11 Ways Cybercriminals are Making Phishing More Potent Than Ever

Article Link: https://www.csoonline.com/article/3850783/11-ways-cybercriminals-are-making-phishing-more-potent-than-ever.html

• Attackers are weaponizing generative AI to craft eerily convincing emails, clone voices, and even generate fake videos, all to supercharge phishing lures and disarm suspicion.
• Tactics now include AI-written emails with flawless grammar, hijacked real conversations, deepfake voicemails, spoofed DocuSign requests, and fake landing pages, all personalized using scraped online data.
• These polished attacks are bypassing traditional filters and duping even trained professionals, turning everyday tools like email and Slack into high-risk zones for business compromise, data theft, and financial fraud.
• With numerous examples of how much more advanced phishing tactics have become, it’s more important than ever for businesses to improve their phishing drills, inspect behavioral anomalies, and train their end users to detect subtle cues like message tone and timing, not just typos.

Infosec Pro Troy Hunt HasBeenPwned in Mailchimp Phish

Article Link: https://www.theregister.com/2025/03/25/troy_hunt_mailchimp_phish/

• Troy Hunt, founder of Have I Been Pwned, confirmed his Mailchimp account was compromised by a phishing email that led to the export of a mailing list containing roughly 16,000 records, including more than 7,500 former subscribers.
• The phishing message mimicked a Mailchimp notice, claiming Hunt needed to review campaign settings after a spam complaint. It used just enough urgency to prompt action. After entering his login and one-time passcode, the attacker exported the list in under two minutes.
• The stolen data included both active and unsubscribed users. Hunt expressed concern that Mailchimp retained unsubscribed records and highlighted gaps in Mailchimp’s support for phishing-resistant login options like passkeys or hardware tokens.
• The fake domain was taken down within hours, and the rogue API key created by the attacker was revoked. Hunt shared the story of how easily current login methods can be bypassed by well-crafted phishing sites.
• Link to detailed blog post: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/

How CASB Security Protects Your School District

Article Link: https://securityboulevard.com/2025/03/how-casb-security-protects-your-school-district/

• Cloud Access Security Brokers serve as behind-the-scenes administrators, supervising platforms like Google Workspace and Microsoft 365 to intercept unsafe sharing, policy slip-ups, and illicit access.
• These tools flag suspicious behavior, shut down risky third-party apps, and stop sensitive records from slipping out through public links, all without disrupting the academic flow.
• Underfunded IT teams and overlooked settings can lead to breaches of student personally identifiable information (PII), violation of education law, and significant compliance fines.
• Education tech leaders are assigning CASBs as cloud chancellors, providing live insight, auto-enforced rules, and flexible defenses that match the pace of FERPA, COPPA, and evolving state-level requirements.

TechRepublic Exclusive: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure’

Article Link: https://www.techrepublic.com/article/news-ransomware-attackers-call-phones-sygnia/

• According to Sygnia, threat actors are now cold-calling victims, referencing executive schedules, employee names, and even intimate family details to create psychological pressure and drive faster ransom payments.
• As global ransom payouts dropped 35% in 2024, attackers are pivoting, using stolen internal data to sound threatening, even when physical harm isn’t on the table.
• Targets include legal teams and leadership, with calls timed during peak stress moments. Meanwhile, generative AI is being misused on both sides, crafting more convincing threats or complicating negotiations.
• Sygnia warns that these attacks now follow people home, reaching personal phones, interrupting dinners, and weaponizing fear. Calm responses and clear communication plans are the new lifeline.

Nearly One in Five SMBs at Risk of Shutting Down After a Cyberattack

Article Link: https://www.cfodive.com/news/smbs-risk-shutting-down-cyberattack-ai-cybersecurity/743405/

• According to the 2024 Cybersecurity Threat Index for Small and Midsize Businesses (SMBs) by VikingCloud, 18% of 500 North American SMBs said they would be forced to shut down permanently following a cyberattack, with digital threats now sprouting just behind inflation as a top operational concern.
• Over the past year, one in three SMBs were hit by phishing, spoofed websites, ransomware, deepfakes, and other digital pests, causing financial damage ranging from $250,000 to a stormy $7 million.
• With few safety nets in place, many SMBs are ill-equipped to bounce back, facing compliance consequences, legal storms, and customer trust eroding faster than spring snowmelt.
• The report advises SMBs place a greater priority on cybersecurity in their daily operations and long-term planning, adopting AI tools for automated monitoring and threat detection, and outsourcing security needs to a Managed Security Service Provider (MSSP) if time and budget don’t allow for the development of a security program.
• Link to VikingCloud’s Report: https://www.vikingcloud.com/press-news/successful-cyberattacks-would-force-1-in-5-smbs-out-of-business-according-to-new-vikingcloud-research

Can Standards Deal a Deathly Blow Against Deepfakes?

