IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

phishing

CISA: Phishing campaign targeting US federal agencies went undetected for months
Abstract image of a fishing hook through a red email to represent a phishing attack
phishing

CISA: Phishing campaign targeting US federal agencies went undetected for months

Threat actors used legitimate remote access software to maliciously target federal employees
26 Jan 2023
Microsoft's VALL-E will usher in a new era of cyber crime
An approximation of a human head made of blue lines and polygons with a speech bubble made of similar blue lines and polygons next to it, against a dark background
artificial intelligence (AI)

Microsoft's VALL-E will usher in a new era of cyber crime

With its ability to synthesise speech from short audio clips, Microsoft's VALL-E poses a worrying development in the realm of deepfakes
12 Jan 2023
LastPass customer password vaults stolen, targeted phishing attacks likely
The LastPass logo on a smartphone lying next to some bluetooth earphones
Security

LastPass customer password vaults stolen, targeted phishing attacks likely

The latest fallout from the password manager's August security nightmare will probably see attackers deploying sophisticated methods to acquire decryp…
23 Dec 2022
Hundreds of thousands of Emotet attacks spotted daily after four-month hiatus
Global map in black and red colour scheme denoting threat with plots in major cities to show cyber attacks being observed across the world
cyber attacks

Hundreds of thousands of Emotet attacks spotted daily after four-month hiatus

The botnet that refuses to die returns again and is equipped with new payloads and tactics to evade detection
16 Nov 2022
The top 12 password-cracking techniques used by hackers
A list of poorly-constructed passwords on a notepad
Security

The top 12 password-cracking techniques used by hackers

Some of the most common, and most effective methods for stealing passwords
14 Nov 2022
The rising tide of no-hook phishing
An anonymous mobile phone user using their device in a darkened room
phishing

The rising tide of no-hook phishing

Not all phishing attacks rely on links or attachments, which means you’ll have to be extra careful
12 Nov 2022
Dropbox confirms hackers stole 130 code repositories in GitHub phishing campaign
Email sign with a fish hook on blue digital background
phishing

Dropbox confirms hackers stole 130 code repositories in GitHub phishing campaign

The attackers carried out a phishing attack and gained employee login credentials to CircleCI, which they then used to access GitHub
2 Nov 2022
Undetectable PowerShell backdoor discovered hiding as Windows update
Two screens showing computer code with a red box displaying the word 'PowerShell'
vulnerability

Undetectable PowerShell backdoor discovered hiding as Windows update

SafeBreach researchers identified the backdoor, which they say went undetected on all major antivirus programs
19 Oct 2022
How to trust your inbox with Cloudflare Area 1
Webinar screen with title and globe graphicwhitepaper
Whitepaper

How to trust your inbox with Cloudflare Area 1

Why your current email security may not be enough
19 Oct 2022
Toyota discovers five-year-old email leak, customers at risk of phishing attacks
A silhouette holds a phone with the Toyota logo on it, with green binary code in the background
data breaches

Toyota discovers five-year-old email leak, customers at risk of phishing attacks

Security experts have said the company has no way of knowing whether the emails were accessed
11 Oct 2022
NCSC: Businesses are too often 'seduced' by the attractive lure of phishing tests
Abstract image of a fishing hook through a red email to represent a phishing attack
phishing

NCSC: Businesses are too often 'seduced' by the attractive lure of phishing tests

The debate around the importance of phishing tests in cyber security rages on but businesses need to be careful if they decide to embrace them, the UK…
10 Oct 2022
GitHub alerts users to active phishing campaign
The GitHub sign in screen on a smartphone
phishing

GitHub alerts users to active phishing campaign

The attack revolves around counterfeit CircleCI notifications urging users to accept updated terms of use and privacy policy
23 Sep 2022
LinkedIn’s Smart Links abused in phishing attack targeting Slovakian users
LinkedIn sign in a window
phishing

LinkedIn’s Smart Links abused in phishing attack targeting Slovakian users

The lure in the scam is a legitimate-looking pending shipment order from Slovakian Postal Service
22 Sep 2022
Phishing attacks targeting US government have evolved in sophistication, Cofense reports
Mockup of a hook fishing an email icon out of the ocean
phishing

Phishing attacks targeting US government have evolved in sophistication, Cofense reports

The scams are aimed at stealing federal employees' Microsoft 365 credentials
20 Sep 2022
Uber hacked via basic smishing attack
Black cards of Uber logos lined up in a row
Security

Uber hacked via basic smishing attack

The self-taught hacker impersonated an IT worker to gain an Uber employee's password, obtaining broad access to internal systems and posting taunting …
16 Sep 2022
Podcast transcript: Are phishing tests a waste of time?
Podcast transcript: Are phishing tests a waste of time?
phishing

Podcast transcript: Are phishing tests a waste of time?

Read the full transcript for this episode of the IT Pro Podcast
9 Sep 2022
The IT Pro Podcast: Are phishing tests a waste of time?
The IT Pro Podcast: Are phishing tests a waste of time?
phishing

The IT Pro Podcast: Are phishing tests a waste of time?

We discuss whether simulated email attacks are a worthwhile way to improve security
9 Sep 2022
Philippine senate to probe incessant surge in text scams
Graphic representing phishing with a hacker stealing data from one computer to anotheri
phishing

Philippine senate to probe incessant surge in text scams

Senator Grace Poe also called for the revival of the Philippines’ SIM Card Registration Act vetoed by former President Rodrigo Duterte
8 Sep 2022
DoorDash data breach exposes customer details
A Nascar racing car driving past a large banner sign displaying the DoorDash logo
phishing

DoorDash data breach exposes customer details

The security incident follows a phishing attack that compromised a third-party vendor’s computer network
26 Aug 2022
PyPI packages succumb to Mailchimp phishing scam
A close up photo of a python in front of a green background
phishing

PyPI packages succumb to Mailchimp phishing scam

The news comes after "fairly convincing" phishing emails from a Mailchimp account swindled developers into revealing credentials
26 Aug 2022
More than 130 organisations affected by “inexperienced” Twilio hackers
A digital render of a blue padlock fragmenting into a cloud of data
phishing

More than 130 organisations affected by “inexperienced” Twilio hackers

A thorough investigation revealed sophisticated methods coupled with relatively unsophisticated tooling
25 Aug 2022
Microsoft 365 business users targeted with new DocuSign phishing scam
A smartphone with the Microsoft 365 logo displayed, held in front of a blurred Microsoft banner
phishing

Microsoft 365 business users targeted with new DocuSign phishing scam

Threat actors are using fake login forms to trick users into changing their payment details
25 Aug 2022
Signal confirms 1,900 of its users were hit by Twilio breach
A smartphone sat on top of a white keyboard with the Signal app logo superimposed onto the phone's display - an image all set in dark blue and black lighting
cyber attacks

Signal confirms 1,900 of its users were hit by Twilio breach

Last week's phishing attack on Twilio has exposed phone numbers exposed and compromised user accounts
16 Aug 2022