Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Google’s Mandiant have published a report on voice phishing (vishing) attacks, noting that these attacks have served as initial access points for recent waves of ransomware incidents. Threat actors often perform reconnaissance before launching social engineering attacks, collecting publicly available information in order to craft tailored, realistic scenarios.

Researchers at Google have published a report on the latest scam trends, noting an increase in travel-themed scams targeting people preparing for their summer vacations. “Ahead of the summer vacation season, our teams have observed a spike in travel scams,” the researchers write. “Fake travel websites lure users into booking travel with a promise of ‘too good to be true’ prices, experiences, or discounts.

What is AI really? Throughout this article, I will remove the hype and get to the most honest answer ever. Artificial Intelligence, or AI, or at least the first version of how we think of it today, was “invented” in the 1950s…a long time ago. Since then, various computer scientists and groups have worked on different iterations, often using different names, including machine learning and neural networks.

There are many things in our lives we must prepare for to be ready. For other things, we wing it, or we're not prepared to deal with it at the moment. For me, I've reached that point in my life where I needed to have a medical procedure done, and it was something I've put off for several years. It may not be very comfortable to admit, but last week, I had a colonoscopy. That's not exactly how you'd expect a cybersecurity blog to start, but hear me out on this one!

Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent. Remote work? Absolutely. A chance to tinker with cutting-edge tech? You bet. For dozens, this looked like the career lottery win. What they didn’t clock was that their new "employer" was the infamous cybercriminal syndicate, FIN7. This isn't just another tale of a clever job scam.

OpenAI has published a report looking at AI-enabled malicious activity, noting that threat actors are increasingly using AI tools to assist in social engineering attacks and influence operations. In one case, the company banned ChatGPT accounts that were likely being used in North Korean attempts to fraudulently obtain jobs at US companies. “Similar to the threat actors we disrupted and wrote about in February, the latest campaigns attempted to use AI at each step of the employment process.

We’re proud to share that KnowBe4 has once again been recognized as a leader in cybersecurity, receiving multiple 2025 TrustRadius Top Rated Awards across our product suite. These awards are especially meaningful because they’re based entirely on customer feedback—making them a direct reflection of how our customers view the value and impact of our platform.

A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat Intelligence Group. After gaining access, the attackers exfiltrate the victim’s data and hold it for ransom.

Researchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers. The emails are designed to deliver a legitimate remote access tool that will give the attacker a foothold on the victim’s machine.

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish). They quickly identified it as a social engineering attack and shared it on our internal communication channel for sharing such things. I have had more and more of these types of similar smishes occurring over the last few months. It is an attempt to trick someone into worrying that their Gemini, Gmail, Microsoft, Instagram…or whatever account…is in the middle of being compromised and you need to react NOW! NOW!