This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Whaling, highly targeted social engineering attacks aimed at senior executives, as well as executive impersonations, have seen an increase of 131% between Q1 2020 and Q1 2021, according to GreatHorn.
Throughout 2020, the COVID-19 pandemic created something of a new playground for hackers. In response, many institutions fortified cybersecurity systems and fast-tracked digital transformation initiatives. But what does the landscape for cybersecurity and the evolution of threats look like in 2021?
We don’t have a crystal ball, but here are five cybersecurity trends to watch out for in the new year.
Social engineering is a term that refers to efforts by hackers and cybercriminals to use people — rather than technology — to gain access to sensitive systems and information. It’s a problem that information security experts have been wrestling with for years and one that, in the midst of COVID-19, has become both more prevalent and more challenging.
One type of social engineering attack is the personalized-message, which often ends up in the hands of the CEO or another executive who would have access to sensitive files and information. Until recently, email was the dominant medium by a wide margin. However, recently, attackers have started to move to social media and text messages. What can you do about it?
Attacks within digital communications channels (like Slack, TEAMS, Twitter, Facebook, LinkedIn) have grown more targeted, more social engineering-focused, and the payloads have become "softer,” and the risks are not in files and links/IP's alone anymore. Instead, recent attacks are laser-targeted and evade traditional detection by focusing on human connections. To find out more about these “soft attacks,” we talk to Otavio Freire, CTO, President & Co-Founder SafeGuard Cyber.
Purdue University is offering new cybersecurity short courses in social engineering and digital forensics as part of a growing suite of offerings through the Purdue Polytechnic Institute’s Cyber Education Network Training Resources (CENTR).
Two men will appear in federal court to face charges that they were involved in the unauthorized takeover of social media and other personal online accounts belonging to professional and semi-professional athletes, U.S. Attorney Craig Carpenito announced.
Recently, two teens and a young adult infiltrated one of Silicon Valley’s biggest companies in a high-profile hack – and the biggest ever for Twitter. Authorities say the 17-year-old “mastermind” used social engineering tactics to convince a Twitter employee that he also worked in the IT department and gained access to Twitter’s Customer Service Portal. The 130-account takeover proved unique, as it was fundamentally a dramatic manipulation of trust and could have had far more world-changing consequences if the attackers had the aspirations of say, a dangerous fringe group versus that of a teenager. There are a few takeaways to learn here, especially when it comes to considering redefining what we classify as “critical infrastructure” and what must be protected at all costs.
Organizations need to enhance current technical security controls to mitigate against the threat of deepfakes to the business. Training and awareness will also need revamping with special attention paid to this highly believable threat.
As soft target telephone scams become more sophisticated, people are turning to protocols like biometric verification for enhanced protection. But implementation is key.
As digital security through online portals continually improves and people become more wary of phishing emails, hackers have turned to old fashioned telephone calls to elicit key pieces of personal information they can use for profit. It takes little technical skill—just the ability to sound convincing to vulnerable people over the phone.