Social Engineering stories

Consensus mechanisms are tough to get right. Without a good one, the whole concept of decentralisation falls apart quickly: your efficient, fair, real-time, functional, reliable, and secure public ledger simply doesn’t exist.

As people get better at identifying potential threats in their inbox, threat actors must evolve their methods. Their new M.O? Social engineering.

Fortinet has launched a new security awareness and training service to enhance workforce cyber awareness and mitigate threats.

Fraudsters are constantly finding new ways to exploit vulnerabilities and attack corporate payment systems. 

There was an increase in the number of attacks aimed at the trade industry and medical institutions, as well in the number of social engineering attacks on individuals.

There are pressures to stay trading, but it is imperative to ensure that actions taken now don’t encourage security disasters in the future.

The reality is that most individuals don’t have adequate protection or knowledge of how to get protection.

Research by Vanson Bourne revealed that 44% of respondents believed that their CEO was the weak link in their cybersecurity operation.

The total number of certificates using lookalike domains is more than 400% greater than the number of authentic retail domains.

Across all countries surveyed, prioritisation was identified as the biggest organisational cybersecurity challenge (20%).

In the past couple of weeks, there have been high-profile examples of deepfakes, where deep learning, an advanced subset of AI, is used to manipulate videos to create fake videos.

In a recent report by Dell EMC, it was discovered that data-loss incidents cost Singapore organisations an average of US$1.4 million over 12 months.

Proofpoint says commonly targeted accounts are not necessarily people who are known or actively tracked by the security team.

The findings illustrate cybercriminals deviating towards a more focused approach against targets by using better obfuscation techniques and improved social engineering skills.

The fund will seek out startups that are aligned with Okta's vision of enabling any organisation to use any technology.

As these threats continue to grow in volume and sophistication, it is imperative that organisations implement a people-centric security approach.

More organisations were affected by all types of social engineering attacks (phishing, spear phishing, sms phishing, voice phishing, and USB drops) year-over-year.

The Australian Taxation Office (ATO) recently warned of a sophisticated phone scam, manipulating Australians for a reported $830,000 in November.

Proofpoint researchers have looked ahead at the trends and events likely to shape the threat landscape in the year to come.

The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.

Phishing attacks or social-engineering attacks are on the rise, where cybercriminals trick people into divulging details and participating in scams.

Individual contributors and lower level management account for nearly two thirds (60%) of highly targeted attacks within an organisation.

Alongside the migration to the cloud has been the rise of application programming interfaces (APIs) and artificial intelligence (AI).

“Between August 2010 and August 2016, New Zealanders reported almost 28,500 online incidents involving $35million in direct financial losses."