Monthly Archives: April 2025

The number of infostealers delivered via phishing emails increased by 84% last year, according to a new report from IBM’s X-Force researchers. Threat actors are using these malware strains to steal credentials for use in follow-on attacks.

A friend of mine got a call on his phone and he regrettably picked it up. The number was 267-332-3644. The area code is from Bucks County, PA, where he used to live many years ago.

Researchers at INKY warn that criminals are impersonating the US Department of Homeland Security to launch phishing scams.

Do your users love The Inside Man? See more of beloved character AJ, now in SecurityCoach!

Scammers are exploiting the death of Pope Francis to launch social engineering attacks, according to researchers at Check Point.

Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using “device code phishing,” many people have been wondering what it is. This post will tell you what device code phishing is and how to defend … Read More

A social engineering campaign is abusing Zoom’s remote control feature to take control of victims’ computers and install malware, according to researchers at security firm Trail of Bits.

We’re thrilled to announce the launch of KnowBe4 Academy—a comprehensive learning ecosystem designed specifically for security administrators, IT professionals and team members who manage KnowBe4’s security products and platform.

Recently, I received an email at work from a company with whom I’ve had previous interactions. The email lacked context and contained an attachment, immediately raising suspicion.

A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing.

According to our independent survey of individuals across the UK, USA, Netherlands, France, Denmark, Sweden, the DACH region, and Africa who use a laptop as part of their work, 90.1% find simulated phishing tests relevant. What’s more, 90.7% agreed that … Read More

A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small businesses.

Cybercriminals are increasingly using AI tools to assist in malicious activities, according to Microsoft’s latest Cyber Signals report.

Have you ever walked down a street with broken windows, burnt out cars, graffiti and felt a bit uneasy? There’s a reason for that, and it’s not just about aesthetics.

Resecurity warns that a China-based cybercriminal gang dubbed the “Smishing Triad” is launching a wave of road toll-themed SMS phishing (smishing) attacks against users across the US and the UK.

The energy sector stands as a critical pillar of our society. From the electricity powering our homes to the fuel driving our industries, reliable energy is essential. However, the very interconnectedness that makes the energy sector so vital also exposes … Read More

Right now, today, thousands of people are being tricked into going to their banks or credit unions to withdraw large sums of cash and will give or send it to a complete stranger, never to see it again. Many of … Read More

First QuickBooks, then Microsoft, and now Google—will the hijacking of legitimate third-party platform communications stop escalating in 2025? Our Threat Labs researchers predict the answer is no.