-
1 week ago | 
securitytoday.com | Erich Kron
Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems.
-
2 weeks ago | 
dig-in.com | Erich Kron
Technological advancements have rapidly outpaced our human ability to adapt. That presents an opportunity for malignant actors to easily present false information in increasingly credible ways. These hackers and privacy thieves exploit our struggle to adapt to a world that's changing faster than our minds can respond. But that doesn't mean we're helpless or hopeless.
-
2 weeks ago | 
securitybrief.news | Erich Kron
Internet memes and viral content have become a universal language in online culture. They're easily shareable, often humorous, and can spread rapidly across platforms. Whether it's a clever one-liner on a cat photo or a parody video poking fun at daily life, memes grab our attention and emotions in an instant.
But this same virality and cultural resonance make memes an attractive tool for cybercriminals and threat actors.
-
3 weeks ago | 
securityboulevard.com | Erich Kron
As security professionals, we’ve watched organizations invest millions of dollars in sophisticated security technologies over the years. Intrusion detection and prevention, EDR, SIEM, zero-trust network access — the technological arsenal continues to expand. Yet despite these advancements, human nature remains the most consistently vulnerable security risk.
-
3 weeks ago | 
securityboulevard.com | Erich Kron
Cybersecurity education is evolving from simple knowledge transfer to measurable risk reduction as the human risk factor is recognized ...
-
1 month ago | 
darkreading.com | Erich Kron
COMMENTARYIt is not news that cyberattacks are considered a top global concern. In 2024, the average financial cost of cyber incidents worldwide was $4.88 million. In the US, the average was even higher: $9.36 million. The ramifications of a cyberattack are more than just the obvious ones. The damage to infrastructure, lost revenue, attorney fees, incident response, and the resulting security enhancements make up the other half of that impact.
-
1 month ago | 
securitymagazine.com | Erich Kron
Internet memes offer good-natured entertainment through a witty combination of text, images and videos addressing mainstream culture and trending issues. Often considered harmless at face value, malicious code could lurk within these internet memes, spreading like a flu before anyone realizes the infection. Memes can be easily distributed among groups and communities, disseminated quickly via social media handles, messaging apps and forums to a vast audience within minutes.
-
2 months ago | 
propertycasualty360.com | Erich Kron
A strong security culture can be built on positive attitudes toward security controls and policies, role participation and accountability. (Credit: Yakobchuk Olena/Adobe Stock)You get the culture you ignore. For example, an employee walks into the office without their ID badge, and there is no security protocol to challenge this. Soon enough, others may see no value or incentive to wearing a badge, and they too stop wearing it.
-
2 months ago | 
hackernoon.com | Erich Kron
The KnowBe4 Threat Research team detected a sudden increase in phishing campaigns that abuse the scalable vector graphics (SVG) file format to hide malicious HTML, malware, and scripts that can easily bypass conventional email security filters. Analyzing phishing emails from Q1 we discovered that SVG files comprised 6.6% of malicious attachments within phishing emails—a 245% increase compared to the previous quarter. Why have SVG Files Suddenly Become Popular with Threat Actors?
-
2 months ago | 
securityboulevard.com | Erich Kron
Designed to exploit human behavior and our fallible natures, social engineering attacks are surging for a simple reason: It’s far easier to con and compromise an employee and steal the keys to the kingdom rather than trying to hack or subvert advanced cybersecurity controls that require specialized skills and resources. Recently, researchers discovered that a specific set of demographics is more susceptible to social engineering than others. Nope, it’s not baby boomers, but Generation Z.
