A new threat report released by cloud provider security Zscaler is finding alarming trends in the growth of phishing attacks in 2022. […]

A top Defense Advanced Research Projects Agency (DARPA) official said this week that generative AI – like ChatGPT – will alter the threat landscape by making it easier for adversaries to produce high-quality phishing capabilities and ransomware campaigns. […]

One leading cyber expert from the Defense Health Agency (DHA) joined other Federal officials during a Jan. 5 virtual panel to discuss the agency’s top threats going into the new year and their plans to mitigate cyberattacks. […]

County-level election workers in at least two battleground states saw a surge in attempted phishing exploits in the runup to the 2022 midterm election primary contests, according to a new report from cybersecurity firm Trellix. […]

The volume of phishing-based cyberattacks rose by 29 percent in 2021 over prior-year levels and was driven in part by an increase in phishing-as-a-service schemes, according to new research from cloud security services provider Zscaler and its ThreatLabz research operation. […]

In a new report of nearly 30,000 cyber incidents, roughly 70 percent of public sector breaches were found to be the product of social engineering campaigns—relying mostly on phishing attacks. […]

To combat phishing attacks that could crumble an entire agency’s cybersecurity safeguards at one employee’s incorrect click, the National Institute of Standards and Technology (NIST) has launched a new method to understand why individuals fall for the malicious links. […]

Federal agencies are significantly better than private sector organizations at enforcing domain-based message authentication, reporting, and conformance (DMARC) standards to combat email domain spoofing, according to a new report from anti-phishing company Valimail. […]

The Tennessee Valley Authority’s (TVA) phishing prevention training is ineffective and lacks formalized procedures, according to a Feb. 21 report from the Office of the Inspector General (OIG). […]

A FISMA audit found problems with both phishing and data exfiltration at the Social Security Administration (SSA), according to two report summaries released December 4 by the agency’s inspector general. […]

While figures vary across industry and government as to the size of the “phishing-prone” population in any organization, both sides agree that sustained internal employee training efforts are necessary to cut the success rate of spear-phishing exploits down to more manageable levels. […]

New research shows that email is still a weak link in U.S. election infrastructure, with only five percent of the nation’s largest counties protecting election officials from impersonation attempts. […]

Phishing activity increased 400 percent as consumers began their holiday shopping over the first two week of November, according to a new report by Zscaler. […]

A significant percentage of surveyed working adults do not grasp or implement basic cybersecurity concepts and practices, according to Proofpoint’s recently released 2018 User Risk Report. […]

Cyber tech provider Proofpoint said a recent security awareness audit of employees that undertake security training concludes that people are only hitting on the right answers 78 percent of the time. […]

The Cybersecurity and Infrastructure Agency (CISA) sent out an alert warning of an email phishing scam that is attempting to trick users into opening attachments that are designed to look like Department of Homeland Security notifications. […]

Microsoft confirmed this week that its webmail services were victim to a data breach through the first three months of 2019. […]

The U.S. has dropped down the list of international phishing targets, falling from the second most targeted country to the fourth, according to cybersecurity firm RSA’s Quarterly Fraud Report for the fourth quarter of 2018. […]

The Department of Homeland Security’s National Cybersecurity & Communications Integration Center (NCCIC) is warning users “to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence.” Alongside these recommendations, the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a cyber intel advisory on Sept. 14, which notes an uptick in internet activity related to Florence. […]

The Federal Trade Commission issued a warning on Sept. 14 to consumers to be on the alert for phishing scams related to the Equifax breach. The FTC said people might call asking to verify consumers’ account information due to the Equifax hack. “Stop. Don’t tell them anything,” the FTC said in a statement. […]