The number of ransomware attacks around the world increased by 73% in 2023, according to a new report by the Institute for Security and Technology’s Ransomware Task Force (RTF). These attacks opportunistically target organizations across all industries, but the hardest-hit sectors over the past two years have been construction, hospitals and health care, government, IT services and consulting, and financial services.

Once upon a time, security awareness training resembled a never-ending game of Tetris. Threats cascaded down, demanding swift action and strategy, only to speed up until we inevitably faltered. Today, we've entered a new realm of engagement, creativity, and community in human risk management.

Netcraft warns that scammers are posting QR code stickers on parking meters in the UK and other European countries. In the UK, the QR codes lead to phishing sites that impersonate the parking payment app PayByPhone. The phishing sites are designed to steal personal information and payment data.

Artificial intelligence (AI) is revolutionizing most, if not all, industries worldwide. AI systems use complex algorithms and large datasets to analyze information, make predictions and adjust to new scenarios through machine learning – enabling them to improve over time without being explicitly programmed for every task.

A phishing campaign is targeting GitHub users with phony CAPTCHA pages, according to researchers at McAfee. The phishing emails ask users to address a security vulnerability in a GitHub repository that they recently contributed to, and contain a link to find more information about the alleged vulnerability. This link leads to a fake CAPTCHA page that attempts to trick them into installing malware.

Analysis of typosquatting and brand impersonation activity across 500 of the most visited domains provides insight in to how these techniques come together to effectively deceive. From February 2024 to July 2024, Zscaler’s ThreatLabz tracked more than 30,000 lookalike domains that impersonated some of the world’s most well-known brands.

Since the beginning of computers, social engineering has been the number one way that computers and networks have been compromised. Social engineering is involved in 70% to 90% of all successful data breaches. Nothing else is even close (unpatched software and firmware are involved in 33% of successful attacks, everything else is 1% or less).

New analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat. According to IBM, financial services is the second most expensive sector with an average cost of a data breach at $6.1 million.

Researchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and document-sharing services widely used by educational institutions and businesses. “The analysts found that attackers are sending out emails from these platforms, featuring legitimate-looking posts, designs, and documents, but with embedded phishing links,” the researchers write.

New analysis of blockchain activity shows scammers are needing less time to obtain crypto payments and are seeing higher payoffs per scam. I continue to repeatedly cover breakdowns of cybercrime activity from the folks at Chainalysis because it represents an unbiased view that some security vendors may inherently have (because their data is based on what their solutions do and don’t discover).

Analyst reports aim to provide market insights. But when it comes to Human Risk Management (HRM), we’ve noticed that they often fall short of capturing the full picture. You already know that we are the undisputed leader in the essential areas that have been standard features in the security awareness market for years. Those capabilities are why we’ve become the largest vendor in the space. But for years now we have exceeded just those standard features.

Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically addressing this risk. Manufacturing has been a target of ransomware for quite some time — I’ve even covered a recent attack focused on credential harvesting.

Researchers at ReversingLabs warn that North Korea’s Lazarus Group is targeting software developers with phony job interviews. The threat actors are posing as employees of major financial services firms and send coding assessment tests as part of the interview process. Our team recently recorded a webinar that covers this exact topic, as our cybersecurity experts discuss how we spotted the red flags and stopped it before any damage was done.

Statista projects that the total cost of cybercrime will increase from $6.4 trillion between 2024 and 2029, reaching a staggering $15.63 trillion by the end of this period. They reported: "The global indicator 'Estimated Cost of Cybercrime' in the cybersecurity market was forecast to continuously increase between 2024 and 2029 by in total 6.4 trillion U.S. dollars (+69.41 percent). "After the eleventh consecutive increasing year, the indicator is estimated to reach 15.63 trillion U.S.

Research from The Financial Ombudsman Service, a U.K. based organization dedicated to helping citizens with free financial advice, has found an increase in Authorized Pushed Payment (APP) scams. These attacks are rising both in number and sophistication. The Financial Ombudsman Service is a U.K. organization dedicated to helping residents with all things financial-as-a-free service. As part of this service, they take in a large number of complaints around financial fraud.

Business email compromise (BEC) attacks have caused more than $55 billion in losses between 2013 and 2023, according to an advisory from the U.S. Federal Bureau of Investigation (FBI). “The BEC scam continues to target small local businesses to larger corporations, and personal transactions while evolving in their techniques to access those business or personal accounts,” the FBI says.

The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data. You know you’re a problem when the U.S. government puts out a notice about you. That’s the case for RansomHub — the latest iteration of a ransomware as a service group formerly working under the names Cyclops and Knight.

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction. “Unit 42 researchers observed many large-scale phishing campaigns in 2024 that used a refresh entry in the HTTP response header,” the researchers write. “From May-July we detected around 2,000 malicious URLs daily that were associated with campaigns of this type.

The Better Business Bureau (BBB) has observed a six-fold increase in losses from investment scams over the past three years. The BBB has received more than 4,000 reports of investment scams since 2020, with the median reported loss rising from $1,000 in 2021 to almost $6,000 in 2024.

South Africa’s cybersecurity workforce shortage mirrors global trends, but also faces local factors like underinvestment in basic education, underserved communities, digital literacy gaps and challenges with data access.

Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an organization’s networks. “Phishing is one of the most common attacks in the legal field,” the researchers write. “Cybercriminals pose as legitimate entities, tricking employees into divulging sensitive information or clicking malicious links.

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address. Given that a malicious email is the very first step (or close to it) in an attack, it’s critically important that the attack maintain its’ stealth; detecting an attack at this point means an early (and well-deserved) death to the attack itself – something threat actors don’t want to see.

Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products. It would be pretty simple to create a phishing attack that sends its’ victims a brand-impersonated email with a link that takes you to an impersonated webpage that asks for credentials, personal details or credit card information. But many of today’s security products will detect the impersonation immediately.

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly. “The enduring dominance of phishing as an initial access technique underscores its effectiveness and persistence in the face of cybersecurity advancements and more sophisticated methodologies,” the researchers write.

The availability of deepfake technology has given threat actors a valuable tool for social engineering attacks, according to researchers at BlackBerry. “Typically, online scams prey on the presumed weaknesses and susceptibility of the targeted individual,” the researchers write.

Researchers at Palo Alto Networks’ Unit 42 are tracking dozens of scam campaigns that are using deepfake videos to impersonate CEOs, news anchors, and high-profile government officials. Unit 42 believes a single threat actor is behind the scheme. The researchers discovered hundreds of domains used to spread these campaigns, each of which has been visited an average of 114,000 times. The goal of the operation is to spread investment scams and fake government-sponsored giveaways.