Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Zimperium warns of a surge in phishing attacks specifically tailored for mobile devices. These attacks are designed to evade desktop security measures in order to breach organizations through employees’ smartphones. Mobile phishing includes SMS phishing (smishing), QR code phishing (quishing), voice phishing (vishing), and mobile-targeted email phishing.

ESET warns of a wave of phishing attacks informing employees that they’ve been fired or let go. The emails are designed to make the user panic and act quickly to see if they’ve actually lost their job. If a user falls for the attack, they’ll be tricked into downloading malware or handing over their login credentials.

KnowBe4 has been recognized in G2’s 2025 Best Software Awards, earning the top spot as the Security Product and ranking Overall Software Product. This prestigious recognition from G2, the world’s largest and most trusted software marketplace, is a testament to the impact our Security Awareness Training (SAT) product has on organizations worldwide.

Researchers at ReliaQuest have published a report on a phishing breach in the manufacturing sector that went from initial access to lateral movement in just 48 minutes. The attackers began by swamping users with spam emails, then posed as tech support and offered assistance in stopping the flood of spam. “To gain entry into the organization’s network, the threat actor used social engineering and end-user manipulation,” the researchers write.

It's no surprise that 18–29-year-olds are turning to social media for cybersecurity information. As digital natives, this age group naturally gravitates toward platforms where information is fast, accessible, and constantly updated. But how effectively are they absorbing these short snippets—and are they likely to share it forward? More importantly, what happens if that cybersecurity information is inaccurate?

Phishing and malicious emails remained the primary vectors of infection during the second half of 2024, according to a new report from Acronis. “The number of email-based attacks detected in the second half of 2024 increased 197% compared to the second half of 2023, while the number of attacks per organization within the same time frame increased by 21%,” the report says.

Researchers at Cyble warn that a phishing kit is abusing the Open Graph (OG) protocol to target social media users. The Open Graph protocol, originally developed by Facebook in 2010, allows users to control the content preview that’s displayed when a link is posted on social media. The phishing kit, dubbed “OG Spoof,” abuses this feature to post malicious links that appear legitimate.

Spear phishing was the top cybersecurity threat to the manufacturing sector over the past six months, according to a report from ReliaQuest. These attacks accounted for 41% of true-positive alerts in the sector. “Spear phishing remains a favored tactic for attackers targeting manufacturing companies—and it’s easy to see why,” ReliaQuest says.

Several Russian threat actors, including the SVR’s Cozy Bear, are launching highly targeted spear phishing attacks against Microsoft 365 accounts, according to researchers at Volexity. The attackers are impersonating employees at the US State Department, the Ukrainian Ministry of Defence, the European Union Parliament, and well-known research institutions.

At KnowBe4, we constantly strive to stay ahead of emerging threats and create training content to warn users about the latest tactics used by cybercriminals. One of the ways we do this is through our internally produced demo video productions, which used to star the incredible Kevin Mitnick and his legendary hacking demos. In these modules we showcase real-world attack scenarios and provide actionable insights on how to defend against them. Last year my colleague Dr.

This Valentine’s Day, Cupid wasn’t the only one taking aim. Our Threat Research team noted a 34.8% increase on Valentine-related threat traffic in comparison to February of 2024. Leveraging impersonation and social engineering techniques, attackers have used a seasonal event to exploit heightened emotions and a sense of urgency, effectively increasing the likelihood of success in their phishing campaigns.

Data theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire. These incidents have become a routine part of ransomware attacks, since the threat of a data breach puts additional pressure on victims to pay the ransom. Ransomware gangs published stolen data on leak sites more than 2,200 times during Q4 2024. The finance and insurance industry saw the sharpest rise in data theft extortion last quarter.

SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, cryptocurrency organizations, and owners of coveted usernames. “SentinelLABS’ analysis links this activity to a similar operation from last year that successfully compromised multiple accounts to spread scam content with financial objectives,” the researchers write.

Check Point warns that a large-scale phishing campaign is targeting Facebook accounts with phony copyright infringement notices. The phishing emails have targeted more than 12,000 email addresses at hundreds of companies. Nearly all of the emails targeted individuals in the US, the EU, and Australia, though the researchers also observed some phishing templates written in Chinese and Arabic.

Dr. Martin J. Kraemer discusses learning from The Word Economics Forum Cybersecurity Outlook 2025 report Last year, the British multinational corporation Arup lost about 20 million pounds after falling victim to a deepfake scam. A finance worker in their Hong Kong office carried out 15 transactions to seven different bank accounts after joining an online meeting, during which urgent financial requirements were discussed among senior leadership.

2024 saw the highest-ever amount of ransomware attacks, according to a new report from NCC Group. There were 5,263 observed ransomware incidents last year, with the LockBit gang accounting for ten percent (526) of these attacks. RansomHub was the second most active group, accounting for 501 attacks. Notably, the industrial sector was the most commonly targeted, accounting for 27% of ransomware attacks in 2024 (a 15% increase from 2023).

Scammers are taking advantage of the newfound popularity of the China-based AI app DeepSeek, according to researchers at ESET. DeepSeek released its generative AI tool last month, and it’s since overtaken ChatGPT as the top free app in Apple’s App Store. Users are now spotting lookalike domains designed to deliver malware or steal information. Other scams offer users the opportunity to buy phony stocks in DeepSeek.

In the bustling world of 1960s Madison Avenue, a young advertising executive named Lester Wunderman was about to revolutionize the industry. Wunderman, often called the father of direct marketing, had a simple yet profound insight: personalization was the key to capturing attention and driving action. Wunderman's breakthrough came when he created the Columbia Record Club, a mail-order service that tailored its offerings based on each member's past purchases and preferences. The results were staggering.

The rise of agentic AI tools will transform the cybercrime landscape, according to a new report from Malwarebytes. Agentic AI—which is still under development—is a step above the generative AI tools that are currently available to the public, and will likely be widely released in 2025. While these tools will have many legitimate uses, they’ll also enable cybercriminals to scale their attacks.

A KnowBe4 Threat Lab publication Authors: Daniel Netto, Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary Attackers exploit redirects that lack safeguarding mechanisms to borrow the domain reputation of the redirect service, obfuscate the actual destination and exploit trust in known sources. Whitelisting URLs, only allowing a predefined set of URLs to be rewritten, is an effective countermeasures against the vulnerability on the server side.

Nearly half (46%) of businesses observed an increase in deepfakes and generative AI-related fraud last year, a new report from AuthenticID has found. Additionally, phishing attempts increased by 76% in 2024, and more than 90% of cyberthreats were driven by social engineering. The report also noted a rise in workplace-related fraud, including employee impersonation and account takeover.

Recently, I started working with my children's school to enhance their online safety measures and develop a digital mindfulness course in collaboration with their digital literacy lead. This experience highlighted the fact that our schools are not only expected to provide safe places of learning but also extend that safety into the digital spaces.

Researchers at Cisco Talos warn that a new phishing campaign is targeting users in Germany and Poland in an attempt to deliver several strains of malware, including a new backdoor dubbed “TorNet.” The phishing emails purport to be fake money transfer confirmations from financial institutions or phony order receipts from manufacturing and logistics companies.