Kahneman, ‘Where’s Waldo’ and the Nexus pass: A CISO’s mental model for the AI era
Security awareness training as a defense against phishing is dead. It has been dead for a while.
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
367 articles found
Security awareness training as a defense against phishing is dead. It has been dead for a while.
Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave atta...
Abdellah Belmili allegedly ran two black-market websites selling stolen financial credentials and custom-built phishing kits targeting major American banks, ...
Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can ...
ANY.RUN today launched in-browser data inspection for its Interactive Sandbox, a capability that brings real browser-level visibility directly into URL analy...
Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems.
Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique ...
Cybercriminals are increasingly abusing traffic distribution systems (TDSs) to evade defenses, conceal malicious destinations, and funnel victims into phishi...
A multi-organization phishing campaign attributed to the CodeStorm family is actively targeting Microsoft 365 tenants with a tenant-aware AiTM (adversary-in-...
A growing trend in which attackers weaponize Microsoft 365 collaboration features to deliver persistent phishing lures via Outlook calendar invites.
The phishing test email, sent during a period of intense work for healthcare professionals implementing the new CorCare software system, contained a button t...
An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system acce...
A suspicious file named “GST Debit Note Apr_26.com,” which triggered a deeper investigation and revealed a polished, multi-stage steganographic loader delive...
In the fast-paced digital world of 2026, cyberattacks are no longer a matter of if, but when. The increasing sophistication of threats like ransomware, phish...
In the complex digital landscape of 2026, technology alone is no longer enough to protect an organization from cyber threats. The human element, often cited ...
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetrati...
A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self‑propagating worm, and the compromised Nx Console Visual Studio Cod...
Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing pass...
I detected an interesting phishing email this morning.
The internet did not break this week. It got used exactly as designed, which is worse.