Lack of Security Awareness Tops List of Obstacles to Cyber Defense
Most organizations cite low security awareness among employees as the biggest barrier to defending against cyberattacks, according to a new survey by CyberEdge Group.
phishing
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitat…
How Does Human Risk Management Differ from Security Awareness Training?
In today’s cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk.
Despite significant advancements in technological defenses, human error remains a leading cause of data breaches and security …
AI-Powered Spear Phishing Can Now Outperform Human Attackers
Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.
Cozy Bear targets EU diplomats with wine-tasting invites (again)
APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagg…
WhatsApp Job Offer Scam Targets Job Seekers in New Phishing Attack
A new form of phishing attack is making waves among job seekers, as cybercriminals exploit WhatsApp and Meta’s trusted branding to lure victims into sophisticated job offer scams. Security experts warn that these attacks are not only increasing in freq…
UK’s Cyber Crime Down in 2024: Better ‘Cyber Hygiene Among Small Businesses
A UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates.
UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack
Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches Survey 2025.
USPS Warns Public About Rising Mail, Email Scams—How to Spot and Avoid Them
Discover how evolving USPS mail scams highlight growing cybersecurity risks. Learn how phishing, smishing, and brushing attacks threaten your personal data.
The post USPS Warns Public About Rising Mail, Email Scams—How to Spot and Avoid Them appeared first on eSecurity Planet.
Smishing Campaign Hits Toll Road Users with $5 Payment Scam
Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspec…