Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When it comes to artificial intelligence (AI) and human risk management (HRM), not all AI is created equal. You need an approach to AI that demonstrably enhances your security posture, integrates seamlessly with your existing processes and operates as an extension of your team. AI should be in service of a larger goal rather than exist for its own sake.. We’re talking benefits, not just features. An established history of innovation, not capabilities that are too little, too late.

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition. “Business email compromise is an event in which cyber criminals gain access to an organization’s email account to execute a cyber attack,” the cyber insurance provider explains. “Attackers often leverage email access to find sensitive data, including login credentials, financials, and other private information.

Agentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026. Here is why. What is Agentic AI? First, it helps to define what agentic AI is. To do that, we have to start by defining what Artificial Intelligence (AI) is…and doing that is a bit like trying to nail the proverbial Jello to a wall.

Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: transforming your largest attack surface - your workforce - into your biggest security asset is critical. 49 Seconds to Disaster According to the Verizon Data Breach Investigations Report (DBIR), the median time it takes someone to click a malicious link is a staggering 21 seconds.

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors. Specifically, the group targets “organizations with large help desk and outsourced IT functions which are susceptible to their social engineering tactics.” The threat actors impersonate employees and attempt to trick IT workers into granting them access. The group also poses as IT workers to target employees.

KnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination of security-themed phishing emails, branded phishing websites to harvest credentials, and Telegram bots to exfiltrate data.

Just because you’re using a passkey doesn’t mean your password is gone. Microsoft is going passwordless in a new big push. As part of that new initiative, they are strongly pushing FIDO passkeys. I am a big fan of FIDO passkeys and FIDO in general. FIDO authentication offerings, including passkeys, are phishing-resistant, which makes them a HUGE improvement over passwords and most other multi-factor authentication products.

Researchers at Cisco Talos warn that major phishing kits continue to incorporate features that allow them to bypass multi-factor authentication (MFA). Commodity phishing kits like Tycoon 2FA and Evilproxy achieve this by using reverse proxies to intercept traffic from the authentication process during a phishing attack.

Phishing was the initial access vector in 50% of attacks during the first quarter of 2025, according to a new report from Cisco Talos. “Threat actors used phishing to achieve initial access in 50 percent of engagements, a notable increase from less than 10 percent last quarter,” Talos writes.

Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool. ScreenConnect is a legitimate tool used for remote IT management, but it can be abused by hackers to take control of victims’ computers.