Monthly Archives: July 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has found that compromise of valid accounts and spear phishing attacks were the two most common vectors of initial access in 2022, Decipher reports. Valid accounts were compromised in 54% of successful … Read More

We’ve reported on several Amazon scams, but for once, there is positive news. Amazon sent an email Thursday morning highlighting the top scams your users should watch out for:

Google announced an update to their inactive account policies in May. Accounts that have been inactive for a period of two years or more will start being deleted in December 2023, at the earliest.

Researchers from Carnegie Mellon University and the Center for A.I. Safety have discovered a new prompt injection method to override the guardrails of large language models (LLMs). These guardrails are safety measures designed to prevent AI from generating harmful content.

Check out the 28 new pieces of training content added in July, alongside the always fresh content update highlights, events and new features.

What happened? The SEC (Securities and Exchange Commission) has introduced new rules that require public companies to be more transparent about their cybersecurity risks and any breaches they experience.

New data focused on the first half of the year shows some anomalies. Phishing attacks are slowing down… that is, until you dive into the details.

Amid potential concerns by governments, customers, and prospects about ties with the Russian government, the cybersecurity vendor Group-IB continues in its promise to separate itself from Russia.

Fraudsters are spreading scams on Facebook that pose as ads for legitimate AI tools, according to researchers at Check Point. The Facebook pages impersonate ChatGPT, Google Bard, Midjourney, Jasper, and more.

Linking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are not engaged.

This blog was co-written by KnowBe4’s Data-Driven Defense Evangelist Roger A. Grimes and Chief Learning Officer John Just. Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that hackers and malware successfully … Read More

IBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach reached $4.45 million in 2023. This marks a significant increase of 15% over the past 3 years, making … Read More

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Scammers are taking advantage of the popularity of the Barbie movie, according to researchers at McAfee.

For over 25 years, a technology utilized for vital data and voice radio communications globally has remained under wraps, preventing in-depth testing for potential vulnerabilities. However, a small group of researchers in the Netherlands has now shed light on it, … Read More

A new social engineering campaign tracked as “FakeSG” is distributing the NetSupport remote access Trojan (RAT) via phony browser updates, according to researchers at Malwarebytes. The campaign is similar but distinct from the widespread “SocGholish” campaign, which also uses fake … Read More

The US Federal Bureau of Investigation (FBI) has warned of an increase in tech support scams that attempt to trick users into sending cash via snail mail.

H Layer Credentialing is launching an updated exam form with new content and they need YOUR help! They are looking for professionals interested in earning their SACP Certification to complete the exam between August 14th and  September 30th. This will … Read More

New data from the Identity Theft Resource Center (ITRC) covering the first half of this year shows a significant rise in the number of successful cyber attacks focused on stealing corporate data.