engineering
-
Blog
Hackers lean into social engineering to attack Apple security — Jamf – Computerworld
This has become such a pervasive problem that Apple in 2024 actually published a support document explaining what you should look for to avoid social engineering attacks. Attackers are increasingly creative, pose as trusted entities, and will use a combination of personal information and AI to create convincing attacks. They recognize, after all, that it is not the attack you spot…
Read More » -
Blog
Fresh Microsoft layoffs hit software engineering roles, documents show
Microsoft is set to lay off more than 300 employees as part of a fresh round of cuts in the company’s home state of Washington – and software engineers once again appear to be bearing the brunt. According to Worker Adjustment and Training Notification (WARN) filings, 305 Washington-based staff in total are affected. Organizations are required to file notifications on…
Read More » -
Blog
OpenAI Launches Codex, a Software Engineering AI Agent
Today, OpenAI introduced a cloud-based software engineering AI agent, powered by the company’s most powerful coding model called ‘codex-1’. It’s available to ChatGPT Pro, Team, and Enterprise users, starting today. OpenAI says ChatGPT Plus and Edu users will get access to Codex in the future. Talking about Codex, the software engineering agent can perform multiple tasks in parallel on the…
Read More » -
Blog
OpenAI just launched ‘Codex’, a new AI agent for software engineering
OpenAI has unveiled the launch of a new AI agent designed specifically for software engineering tasks. Codex, which is now available in preview, allows users to “delegate tasks to a software engineering agent in the cloud”, the company said. The agentic AI tool is powered by codex-1, a version of OpenAI’s o3 reasoning model which is optimized for coding tasks.…
Read More » -
Blog
This hacker group is posing as IT helpdesk workers to target enterprises – and researchers warn its social engineering techniques are exceptionally hard to spot
Hackers are ramping up phishing campaigns involving fake helpdesk domains to target the legal, financial services, and accounting sectors in the US. According to researchers at EclecticIQ, with the help of threat researchers Silent Push, the Luna Moth group – also known as Silent Ransom Group, UNC3753, and Storm-0252 – has carried out a flurry of ‘callback phishing’ attacks since…
Read More » -
Blog
France accuses Russia of engineering years of high-profile cyberattacks
In an unprecedented display of diplomatic aggression, French authorities publicly accused Russia of sponsoring several high-profile cyber attacks on French entities for over a decade to gather intelligence and destabilize the country. The incidents include everything from a faked Islamic State takeover of a French television broadcast signal in 2015 to the leak of President Emmanuel Macron’s emails in 2017.…
Read More » -
Blog
State-sponsored cyber groups are flocking to the ‘ClickFix’ social engineering technique
State-sponsored hackers from North Korea, Iran, and Russia are exploiting the ‘ClickFix’ social engineering technique for the first time – and to great success. Popular for some time with cyber crime groups, ClickFix is a social engineering practice that uses dialog boxes with instructions to copy, paste, and run malicious commands on the target’s machine. The technique was first seen…
Read More » -
Blog
State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia adopting the technique in recent espionage campaigns. ClickFix is a social engineering tactic where malicious websites impersonate legitimate software or document-sharing platforms. Targets are lured via phishing or malvertising and shown fake error messages that claim a document or…
Read More » -
Blog
Generative AI Powers Social Engineering Attacks
Phishing was no longer as common in 2024 as before, according to CrowdStrike’s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We’re well within the era of what cybersecurity technology CrowdStrike called “the enterprising adversary,” with malware-as-a-service and criminal ecosystems replacing…
Read More » -
Blog
Enterprises are set to waste $44.5 billion on needless cloud spending this year – the growing disconnect between FinOps and engineering teams is a key factor
Enterprises could waste up to $44.5 billion in cloud spending this year as a rift between engineering and FinOps teams hampers cost efficiency, according to research from Harness. Enterprises estimate that 21% of their cloud infrastructure spend is wasted on underutilized resources, Harness found, with the majority of surveyed engineering staff putting this down to a disconnect between two key…
Read More »