FCPA Compliance Report-Episode 408, Brad Davis on Social Engineering for Data Protection
A threat actor group with ties to the Democratic People’s Republic of Korea (“North Korea”) called Contagious Interview is using front companies to spread malware through fake job interviews. This group has a history of...more
A recent court case has unveiled a new level of sophistication in attacks targeting high-net-worth cryptocurrency holders. In a meticulously orchestrated scheme, hackers managed to steal more than $40 million in bitcoin from...more
Most professionals are aware of the April 15 tax deadline. We know that fraudsters certainly are! As Tax Day approaches in the U.S., we encourage all to be mindful of several phishing campaigns that Microsoft has observed...more
At this point, your IT department has almost certainly warned you to approach your e-mail inbox with skepticism--for good reason. Cybercriminals regularly and effectively impersonate our legitimate contacts for illegitimate...more
HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week....more
CrowdStrike recently published its 2025 Global Threat Report, which among other conclusions, emphasized that social engineering tactics aimed to steal credentials grew an astounding 442% in the second half of 2024....more
AI-enabled technology enhances threat actors’ ability to engage in advanced and difficult-to-detect forms of social engineering to deceive employees and circumvent companies’ security controls. Companies may consider new...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an industry letter entitled “Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks” in response to...more
On October 16, the New York State Department of Financial Services (NY DFS) issued an industry letter to entities regulated by NY DFS (covered entities) providing guidance addressing the cybersecurity risks associated with...more
As the manufacturing sector continues to embrace the hyper-connected era of Smart Manufacturing, known as Industry 4.0, more and more organizations are integrating advanced automation, artificial intelligence (AI), the...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
The Department of Health and Human Services recently issued a health sector alert through the Health Sector Cybersecurity Coordination Center (HC3)....more
Retool, a software development firm offering modular code for customizable enterprise software, recently notified 27 customers that a threat actor had accessed their accounts. The attacker was able to navigate through...more
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
Dark Reading reports that thousands of college and university students are being targeted by cyber-attackers who are using a legitimate domain to impersonate Instagram and steal credentials of the users. The attack is able to...more
CYBERSECURITY - Twilio Hit with Social Engineering Smishing Scheme - We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
The Twilio and Cloudfare smishing attacks [view related post] provide a timely reminder of how sophisticated smishing attacks are and how they can affect businesses and their customers. But threat actors don’t just attack...more
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user into visiting a malicious website to steal their credentials or money....more
Buzzy brokerage app Robinhood Markets is the latest victim of a cyberhack, disclosing earlier this week that the personal information of some 7 million users was exposed. According to Bloomberg, the “intruder made off with...more
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy...more
If you have been following Verizon’s annual data breach investigation reports like I have over the years, you get excited when the new one comes out. If you have never read the report, now’s your chance, as the 2021 report...more
The Fifth Circuit has affirmed a district court ruling that a crime policy’s Computer Transfer Fraud coverage did not apply to losses incurred in connection with an email phishing scam. See Mississippi Silicon Holdings LLC v....more
Attorneys are well aware of the ways in which corporate clients are increasingly conducting their business and affairs electronically. A business may routinely place orders with trusted vendors via e-mail, rely on the...more