Enterprise Security Tech

A new wave of phishing attacks is exploiting one of the most familiar digital annoyances: iCloud storage warnings. Security researchers say attackers are impersonating Apple billing alerts to trick users into handing over credentials, payment details, and ultimately control of their Apple IDs. The campaign hinges on a simple but effective tactic. Users receive emails claiming their iCloud storage is full, followed by escalating warnings that their accounts have been blocked o

An unusual PayPal scam is highlighting how attackers increasingly rely on trusted platforms rather than obvious forgeries to slip past both technical defenses and human suspicion. Over the past several weeks, security researchers and users have observed phishing campaigns that exploit PayPal’s own subscription and notification systems to deliver emails that look entirely legitimate. The messages arrive from PayPal’s real infrastructure, use authentic templates, and land dire

When dozens of alumni and students at the University of Pennsylvania (Penn) opened their inboxes on Friday, they encountered more than a phishing lure—what appeared was a full-on reputation-assault, wrapped in the university’s own branding. What began as a shocking email blast is now being treated by Penn’s leadership as a serious cybersecurity incident. According to Reuters, the university has engaged the Federal Bureau of Investigation (FBI) and third-party cyber forensics,

Password reuse just became a lot more dangerous. In what may be one of the largest credential-harvesting operations ever documented, threat actors have compiled 3.5 terabytes of stolen login data—now labeled the “Synthient Stealer Log Threat Data”—and it’s been added to Have I Been Pwned (HIBP). The dataset includes 183 million unique email addresses, each paired with the passwords and websites where they were stolen. For the average person juggling dozens of logins across a

As October draws to a close, organizations worldwide are winding down campaigns marking Cybersecurity Awareness Month (NCSAM) —- an annual reminder to rethink our digital hygiene. But this year, the message landed in a very different place: no longer just about strong passwords and antivirus updates, but about who and what gets access . A new emphasis: identity at the core The theme for the 22nd edition of NCSAM underscored a stark reality: identities — both human and machine