Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Persistent Online Worlds, Persistent Risks: The Security Challenges of MMORTS Games

Persistent Online Worlds, Persistent Risks: The Security Challenges of MMORTS Games

Apr 28, 2026 By SecuritySenses In SecuritySenses
Massively multiplayer online real-time strategy games occupy a specific and underexamined position in the gaming security landscape. Unlike session-based games where a match ends and the state resets, MMORTS titles run continuous worlds where player-built empires, alliances, and resource stockpiles exist around the clock, whether or not the player is logged in. That persistence creates a threat model significantly closer to financial services platforms than most people in either the security or gaming industries tend to acknowledge.
Read Post
knowbe4

Voice Phishing is a Growing Social Engineering Threat

Apr 8, 2026 By KnowBe4 Team In KnowBe4
Voice phishing (vishing) overtook email-based phishing as a top initial intrusion vector in 2025, according to a new report from Mandiant. Notably, vishing is live and interactive, giving the attacker more control over the social engineering objectives. “While email phishing often relies on volume and opportunistic delivery, interactive methods involve a live person steering the conversation in real-time,” Mandiant says.
Read Post
bluevoyant

New A0Backdoor Linked to Teams Impersonation and Quick Assist Social Engineering

Mar 6, 2026 By Thomas Elkins and Joshua Green In BlueVoyant
BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) continue to track an activity cluster that uses email bombing and IT-support impersonation over Microsoft Teams to obtain Quick Assist access, then pivot to a deeper attack. This research shows that once on the victim’s host, the actors sideload a malicious DLL to deliver a new backdoor BlueVoyant has dubbed the A0Backdoor.
Read Post
knowbe4

AI-Assisted Social Engineering Attacks Continue to Rise

Feb 19, 2026 By KnowBe4 Team In KnowBe4
Social engineering remained the top initial access vector for cyberattacks in 2025, with increasing assistance from AI tools, according to a report from ThreatDown. The researchers warn that AI will likely become a core component of social engineering attacks throughout 2026. “Deepfake voice, image, and video impersonation now requires minimal expertise and only a handful of reference images or seconds of audio,” the researchers write.
Read Post
bitsight

Inside the Rise of Clone Phishing and CAPTCHA-Based Social Engineering

Jan 22, 2026 By Emma Stevens In BitSight
In our previous two posts, The ABC’s of Ishing and From Lure to Breach, we broke down the foundational tactics used by cybercriminals to deceive users and gain unauthorized access. This follow-up report expands on that foundation by exploring three evolving phishing threats that go beyond traditional email lures: clone phishing, deepfake phishing, and Captcha phishing.
Read Post
knowbe4

AI-Assisted Social Engineering is a Growing Concern

Jan 21, 2026 By KnowBe4 Team In KnowBe4
A survey by the World Economic Forum (WEF) found that 47% of organizations cite the advancement of adversarial capabilities as their top concern surrounding generative AI. These capabilities include phishing, malware development, and deepfakes, all of which are increasingly accessible due to AI tools. Additionally, 42% of organizations experienced a successful social engineering attack last year, and the researchers expect this number to rise as AI-assisted social engineering grows more advanced.
Read Post
safeaeon

8 Ways Organizations Reduce Exposure to Social Engineering Attacks

Jan 19, 2026 By SafeAeon Inc. In SafeAeon
It is not always malware or a sophisticated tool that results in cyber threats. Sometimes, this happens through a convincing email or a request that appears trustworthy. There have been occasions where attackers created a moment of urgency to lead someone into clicking, sharing, or approving without realizing the consequences. This is social engineering. Social engineering threats are becoming more dangerous.
Read Post
memcyco

Social Engineering Tactics 2026: How Attackers Are shifting from Email to 'Swipe-Up' Scams

Dec 23, 2025 By Ezra M. In Memcyco
The image of the cyber attacker is changing. For years, the industry focused on email gateways and typo-squatted domains like citi-bank-security.com. But according to Tzoor Cohen, CTI Lead at Memcyco, the battleground has shifted. In 2026, the most dangerous social engineering tactics typically don’t start in an inbox. They start on social media, utilize legitimate infrastructure like Bitly, and exploit the user interface (UI) of mobile devices to hide malicious intent.
Read Post
safeaeon

How the Social Engineering Toolkit Helps Red Teams

Dec 16, 2025 By SafeAeon Inc. In SafeAeon
The Social Engineering Toolkit, or SET, is a tool that security teams use to copy the tricks that attackers use. It helps them see how well a company reacts when a message or link does not look legitimate. It can also test how people respond when they land on a copied website. Most guides cover only basic SET features. This blog explains how experts use SET in real tests and how defenders notice SET activity before harm occurs.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.