Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Phishing was the initial access vector in 50% of attacks during the first quarter of 2025, according to a new report from Cisco Talos. “Threat actors used phishing to achieve initial access in 50 percent of engagements, a notable increase from less than 10 percent last quarter,” Talos writes.

Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool. ScreenConnect is a legitimate tool used for remote IT management, but it can be abused by hackers to take control of victims’ computers.

The UK's Department for Science, Innovation, and Technology last month released its Cyber Security Breaches Survey 2025, an annual piece of research designed to inform national policy and bolster the country's cyber resilience.

The mechanisms and dangers of email phishing are well known, as are the best practices for hardening organizations against it. Its spin-off, called vishing, is nothing new, but it’s both rapidly evolving, and unlike the more mainstream counterpart, too often overlooked by security professionals. According to the CrowdStrike 2025 Global Threat Report, these offbeat attacks saw a 442% increase in the second half of 2024 compared to the first half of the year.

Let’s face it: your inbox is a warzone. Email security is a constant battle between evolving threats and the defenses designed to stop them. Every day, attackers bombard user inboxes with increasingly sophisticated phishing attempts, malware, and social engineering attacks. So, how do we win the battle? It’s not as simple as slapping on a piece of software; it’s about implementing a multi-layered approach that balances AI-driven automation and human expertise.

The high profile MGM Resorts hack by ransomware group ALPHV/BlackCat has served as a wake up call to the hospitality industry, demonstrating that the industry is a lucrative target for cybercriminals. The hack was hugely impactful to MGM making for sensational headlines in mainstream media, however what struck security experts were the social engineering methods used by the threat actors and how effective they were in bypassing security controls and technologies.

The best secure email gateways mimic the tried and true “defense in depth” cybersecurity strategy by using a layered approach, including advanced features that make effective use of AI. The results are compelling, especially when two email security tools are used together, such as employing an additional secure email gateway to augment Microsoft Defender for Office 365 email security.

Email is still the most common attack vector for cyber threats, according to a new report from Barracuda. The researchers found that one in four emails during February 2025 was either malicious or spam. HTML attachments were the most common file type used in phishing emails. “One of the most striking findings from the report is that 23% of HTML attachments are malicious, making them the most weaponized type of text file,” Barracuda says.

Threat actors who rely on email phishing scams as their primary method of gaining initial entry use a wide variety of social engineering lures to trick their victims. Trustwave SpiderLabs recently released the report Manufacturing Sector Deep Dive: Methods of Targeting and Breaching, which specifically calls out many noteworthy campaigns and methodologies used by the top-tier threat groups.

Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using "device code phishing," many people have been wondering what it is. This post will tell you what device code phishing is and how to defend against it. Here are some other related reports involving the recently reported device code phishing attacks.