A new report shows that 95 percent of IT leaders say that cyberattacks are more sophisticated than ever and they are unprepared for this new wave of threat vectors.

The survey, of more than 800 IT and security leaders around the world, from Keeper Security reveals that firms are witnessing AI-powered attacks (51 percent), deepfake technology and supply chain attacks (both 36 percent), cloud jacking (35 percent), Internet of Things (IoT) attacks and 5G network exploits (both 34 percent), and fileless attacks (24 percent).

Continue reading →

Kaspersky's annual spam and phishing report, released today, shows its anti-phishing system thwarted over 709 million attempts to access phishing and scam websites in 2023 -- a 40 percent increase over 2022.

There's also been a surge in attacks spread via messaging platforms, including 62,127 phishing attempts on Telegram -- a 22 percent increase from the year before. AI platforms, social media services, and cryptocurrency exchanges are the other most-exploited channels.

Continue reading →

A new report shows that 66 percent of organizations in the UK experienced at least one successful phishing attack in 2023 compared to 91 percent the previous year.

However, the study from Proofpoint shows the negative consequences of attacks have soared, with a 30 percent increase in reports of financial penalties, such as regulatory fines, and a 78 percent increase in reports of reputational damage.

Continue reading →

A new report from Cofense based on data from its Phishing Detection Center identifies over 1.5 million malicious emails bypassing customers' secure email gateways (SEGs), a 37 percent increase in threats compared to 2022.

The report shows that SEGs struggle to keep pace with sophisticated phishing campaigns and that relying on 'good enough' email security is no longer an option for most enterprises.

Continue reading →

Phishing is the most common form of cyberattack as criminals seek to obtain credentials to access bank accounts or corporate networks.

Abnormal Security has analyzed which phishing attacks generate the highest click rate and categorized them based on the words included in the subject line.

Continue reading →

New research from Malwarebytes reveals that employees are being tricked into downloading remote monitoring and management tools like AnyDesk to open up back doors to corporate networks.

In a standard phishing technique potential victims are targeted via an email or SMS message, personalized to match their roles within the organization. The link in the email goes to what looks like a legitimate bank website with a link to open a chat support session.

Continue reading →

A new report from BlueVoyant looks at the new risks organisations face from outside the traditional IT perimeters.

In particular, cybercriminals are using AI to create more effective phishing campaigns, and employing online adverts to lure victims to malicious websites.

Continue reading →

Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools now make up the majority of malicious tools in use by attackers, according to a new study.

The report from Darktrace shows malware loaders (77 percent of investigated threats) are the most common tool, followed by cryptominers (52 percent), and botnets (39 percent).

Continue reading →

New research from Cofense reveals the most common phishing themes of last year, which offer insight into the threat actor's intentions.

Information analyzed to determine the theme includes the brand being spoofed, any attachment names, rendered attachments in the case of documents or HTML files, and the email body content, plus of course the subject.

Continue reading →

Cybersecurity company NordVPN is launching a new, free tool to allow users to check the safety of a website before visiting it.

Link Checker scans a site for different types of malware and delivers a notification about whether it's fake or infected with phishing scams.

Continue reading →

A new study finds that that most organizations anticipate phishing (81 percent), malware and ransomware (76 percent), and accidental data loss (63 percent) will be the top security risks over the next six months, followed by social engineering (55 percent) and third-party risks (52 percent).

The report from Fortra looks at the challenges security professionals have faced over the past year, as well as what they plan to focus on next as they continue to embrace digital transformation, new hybrid infrastructures and a challenging security landscape.

Continue reading →

According to a new study, 94 percent of global organizations have experienced email security incidents last year, up two percent from the year before.

The latest Email Security Risk Report from Egress looks at attitudes and approaches to email security, the evolution of risks, and the impact of incidents, based on responses from 500 cybersecurity leaders.

Continue reading →

According to the FIDO (Fast Identity Online) Alliance, passwords are the root cause of more than 80 percent of data breaches. And yet, many organizations -- both big and small -- continue to use this antiquated approach to authentication. In fact, recent research from Yubico, which surveyed more than 16,000 employees across eight countries, found 59 percent of respondents still rely on usernames and passwords as their primary method of authentication.

Why do we continue to see the same old same old, especially when the authentication industry has made such significant strides in not only passwordless but also phishing-resistant authentication? We spoke with Axiad founder and co-CEO Bassam Al-Khalidi to get an answer to this question and find out how companies can make the move to a passwordless, phishing-resistant future. Read on to hear what he had to say.

Continue reading →

A new report from Abnormal Security highlights real-world examples of how AI is being used to carry out cyberattacks.

Generative AI allows scammers to craft unique email content, making detection that relies on matching known malicious text strings infinitely more difficult.

Continue reading →

A new report from Axiad shows that 88 percent of IT professionals feel their company is prepared to defend against a password-based cyberattack, yet 52 percent say their business has fallen victim to one within the last year.

Based on over 200 responses from US IT pros, the study shows 39 percent think phishing is the most feared cyberattack, while 49 percent say it's the attack most likely to happen.

Continue reading →