Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Phishing Kit Targets the FCC and Crypto Exchanges

Mar 5, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Lookout have discovered a sophisticated phishing kit that’s targeting employees at the US Federal Communications Commission (FCC), as well as employees of cryptocurrency exchanges Binance and Coinbase. The kit also targets users of cryptocurrency platforms, including Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown and Trezor.
Read Post
knowbe4

Phishers Abusing Legitimate but Neglected Domains To Pass DMARC Checks

Mar 5, 2024 By Roger Grimes In KnowBe4
A recent great article by BleepingComputer about domain hijacking and DMARC abuse reminded me that many companies and people do not understand DMARC well enough to understand what it does and how it helps to prevent phishing. And look-alike and neglected domains challenge its protective value to unknowledgeable email recipients. This article is about how to understand and proactively use DMARC. DMARC.
Read Post
manageengine

Why you should be concerned about the largest phishing attack on Azure so far, and what you can do about it

Mar 4, 2024 By M365 Manager Plus In ManageEngine
Azure customers are facing the biggest threat to their privileged accounts. A cybersecurity firm has identified the spread of a new phishing campaign aimed at privileged users like sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign’s first set of attacks started around November 2023 and is still a looming threat. The good thing is that you can safeguard against and mitigate this attack.
Read Post
securitysenses

Email Deliverability: Finding and Fixing Issues with GlockApps

Mar 1, 2024 By SecuritySenses In SecuritySenses
Are your email campaigns not producing the expected results? Do you have disappointingly low open rates, or worse, are your emails getting lost in the spam folder? If so, you're not alone because almost every marketer faces email deliverability issues. But there is good news, and it is that they're not impossible to overcome. In this article, we'll cover the ins and outs of finding and fixing email deliverability issues so that your messages are received by your audience and read on time.
Read Post
knowbe4

Email-Based Cyber Attacks Increase 222% as Phishing Dominates as the Top Vector

Mar 1, 2024 By Stu Sjouwerman In KnowBe4
Analysis of the second half of 2023 shows attackers are getting more aggressive with email-based phishing attacks in both frequency and execution. Until there’s a catch-all way to stop malicious emails from being an effective means of initial attack, phishing will continue to grow as the primary initial attack vector for cybercriminals.
Read Post
knowbe4

Cybercriminals Sent 1.76 Billion Social Media Phishing Emails in 2023

Mar 1, 2024 By Stu Sjouwerman In KnowBe4
As social media phishing reaches new heights, new data reviewing 2023 shows a massive effort by cybercriminals to leverage impersonation of social media brands. Cybercriminals are no longer just targeting your corporate network. Due to the rise of the cybercrime economy, there are a growing number of cybercriminal gangs strictly going after initial access (that can be sold to other cybercriminals).
Read Post
Trustwave

Phishing: The Grade A Threat to the Education Sector

Feb 29, 2024 By Trustwave In Trustwave
Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies. Why phishing? Simplicity is the primary reason.
Read Post
knowbe4

Credential Theft Is Mostly Due To Phishing

Feb 28, 2024 By Roger Grimes In KnowBe4
According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid credentials exceeded phishing as a top threat for the first time. I love IBM, but they are mixing up root causes and outcomes of root causes. What I mean is that you have to ask yourself how the credentials were stolen in the first place. Were they stolen from the user or a website? Were they guessed at?
Read Post
knowbe4

When Threat Actors Don't Have a Viable Email Platform to Phish From, They Just Steal Yours

Feb 28, 2024 By Stu Sjouwerman In KnowBe4
New analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services. Every day there seems to be a new term for yet another creative attack technique. The latest is phishception (a play on words from the movie Inception) coined by security analysts at cybersecurity company Netcraft.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.