Geek-Guy.com

Category: phishing

Auto Added by WPeMatico

Global Security News, phishing, Podcast, Scam, Smashing Security, Troy Hunt

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don’t lose your life savings in a whisky scam… All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don’t…

Read more →

Blog, Careers, Global Security News, phishing, phishing training, Security Awareness, Security Bloggers Network

Why So Many Employee Phishing Training Initiatives Fall Short

During the work-from-home boom of 2020, GitLab, a company that largely employs tech-savvy individuals, decided to test its security by sending fake phishing messages to its WFH workers. About one out of every five tested employees fell for it, and […] The post Why So Many Employee Phishing Training Initiatives Fall Short appeared first on…

Read more →

Apple, Canada, CISA, Concerns, cyber security, cyber threat, Cybersecurity, Data Privacy, Data Security, Digital Privacy, doge, economy, encryption, Encryption Backdoor, Endpoint, Episodes, Global Security News, Government, Impact, Incompetence, Information Security, infosec, Jokes, national security, phishing, Podcast, Podcasts, privacy, SBN News, Security, Security Bloggers Network, Technology, Trump, uk, Weekly Edition

Cybersecurity Impact of DOGE, Apple’s Stand Against Encryption Backdoors

In this episode, Kevin and Tom discuss current events including the latest developments with DOGE and the significant changes happening at the Cybersecurity and Infrastructure Security Agency (CISA). They also touch on Apple’s decision to refuse creating backdoors for encryption, setting a new precedent in digital security. Tune in for an insightful discussion on the…

Read more →

Apple, Canada, CISA, Concerns, cyber security, cyber threat, Cybersecurity, Data Privacy, Data Security, Digital Privacy, doge, economy, encryption, Encryption Backdoor, Endpoint, Episodes, Global Security News, Government, Impact, Incompetence, Information Security, infosec, Jokes, national security, phishing, Podcast, Podcasts, privacy, SBN News, Security, Security Bloggers Network, Technology, Trump, uk, Weekly Edition

Cybersecurity Impact of DOGE, Apple’s Stand Against Encryption Backdoors

In this episode, Kevin and Tom discuss current events including the latest developments with DOGE and the significant changes happening at the Cybersecurity and Infrastructure Security Agency (CISA). They also touch on Apple’s decision to refuse creating backdoors for encryption, setting a new precedent in digital security. Tune in for an insightful discussion on the…

Read more →

Cybercrime, Cybersecurity, Global Security News, Google Threat Intelligence Group, GRU, messaging apps, phishing, Research, Russia, Sandworm, signal, Threats, Uncategorized

Russia-aligned threat groups dupe Ukrainian targets via Signal

Russian state threat groups have compromised Signal accounts used by Ukrainian military and government personnel to eavesdrop on real-time communications, Google Threat Intelligence Group said in a report released Wednesday. “This is a persistent, ongoing campaign being carried out by multiple different Russia-aligned threat actors,” Dan Black, principal analyst at Google Threat Intelligence Group, said…

Read more →

Global Security News, Guest blog, Microsoft, Microsoft Teams, North America, phishing, WhatsApp

Got a Microsoft Teams invite? Storm-2372 gang exploit device codes in global phishing attacks

Security experts have warned that a cybercriminal group has been running a malicious and inventive phishing campaign since August 2024 to break into organizations across Europe, North America, Africa, and the Middle East. Read more in my article on the Tripwire State of Security blog.

Read more →

Cybersecurity, Exploits, Global Security News, Microsoft, phishing, Research, Russia, Threat Intelligence, Threats, Volexity

Threat researchers spot ‘device code’ phishing attacks targeting Microsoft accounts

Microsoft threat researchers discovered a series of what they are calling “device code” phishing attacks that allowed a suspected Russia-aligned threat group to gain access to and steal data from critical infrastructure organizations, the company said in research released Thursday. The group, which Microsoft tracks as Storm-2372, has targeted governments, IT services and organizations operating…

Read more →

business email compromise, CloudFlare, Cybersecurity, Global Security News, group-1b, Microsoft, Microsoft 365, Microsoft Office, microsoft outlook, phishing, phishing-as-a-service, Security, Sekoia, sneaky 2fa, sneaky log, Social Engineering, Telegram, trac labs, two factor authentication

‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security

The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.

Read more →

AI, AI executive order, Artificial Intelligence, Bennie Thompson, Biden, Biden administration, Bob Kolasky, Center for Cybersecurity Policy and Law, Center for Democracy & Technology, Center for Democracy and Technology, Chris Inglis, CISA, cloud computing, contracting, critical infrastructure, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Donald Trump, Emerging Tech, encryption, fraud, Global Security News, Government, House Homeland Security Committee, Joe Biden, Mark Green, National Cyber Director, National Risk Management Center, National Security Council, National Security Council (NSC), Office of the National Cyber Director, operational technology, phishing, quantum computing, supply chain, supply chain security, Trump, Trump Administration

Biden cyber executive order gets mostly plaudits, but its fate is uncertain

A sweeping executive order on cybersecurity released Thursday won largely positive reviews, with the main question being its timing — and what will come of it with the executive branch set to be handed over from president to president. Chris Inglis, the former national cyber director for Joe Biden who has served under both Democrats…

Read more →

Department of Justice (DOJ), FSB, Geopolitics, Global Security News, Government, Microsoft, phishing, Russia, Star Blizzard, Threats, WhatsApp

Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp

The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025.  Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change…

Read more →

Browsers, clickjacking, Cybersecurity, Exploits, Global Security News, phishing, Security Bloggers Network

Two Clicks to Chaos: How Double-clickjacking Hands Over Control of Apps without Users Knowing

In our last blog, we discussed how OAuth-based consent phishing attacks have been used to trick users into giving malicious apps the permission to conduct malicious activities via an employee’s account. This attack has been extremely effective due to the lack of awareness of how attackers can misuse OAuth permissions. Now, let’s say we are…

Read more →

Cybersecurity, Global IT News, Global Security News, identity, Identity & Access, infosec, phishing, SaaS, Security Bloggers Network

Consent Phishing: The New, Smarter Way to Phish

What is consent phishing? Most people are familiar with the two most common types of phishing — credential phishing and phishing payloads, where attackers trick users into revealing credentials and downloading malicious software respectively. However, there is a third type of phishing on the rise: consent phishing. Consent phishing deceives users into granting a third-party SaaS application…

Read more →

2024, 2025, cyber security, cyber threat, Cybersecurity, Data Privacy, Data Security, Digital Privacy, Episodes, Global Security News, Happy New Year, Information Security, infosec, New Year, phishing, Podcast, podcasting, Podcasts, Port 83, predictions, privacy, Security, Security Bloggers Network, Social Engineering, Technology, Weekly Edition, Year End Reflections

2024 Year in Review: What We Got Right and Looking to 2025

In the final episode of the Shared Security Podcast for 2024, join us as we recap our predictions for the year, discuss what we got right and wrong, and highlight our top episodes on YouTube. We also extend a heartfelt thank you to our Patreon supporters and special guests. Plus, stay tuned for our predictions…

Read more →

agentic ai, Blog, generative ai, Global Security News, phishing, Security Bloggers Network, SentinelOne, XDR

The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the Workforce

As artificial intelligence evolves, its impact on cybersecurity and the workforce is profound and far-reaching. Predictive AI once enabled security teams to anticipate threats, and generative AI brought creativity and automation to new levels. Now, we stand at the threshold […] The post The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the…

Read more →

WordPress Appliance - Powered by TurnKey Linux