Monthly Archives: September 2023

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.

Check out the 66 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

A new update on UNC3944 group’s activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.

Dustin Volz from the WSJ dropped a huge scoop today. This is rocket fuel infosec budget ammo I would send to my C-suite in a New York minute. They said: “Fake authors, bot armies and lawsuits are among the tactics … Read More

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity.

Attackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

Cybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data.

Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM).

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.”  As any infosec professional working for a financial institution can tell … Read More

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft help files (.chm) to deliver the malware.

You’re no stranger to the complexities of safeguarding your organization’s digital assets. But have you considered the human element in your security equation? Behavioral economics, particularly the work of BJ Fogg and Daniel Kahneman, offers invaluable insights that can elevate … Read More

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.

Recent findings in a SpyCloud report shows companies are starting to recognize and shift their priorities to defend against ransomware attacks, but the use of infostealer malware still has a high success rate for cybercriminals.