Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Security Blind Spots Most Operators Miss - According to Igor Finkelshtein

The Security Blind Spots Most Operators Miss - According to Igor Finkelshtein

Dec 11, 2025 By SecuritySenses In SecuritySenses
In the cybersecurity world, it's easy to focus on the latest breach or high-profile vulnerability. But according to multi-industry operator Igor Finkelshtein, most security incidents don't begin with sophisticated attacks - they begin with overlooked operational weaknesses. From transportation to real estate to SaaS platforms, Finkelshtein's experience shows that cybersecurity is ultimately an operational discipline. The vulnerabilities that quietly accumulate inside a business often pose a greater risk than anything happening outside it.
Read Post
knowbe4

Report: Phishing Has Surged 400% Year-Over-Year

Dec 10, 2025 By KnowBe4 Team In KnowBe4
Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts. “The company tracked a 400% year-over-year increase in successfully phished identities, with nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data,” the researchers write.
Read Post
knowbe4

Warning: Phishing Campaign Leveraging Evilginx Targets U.S. Universities

Dec 9, 2025 By KnowBe4 Team In KnowBe4
Threat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at least 18 universities and educational entities since April 2025, using phishing pages that spoofed student single sign-on (SSO) portals. “In the campaigns we analyzed, students were targeted via personalized emails that contained TinyURL links,” Infoblox says.
Read Post
knowbe4

The Ghost in the Machine: How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials

Dec 4, 2025 By KnowBe4 Threat Lab In KnowBe4
Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs), and multi-factor authentication (MFA) tools.
Read Post
knowbe4

Phishing Campaign Uses Fake Party Invites to Deliver Remote Access Tools

Nov 28, 2025 By KnowBe4 Team In KnowBe4
A large phishing campaign is using phony seasonal party invites to trick users into installing remote management and monitoring (RMM) tools, according to researchers at Symantec. “A highly active threat actor that specializes in using the ScreenConnect remote management and monitoring (RMM) software in its attacks has changed tactics and is now infecting its victims with multiple RMM tools, including LogMeIn Resolve and Naverisk,” Symantec says.
Read Post

Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue

Nov 27, 2025 By LevelBlue In LevelBlue
As email-based cyberattacks surge, security teams are struggling to stay ahead of increasingly sophisticated phishing, Business Email Compromise (BEC), and AI-driven social engineering. With attackers exploiting platforms like Microsoft 365, Google Workspace, OneDrive, and SharePoint, organizations face growing pressure to strengthen protection, visibility, and compliance.
View Video
safeaeon

How Can AI Be Used in Phishing Attacks?

Nov 26, 2025 By SafeAeon Inc. In SafeAeon
Phishing is the most common type of cyberattack, occurring when an attacker impersonates a trustworthy entity with the intention of carrying out fraudulent activity. Phishing is done with the motive of stealing sensitive information such as passwords, credit card numbers, and other personal data. Phishing was already quite threatening, but with the inception of Artificial Intelligence (AI), it became even more dangerous.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.