Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

New Research Finds Phishing Scams Targeting Popular PDF Viewer

May 23, 2024 By Stu Sjouwerman In KnowBe4
Several phishing campaigns are targeting users of the Foxit PDF Reader, according to researchers at Check Point. Foxit is a popular alternative to Adobe Acrobat Reader for viewing PDF files. “Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader,” the researchers write. “This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands.
Read Post
kroll

Q1 2024 Cyber Threat Landscape Report: Insider Threat & Phishing Evolve Under AI Auspices

May 22, 2024 By Kroll In Kroll
In Q1 2024, we saw an evolution in techniques used by attackers, some of which may point to longer term trends in the variation and sophistication of attacks faced by organizations. In particular, with regards to phishing, we saw SMS and voice-based tactics being used, which raises concern around the potential for deep fakes and AI-type technologies to further enhance the effectiveness of phishing attacks.
Read Post
Trustwave

Email Security Must Remain a Priority in the Wake of the LabHost Takedown and BEC Operator's Conviction

May 22, 2024 By Trustwave In Trustwave
Two positive steps were taken last month to limit the damage caused by phishing and Business Email Compromise (BEC) attacks when a joint action by UK and EU law enforcement agencies compromised the infrastructure of the phishing-as-a-service operation LabHost and a major BEC operator was convicted in US Federal Court. While law enforcement operations are integral to defeating cybercrime, disrupting one or two adversary groups does not minimize the threat.
Read Post
knowbe4

Newly Updated Grandoreiro Banking Trojan Distributed Via Phishing Campaigns

May 21, 2024 By Stu Sjouwerman In KnowBe4
Researchers at IBM X-Force are tracking several large phishing campaigns spreading an updated version of the Grandoreiro banking trojan. The criminal malware operation was disrupted by law enforcement in January 2024 but resurfaced in March with an expanded set of targets. The new version of the malware is targeting more than 1,500 banks in over sixty countries.
Read Post
knowbe4

Cyber Insurance Claims Rise Due To Phishing and Social Engineering Cyber Attacks

May 21, 2024 By Stu Sjouwerman In KnowBe4
New data covering cyber insurance claims through 2023 shows claims have increased while reaffirming what we already know: phishing and social engineering are the real problem. If you’ve read enough of my articles here, you already know my view is a bit skewed towards the need for organizations to be aware of the true dangers of email-based cyber attacks.
Read Post
memcyco

How Can AI Be Used to Combat Phishing Attacks

May 21, 2024 By Ran Arad In Memcyco
Phishing is not going away—it’s morphing and evolving. As an example, in late 2022 the overnight commodification of artificial intelligence (AI) changed the phishing threat landscape forever, lowering the barrier to entry for novice fraudsters who had previously had the motives, but lacked the means to launch sophisticated scams. ChatGPT and fraud-specific Generative AI tools (like the aptly named FraudGPT and WormGPT) granted malefactors the ability to supercharge and scale their operations.
Read Post
levelblue

Dissecting a Multi-stage Phishing Attack.

May 20, 2024 By Shigraf Aijaz In LevelBlue
Phishing is one of the most common forms of cyber attack that organizations face nowadays. A 2024 risk report states that 94% of organizations fall victim to phishing attacks, and 96% are negatively impacted by them. However, phishing attacks are not only growing in number but are also more sophisticated and successful. This is owing to the modern multi-stage phishing attack, which is common nowadays.
Read Post

Balancing Trust and Control: Effective Phishing Protection Strategies

May 17, 2024 By Razorthorn In Razorthorn
Discover why balancing trust and control is essential in cybersecurity. Our hosts discuss the complexities of protecting against phishing attacks, especially with advanced tools like ChatGPT that make scams harder to detect. Learn how combining trust with effective controls can help detect anomalies and safeguard your organisation against targeted attacks.
View Video
spambrella

What Is Email Spoofing and How to Prevent it?

May 17, 2024 By Spambrella In Spambrella
Manipulating email headers to mimic the sender’s address and make people think they’re communicating with someone they know. This is a brief definition of email spoofing, an infamous fraudulent technique that can cause harm to recipients and those whose electronic addresses have been compromised. Spoofing may happen to individuals and companies alike.
Read Post

User Training vs. Security Controls: Who's to Blame for Phishing Attacks?

May 16, 2024 By Razorthorn In Razorthorn
In this thought-provoking clip, the hosts debate whether security awareness training is enough to prevent users from falling for phishing scams or if stronger controls are necessary. Drawing on insights from a recent NCSC blog, they explore the ethical dilemma of assigning blame when users, despite training, click on malicious email attachments. Should the onus be on the end user, or is it a failure of security controls? Tune in to understand the complexities of balancing trust and control in cybersecurity.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.