As we move into 2026, social engineering is shifting from a tactical security concern to a leadership and governance ...

After hardening our corporate environment and improving our device management as the chief information security officer (CISO) with other organizations, I began to notice the threat landscape changing ...

Keen to the importance of not simply clicking on any email I receive in my inbox, I recently received a message with a subject line I could not resist: “Kevin Mitnick Security Awareness Training.” For ...

WEST LAFAYETTE, Ind. — Purdue University is offering new cybersecurity short courses in social engineering and digital forensics as part of a growing suite of offerings through the Purdue Polytechnic ...

With organizations becoming more digitally interconnected, threat actors are placing greater emphasis on manipulating people instead of breaching systems directly. One of the most deceptive and ...

Social engineering is the very common practice of exploiting a human element to initiate and/or execute a cyberattack. Human weakness and ignorance present such easy targets that fully 82% of the ...

When was the last time you had to threaten to shoot an unauthorized executive who was demanding access to a secure area? Read on for a real-life story and an important lesson on effective security ...

When Alethe Denis conducts a social engineering attack as part of a red team exercise, the Bishop Fox security consultant often presents the targets with the exact email template that her team intends ...

Cyberattacks, perhaps more so than any other type of crime, follow trends. As security professionals find ways to protect against old techniques, cybercriminals find opportunities elsewhere to ...

In the two preceding columns, John Orlando discussed the ethical dimensions of social engineering in penetration testing. Today I want to look at how to use social engineering effectively for ...