Depending on who you ask, between 70 and 90 percent of cyber risk has human error as the root cause. That's why Human Risk Management (HRM) is so important. And here is the next major advance in HRM. We're thrilled to announce the second version of our risk score architecture. It is so far advanced we have renamed—promoted really—our initial "Virtual Risk Officer" to SmartRisk Agent.

Cybercriminals have found a new way of leveraging legitimate web services for malicious purposes, this time with the benefit of added automation of campaign actions. Security researchers at CheckPoint have discovered a new phishing campaign that uses Google App Scripts – a scripting platform developed by Google that lets you integrate with and automate tasks across Google products – as the destination in malicious links.

The Trinity ransomware gang is launching double-extortion attacks against organizations in the healthcare sector, according to an advisory from the US Department of Health and Human Services (HHS). The ransomware gains initial access via phishing emails or software vulnerabilities. “Trinity ransomware was first seen around May 2024,” the advisory says.

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security. URL rewriting is a security technique used by many email security platforms to analyze links in emails to verify their safety before users are allowed to click on them. However, this technique can also be abused to mask the original phishing link.

During World War II, a group of brilliant minds led by Alan Turing gathered at Bletchley Park in England to crack the German Enigma code. This wasn't just a technological challenge, it was a race against time that required diverse skills, innovative thinking, and collaboration. The success at Bletchley Park didn't come from a single genius or a magic machine, but from a collective effort that brought together linguists, mathematicians, chess players, and even crossword enthusiasts.

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto Networks. The service allows unskilled criminals to spin up sophisticated phishing sites that steal credentials or deliver malware.

New research by Recorded Future provides insight into how advanced and sophisticated the threat group Marko Polo has become since launching in 2022. Marko Polo is of particular interest due to their rapid progress in advancing their operations.

Industry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate. It’s one thing to see your industry at the top of some “state of” cybersecurity report, but it’s entirely different to learn that 68% of all phishing web pages identified in a single quarter are from your industry. That’s exactly what we find in Akamai’s latest analysis of websites across the Internet.

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset questions with real answers! It’s not Jeopardy! You don’t have to answer the questions correctly. In fact, you’re putting yourself at increased risk if you do. Instead, give a false question to any required password reset answer.

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network. This is one of the most advanced initial access attacks I’ve seen. Security analysts at GuidePoint Security have published details on a new attack that tricks users into providing the attacker with credentialed access.