Article Link: https://www.cyberdefensemagazine.com/can-standards-deal-a-deathly-blow-against-deepfakes/

• The International Electrotechnical Commission (IEC), International Organization for Standardization (ISO), and International Telecommunications Union (ITU), are teaming up with Adobe, Microsoft, DeepMedia, and WITNESS to develop international standards for deep-fake detection, content traceability, and digital watermarking.
• With synthetic media muddying the game, the goal is to tag content with metadata, trace its origin, and give users tools to tell the difference between a real hand and a bluff.
• Deepfakes have already been used to mislead, defraud, and harass, yet platforms are still playing catch-up and struggling to flag manipulated content before it spreads.
• The group is laying down rules for a more transparent table, building a shared framework that helps authenticate content without folding on creative or legitimate synthetic media.  

Despite Challenges, the CVE Program is a Public-Private Partnership That Has Shown Resilience

Article Link: https://cyberscoop.com/cve-program-history-mitre-nist-1999-2024/

• Since 1999, the CVE list has cataloged software flaws, like digital bug bounty cards, with the list now surpassing 270,000 entries and being used by 447 security organizations in over 40 countries.
• With hundreds of vendors now acting as CVE Number Authorities, some researchers say the system risks bias, where companies quietly rewrite the severity or stall the release of their own vulnerability reports.
• The program’s been flagged for inconsistent record quality, clunky formatting, and a 2023 budget freeze at NIST that left the National Vulnerability Database spinning its wheels and missing updates.
• Stakeholders are calling for better dispute handling, tighter formatting standards, and resource upgrades to keep the CVE ecosystem transparent, and free of vendor-side patchwork.

High-Severity Cloud Security Alerts Tripled in 2024

Article Link: https://www.darkreading.com/cyber-risk/high-severity-cloud-security-alerts-tripled-2024

• In its latest report, “Cloud Threats on the Rise,” Palo Alto Networks’ Unit 42 analyzed data from 33,000 organizations and found a 235% spike in high-severity cloud alerts, alongside a 388% climb in total cloud threat activity.
• Attackers aren’t waiting for blue skies, they’re diving straight into runtime systems, launching mass downloads, executing suspicious commands, and disabling logs to avoid detection.
• On average, teams are faced with 20 severe cloud alerts daily. Mass downloads ballooned 305%, and strange logins, like those suggesting users were in two places at one, rose 116%, suggesting more frequent and unpredictable surges.
• Unit 42 points to the need for real-time analytics, identity threat detection, and behavioral monitoring across multi-cloud environments, giving teams the radar they need to catch intrusion while the skies are still shifting.
• Link to Unit 42’s Report: https://unit42.paloaltonetworks.com/2025-cloud-security-alert-trends/

Personal Cyber Insurance is a Growing Insurance Gap; Consumers Are Routinely Victims of Cybercrime and Yet Most Are Uninsured

Article Link: https://insurancenewsnet.com/oarticle/personal-cyber-insurance-is-a-growing-insurance-gap-consumers-are-routinely-victims-of-cybercrime-and-yet-most-are-uninsured

• A recent report from the Insurance Information Institute (III) reveals that 75% of consumers have experienced personal info loss or theft due to cybercrime, including 28% of those surveyed reporting hacked social media accounts and 23% having suffered data breaches.
• Despite these risks, 56% of insurance agents indicate that their clients do not understand or recognize the value of personal cyber insurance, suggesting a need for increased awareness and education.
• Additionally, the need for further agent training is also evident, indicated by 73% of agents and brokers reporting feeling comfortable explaining personal cyber insurance and 68% feeling comfortable selling it. 
• The call to action in addressing the personal cyber protection gap is summed up in the following quote from the report: “Consumers clearly need to be better educated about cyber risks and the products that can help protect them. Likewise…insurance agents also need to learn more about the risks and available products to be able to sell them more effectively.”
• Link to III’s Report: https://www.iii.org/sites/default/files/docs/pdf/personal_cyber_protection_gap_03252025.pdf