Category: AI in news

The most damaging cyber threats today don’t target machines or systems—they target humans. Today, 74% of data breaches rely on exploiting the human element. From employees clicking on malicious links to being deceived by emails posing as executives and suppliers, human-targeted attacks jeopardize businesses worldwide every day.  When it comes to targeted email threats, Proofpoint…

Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale?   No need to wonder as it’s already happening. Not long after…

What happened  Proofpoint recently identified a cluster of activity conducting malicious email campaigns using piano-themed messages to lure people into advance fee fraud (AFF) scams. The campaigns have occurred since at least January 2024, and are ongoing. Most of the messages target students and faculty at colleges and universities in North America, however other targeting…

Background  Last year, the Federal Trade Commission (FTC) received more than 330,000 reports of business impersonation scams and nearly 160,000 reports of government impersonation scams. This represents about half of all the fraud reported directly to the FTC. The financial losses due to email impersonation scams are staggering. They topped $1.1 billion in 2023, which…

The threat landscape moves fast. As new attack methods and social engineering techniques appear, organizations need to maintain security awareness programs that are relevant, agile and focused. Research from Proofpoint for the 2024 State of the Phish report found that most businesses used real-world threat intelligence to shape their security awareness programs in 2023. That…

When you hear the term “spoofed” email, does business email compromise (BEC) come to mind? It does for many people—especially security leaders. BEC is a form of email fraud, and it has been a top concern for chief information security officers for years.   BEC scams are a costly problem. The latest Internet Crime Report from the FBI’s…

Black Hat USA 2024 kicks off Aug. 3 at Mandalay Bay in Las Vegas with training sessions, followed by a series of summits on Aug. 6, including the CISO Summit, with sessions on quantifying the cost of cyber risk, navigating regulatory complexity, and rebuilding after a cyber crisis, among others. But the big show rolls…

Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC. The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer…

As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using…