GitHub is the Latest Target of Social Engineering Phishing Attacks

GitHub is the Latest Target of Social Engineering Phishing Attacks

Using simple alert-style email notices, scammers look to steal credentials to gain access to development code, intellectual property, and project details. While the preponderance of impersonation attacks focus on brands like Office... Read more »
Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code. I’ve written about phishing attacks targeting GitHub users previously.... Read more »
1 in 3 Employees Rarely or Never Think About Cybersecurity

1 in 3 Employees Rarely or Never Think About Cybersecurity

Eye-opening data around the impact of human error demonstrates how simple user mistakes can compromise your organization’s cybersecurity posture. It’s something we all know – employees that aren’t paying attention to corporate... Read more »
New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security

New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security

Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros. Security researchers at Avanan have discovered a new attack method... Read more »