Social Engineering | Breaking Cybersecurity News | The Hacker News

Imagine joining a video call with your CEO, only to find out later the CEO participant was actually an AI-generated fake. Welcome to the new digital battlefield.  Adversarial AI and deepfakes have created an identity attack surface that is not just digital, but is also based on reality itself . These technologies are no longer science fiction or theoretical. They are actively being used to spoof identities, manipulate political perceptions, and circumvent even the best cybersecurity training initiatives. , and circumvent even the best cybersecurity training initiatives.  If your cybersecurity defenses rely solely on human perception, voice recognition, or even visual evidence, you are vulnerable to an attack.  From Cat and Mouse to Machine vs. Machine Cybersecurity has always been a game of cat and mouse. As defenders (mice), we have historically been able to adapt our defenses for phishing, malware , ransomware, and insider threats . Today, we're also strategizing ...

With every credential breach that hits the news, CISOs and security professionals continually reach the same conclusion: passwords are insecure, and we should abandon them in favor of less risky authentication factors. But, secure or not, passwords are stubborn. The 2025 Verizon DBIR rated the likelihood of this being the year we finally eliminate passwords as being on par with "this being the year of the Linux desktop."  Any IT or security pro who has had to explain passkeys to their coworkers can tell you that 2025 isn't going to be the year we do away with passwords. Frankly, that year's not likely to come any time soon. Even if it were technically feasible (it often isn't) to transition every single login at a company to passkeys or biometrics, that would take years of concentrated effort. In the meantime, security leaders can't afford to sit on their hands and ignore the credential risks currently facing their company.  We need a new approach to thinking about secur...

Cybercriminals don't just hack systems—they hack people. They've figured out that humans are wired to trust, empathize, and help, and they're using that against us in ingenious ways. Take this jaw-dropper: In 2024, a company lost over $25 million because an employee fell for a deepfake during a video call. Yep, a fake video of "trusted colleagues" tricked someone into handing over the keys to the kingdom—all kicked off by a phishing email. Ouch. If we want to stay one step ahead, we need to understand the psychology behind these attacks. Let's break it down—the human vulnerabilities, the identity and access management (IAM) fixes, and how to make tech work with (not against) our brains. Why Humans Are the Weakest Link Here's the deal: Humans evolved to trust and empathize. It's why we have friends, families, and functional societies. Mirror neurons in our brains make us feel what others feel, which is awesome for bonding… but terrible when a scammer shows up. Cybercrimi...