 million new phishing websites are created. This is according to a new report by Webroot, showing just how big of an industry phishing really is.

The Webroot Quarterly Threat Trends Report says that 1.385 million new phishing sites are created every month. May was the busiest of them all, with 2.3 million sites created.

Despite training and other efforts to combat the problem, phishing is still proving a remarkably effective tactic for cyber criminals according to a new report.

The study by cloud business applications company Intermedia shows that while 70 percent of office workers say that their organization regularly communicates with employees about cyber threats as a means of prevention, there are significant gaps between confidence and effectiveness.

With over 100 million monthly subscribers, it's not surprising that Office 365 is a popular target when it comes to attempting to steal credentials.

A new report from Barracuda Networks looks at how phishers are sending out authentic-looking emails purporting to be from Microsoft asking users to reactivate their accounts.

Both users and their endpoint devices are the primary target for cyber criminals with phishing being the most prevalent threat according to a new report.

The study from research and education specialist the SANS Institute finds security professionals rate phishing at 72 percent, spyware at 50 percent, ransomware at 49 percent, and Trojans at 47 percent as being the top threats today.

Buying a house is the biggest purchase most people make, with large amounts of money involved it’s not surprising that these transactions are attractive to cyber criminals.

Security specialist Barracuda Networks has released an analysis of a recent mortgage spear phishing attempt where an attacker attempted to divert a payment.

Email phishing scams continue to strike a huge number of businesses, in spite of much more improved cyber-security policies, new research has revealed.

The latest Email Security Risk Assessment from Mimecast discovered that ambitious hackers are also increasingly targeting C-level executives and impersonating those in senior leadership positions in order to trick employees into transferring money or valuable IP data. The report found that there had been a 400 percent rise in so-called impersonation attacks in just the last three months of the year.

Google has updated Gmail with a number of new security features aimed at businesses that require better protection against malware and phishing scams.

The company announced today that it is bringing early phishing detection to its email service by using machine learning along with click-time warnings for malicious links found in emails as well as unintended external reply warnings.