SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Social Engineering Stories

Australian Stories

Social Engineering stories

MSHTA abuse helps malware hide in Windows processes
Phishing

MSHTA abuse helps malware hide in Windows processes

A default Windows utility is giving attackers a way to run malicious scripts through trusted processes and dodge security tools.

By Sean Mitchell 3 min read Last month
Australian businesses warned over ClickFix attacks
Malware

Australian businesses warned over ClickFix attacks

Many small firms cannot block the attack with email or antivirus tools because it tricks staff into running malicious commands themselves.

By Mark Tarre 3 min read Last month

Global Stories

Social Engineering stories

KnowBe4 launches Teams security tool against phishing
Cloud Security

KnowBe4 launches Teams security tool against phishing

Organisations using Microsoft Teams will gain new defences against phishing and impersonation as attackers shift beyond email to trusted chat tools.

By Sean Mitchell 4 min read Last week
Barracuda flags stealthy Microsoft 365 attack shift
Multi-factor authentication

Barracuda flags stealthy Microsoft 365 attack shift

Businesses are facing harder-to-spot intrusions as attackers use valid Microsoft 365 logins, fake AI sites and fileless malware to evade detection.

By Joseph Gabriel Lagonsin 4 min read Last week
Canvas breach puts global education cyber risk in focus
Ransomware

Canvas breach puts global education cyber risk in focus

Hundreds of millions of student records may be exposed, disrupting exam systems at universities and highlighting the fragility of centralised school software.

By Sean Mitchell 7 min read Last month
Group-IB strengthens banking growth with AWS recognition
Private Cloud

Group-IB strengthens banking growth with AWS recognition

The AWS recognition should help Group-IB win more regulated financial customers by proving its fraud and incident response tools meet sector standards.

By Karen Joy Bacudo 4 min read Last month
Darwinium updates mobile SDKs to spot scam activity
Gaming

Darwinium updates mobile SDKs to spot scam activity

Banks and payment firms could spot scams mid-session, as Darwinium's updated mobile SDKs track live calls, screen sharing and device evasion.

By Sean Mitchell 4 min read Last month
KnowBe4 warns of phishing campaign using fake surveys
Phishing

KnowBe4 warns of phishing campaign using fake surveys

Victims are being lured into handing over card details after completing bogus brand surveys promising prizes, as short-lived domains evade filters.

By Karen Joy Bacudo 4 min read Last month
Merchants rush to adopt AI shopping agents, Ravelin finds
Data Protection

Merchants rush to adopt AI shopping agents, Ravelin finds

Most enterprise retailers now plan to use AI shopping agents, even as many say they are not ready for the fraud risks they bring.

By Joseph Gabriel Lagonsin 3 min read Last month
CypherLoc scam kit drives millions of browser attacks
Endpoint Protection

CypherLoc scam kit drives millions of browser attacks

Browser-based fraud is scaling fast, with Barracuda saying CypherLoc has driven about 2.8 million attacks since the start of 2026.

By Sean Mitchell 3 min read Last month
Exploitation overtakes social engineering in Rapid7 report
Ransomware

Exploitation overtakes social engineering in Rapid7 report

Exposed systems are becoming the main target, as Rapid7 says flaws were used in 38% of incidents and patch windows shrank to five days.

By Mark Tarre 3 min read Last month
KnowBe4 warns of World Cup scam surge ahead of 2026
Data Protection

KnowBe4 warns of World Cup scam surge ahead of 2026

Fans risk losing money and personal data as scammers exploit demand for World Cup tickets, travel bookings and visa details.

By Joseph Gabriel Lagonsin 4 min read Last month

Stories from Other Regions

Social Engineering stories

Romance scams evolve into emotionally engineered attacks
Phishing

Romance scams evolve into emotionally engineered attacks

Victims in the UK lost GBP £106 million last year as fraudsters use AI, private messaging and emotional pressure to extract cash.

By Joseph Gabriel Lagonsin 4 min read 3 days ago
Ecommpay urges action on social media fraud for children
Cybersecurity

Ecommpay urges action on social media fraud for children

Fraudsters are reaching young people on social media before any payment is made, Ecommpay said, urging tougher platform accountability.

By Sean Mitchell 4 min read Last week
Payments Canada urges cross-sector anti-fraud strategy
Data Protection

Payments Canada urges cross-sector anti-fraud strategy

Fraud is moving across Canada's payments ecosystem, prompting calls for banks, telecoms and platforms to share data and coordinate defences.

By Karen Joy Bacudo 4 min read Last week
Ocean raises GBP £28 million to fight AI email fraud
Data Protection

Ocean raises GBP £28 million to fight AI email fraud

AI-written phishing is forcing security teams to rethink email defences as Ocean claims its system already scans more than one billion messages a month.

By Sean Mitchell 4 min read Last month
iProov launches tool to spot deepfakes in video calls
Biometrics

iProov launches tool to spot deepfakes in video calls

Growing use of AI fakery is forcing companies to verify who is really on screen before hiring, approving payments or granting access.

By Joseph Gabriel Lagonsin 4 min read Last month