social engineering

How Attackers Abuse Trusted Cloud Apps—and Why URL Analysis Matters

How Attackers Abuse Trusted Cloud Apps—and Why URL Analysis Matters

| | bec, Browser Phishing Protection, Browser protection, business email compromise, credential theft, Email Protection, Link Phishing, Phishing, Phishing Attacks, Product, social engineering
It’s no secret that cybercriminals love to exploit our trust in well-known brands. From big-name retailers to popular online services, attackers will latch onto anything that seems safe. In this post, we ...
SlashNext
Immutable Cybersecurity Law #12

Immutable Cybersecurity Law #12

| | Cybersecurity, social engineering
 “Never underestimate the simplicity of the attackers, nor the gullibility of the victims.”Cyberattacks don’t always rely on sophisticated exploits or advanced malware. In reality, many of the most successful breaches stem from ...
Information Security Strategy
From Phishing to Vishing – Modern Social Engineering Attacks

From Phishing to Vishing – Modern Social Engineering Attacks

| | bec, business email compromise, credential theft, Email Protection, Phishing, Phishing Attacks, smishing, social engineering, vishing, vishing attacks
Phishing attacks have moved beyond simply sending emails with malicious links to incorporate more modern social engineering techniques, including the alarming trend of mixing in smishing (SMS phishing) and vishing (voice phishing) ...
SlashNext
Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension

Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension

| | browser extension, Browsers, Cybersecurity, social engineering, technology
Imagine that your AI transcriber tool shapeshifts into your password manager, then your crypto wallet and finally into your banking app — all without your knowledge. This is exactly what polymorphic extensions can do ...
SquareX Labs - Medium
Cybersecurity Insights with John Hammond: YouTube Legend & Security Researcher

Cybersecurity Insights with John Hammond: YouTube Legend and Security Researcher

| | AI in Cybercrime, Capture the Flag, Cyber Security, cyber threat, Cybercrime Trends, Cybersecurity, cybersecurity education, Data Privacy, Digital Privacy, Episodes, Information Security, Infosec, John Hammond, Just Hacking Training, Malware Analysis, online training, Podcast, Podcasts, Privacy, security, Security Researcher, Shared Security Podcast, Snyk Event, social engineering, technology, Web security, Weekly Edition, YouTube
In this episode, we welcome cybersecurity researcher and YouTube legend John Hammond. John shares insights from his career at Huntress and his popular YouTube channel, where he creates educational content on cybersecurity ...
Shared Security Podcast
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

| | 2fa, 2FA bypass, Astaroth, bec, credential theft, cybercrime, Cybersecurity, Email Protection, MFA, Microsoft 365, Phishing, phishing attack, Phishing Attacks, phishing kit, phishing kits, reverse proxy, Session hijacking, social engineering, Threat Discovery, two factor authentication
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that ...
SlashNext
digital twins, processes, deep fake, identity governance security Spera deepfake identity management

Could you Spot a Digital Twin at Work? Get Ready for Hyper-Personalized Attacks

| | Cybersecurity, deepfakes, malicious digital twins, social engineering
The world is worried about deepfakes. Research conducted in the U.S. and Australia finds that nearly three-quarters of respondents feel negatively about them, associating the AI-generated phenomenon with fraud and misinformation. But ...
Security Boulevard
Devil-Traff: A New Bulk SMS Platform Driving Phishing Campaigns

Devil-Traff: A New Bulk SMS Platform Driving Phishing Campaigns

| | Mobile, Mobile Phishing, Mobile Phishing Protection, Phishing, Phishing Attacks, smishing, social engineering
Employees in most organizations receive countless communications daily—emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions are phishing scams designed to exploit trust and compromise security. Imagine an ...
SlashNext
tenable, vulcan, AI, attacks, Torq, agentic ai, attacks, AI emerging technology secure by design cybersecurity

Using AI To Help Keep Your Financial Data Safe 

| | AI, cyberattacks, Financial data security, social engineering, Unauthorized Access
AI poses great opportunities for people and companies to implement robust systems to minimize the success and long-term effects of attacks.  ...
Security Boulevard
Is That Really ProtonMail? New Credential Harvesting Threats Targeting Cloud Apps

Is That Really ProtonMail? New Credential Harvesting Threats Targeting Cloud Apps

| | credential harvesting, Email Protection, generative AI, impersonation, Link Phishing, Phishing, Phishing Attacks, phishing defense, phishing pages, phishing threats, social engineering, Threat Intelligence
Imagine sipping your morning coffee, scrolling through your inbox, when a seemingly innocent ProtonMail message catches your eye. But this isn’t your typical email—it’s a credential-harvesting attempt targeting specific cloud services. Today, ...
SlashNext
Load more