social engineering

Proofpoint unveils unified platforms to combat data & cyber risks

Posted on by Admin
Proofpoint unveils unified platforms to combat data & cyber risks

Proofpoint has introduced two new cybersecurity solutions aimed at unifying threat protection and data security across multiple digital channels and organisational environments. The first of these offerings, Proofpoint Prime Threat Protection, is described by the company as a unified, human-centric threat protection platform delivering multichannel, multistage defence across email, cloud applications, and collaboration tools. The second solution, a Unified Data Security Solution, brings together data loss protection, data security posture management, and insider threat management…

Read More

CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks

Posted on by Admin
CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks

Phishing was no longer as common in 2024 as before, according to CrowdStrike’s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We’re well within the era of what cybersecurity technology CrowdStrike called “the enterprising adversary,” with malware-as-a-service and criminal ecosystems replacing the old-fashioned image of the lone threat actor. Attackers are also using legitimate remote management…

Read More

Sneaky Log Phishing Scheme Targets Two-Factor Security

Posted on by Admin
Sneaky Log Phishing Scheme Targets Two-Factor Security

Security researchers at French firm Sekoia detected a new phishing-as-a-service kit targeting Microsoft 365 accounts in December 2024, the company announced on Jan. 16. The kit, called Sneaky 2FA, was distributed through Telegram by the threat actor service Sneaky Log. It is associated with about 100 domains and has been active since at least October 2024. Sneaky 2FA is an adversary-in-the-middle attack, meaning it intercepts information sent between two devices: in this case, a device…

Read More

Multi-Site Mastery: Strategies for Effective Risk Assessments

Posted on by Admin
Multi-Site Mastery: Strategies for Effective Risk Assessments

In this episode of The Security Podcasts we sit down with Mark Landry, National Accounts Director at AMAROK, to discuss navigating multi-site risk assessment effectively. “In order to approach your risk assessment, especially when you’ve got vast or disparate geographies – meaning you’ve got a location in Portland, Maine and location in Portland, Oregon – you have to be able to accurately convey the risk across both of those locations that have very different risk…

Read More

Proving physical security value across an organization

Posted on by Admin
Proving physical security value across an organization

In this episode of The Security Podcasts we sit down with Thomasina Martin, a Key Account Manager specializing in Energy and Utilities at Genetec, Inc., to talk about proving the value of physical security across an organization. “One of the primary challenges I think a lot of us see, I think it’s universal in the security industry when trying to secure a budget, is that physical security often competes with other critical business units or…

Read More

Balancing Risk and Innovation – A CISO Perspective

Posted on by Admin
Balancing Risk and Innovation – A CISO Perspective

In this episode of The Security Podcasts featuring Jill Knesek, CISO of Blackline, and former FBI Special Agent in the Cyber Crime Squad, we talk about balancing risk & innovation from a CISO’s perspective. “The message I like to give is we can be both innovative and secure.,” Knesek says. “They’re not mutually exclusive, and they shouldn’t be. By shifting left and embedding strong security practices and controls earlier into our development lifecycle, we can…

Read More

Researchers discovered a new phishing kit on the dark web

Posted on by Admin
Researchers discovered a new phishing kit on the dark web

Researchers at SlashNext discovered a new phishing kit on the dark web. This phishing kit, known as FishXProxy Phishing Kit, starts with uniquely generated links that can evade initial suspicion. Cybercriminals on underground forums are advertising this kit as “The Ultimate Powerful Phishing Toolkit” due to the sophisticated tools it provides. Capabilities this phishing kit provides includes: Sophisticated antibot systems that utilize Cloudfare’s CAPTCHA and filter out security measures Redirection abilities that obscure intended destinations Page…

Read More

Cybersecurity at the Paris Summer Olympics

Posted on by Admin
Cybersecurity at the Paris Summer Olympics

In this episode of The Security Podcasts featuring Mark Manglicmot, SVP of Security Services at Arctic Wolf, we discuss how individuals and businesses can defend against cyber threats during the Olympics.  “For this year’s Olympics specifically, the risks of AI being manipulated by bad actors is increasingly high and a new threat for this Olympics compared to the past with the emergence of the technology. This is why individuals, athletes, administrators, coaches and anybody else attending…

Read More

Cisco Talos: Top Ransomware TTPs Exposed

Posted on by Admin
Cisco Talos: Top Ransomware TTPs Exposed

Cisco Talos analyzed the top 14 ransomware groups between 2023 and 2024 to expose their attack chain and highlight interesting Tactics,Techniques and Protocols. The security company also exposed the most leveraged vulnerabilities being triggered by ransomware actors. Ransomware attack chain: What Cisco Talos researchers learned Ransomware actors nearly all use the same attack chain. Typical ransomware attack chain. Image: Cisco Talos Step one for ransomware actors The first step for the threat actor consists of…

Read More

Does GPT-4 risk accelerating cybercrime?

Posted on by Admin
Does GPT-4 risk accelerating cybercrime?

Artificial intelligence is continuing to evolve and advance at a rapid rate. Its heightened integration into business models has grown, with large language models (LLMs) like GPT-4 (the one that is arguably dominating most of the recent discourse) continuing to illustrate possibilities and risks. While the technological breakthrough of GPT-4 holds immense potential for streamlining tasks and augmenting human teams, it also raises several security concerns and risks accelerating cybercrime. A recent report suggested that…

Read More
1 2 3 6