Monthly Archives: April 2025

Most organizations cite low security awareness among employees as the biggest barrier to defending against cyberattacks, according to a new survey by CyberEdge Group.

Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.

In today’s cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error remains a leading cause of data breaches and security incidents.

Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches Survey 2025.

America’s critical infrastructure faces an unprecedented threat, and it’s already installed in hundreds of locations across the nation.

Reliable energy is the backbone of any modern society. It powers our homes, industries, and economies. But what happens when this essential infrastructure becomes a target for cyberattacks? In Europe, the energy sector is facing an escalating threat landscape, with … Read More

Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooksusers, Malwarebytes reports.

On March 6, I had the opportunity to speak and provide testimony at the SEC Investor Advisory Committee’s panel on Retail Investor Fraud in America—a critical discussion about how AI is supercharging financial deception. March 6 also happened to be … Read More

Illumio’s recent Global Cost of Ransomware Study found that 64% of Australian companies hit by ransomware had to shut down operations as a result.

Disclaimer: Don’t get me wrong, I love using generative AI daily for research and writing. This is about how other users could be using it when they don’t know what they don’t know and are accidental in their actions to hurt … Read More

Cybercriminals are quick to exploit seasonal events — and tax season is no exception. It’s a yearly honeypot for cybercriminals, who take advantage of heightened stress, tight deadlines, and sensitive financial data.

The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.

With this week being Identity Management Day on April 8th, it’s the perfect reminder for organizations to focus on protecting their employees’ digital identities.

When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.

North Korea’s fraudulent employment operations have expanded to hit countries around the world, with a particular focus on Europe, according to researchers at Google’s Threat Intelligence Group.

Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge to the top comes as “a bit of a shock.”

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.

Check out the March updates in Compliance Plus so you can stay on top of featured compliance training content.