Cybersecurity Weekly: AiTM phishing attack, how to spot social engineering personas, CISA patch order
A new AiTM phishing attack can skip MFA, scammers posing as cybersecurity companies to install malware, and how to spot fake personas used for social engineering. All these and more in this week's edition of Cybersecurity Weekly.
1. Microsoft warning: This AiTM phishing attack can skip your defenses
Phishing campaigns are using web proxies to perfectly imitate corporate login pages that can help attackers dodge multi-factor authentication.
2. Crooks are now posing as cybersecurity companies to trick you into installing malware
Cybersecurity company CrowdStrike details phishing attacks that claim to come from security companies - including Crowdstrike itself.
3. How hackers create fake personas for social engineering
And some ways to up your game for identifying fabricated online profiles of people who don't exist.
4. CISA orders agencies to patch new Windows zero-day used in attacks
CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild.
5. Now offering cryptocurrency, ATMs targeted for crypto-fraud
The addition of cryptocurrency to ATMs in recent years has added a new wrinkle to the basic card skimmers and over-the-shoulder, old-school PIN-snatching.
Sean's Test Ad
- Sean's
- Test
- Ad
In this series
- Cybersecurity Weekly: AiTM phishing attack, how to spot social engineering personas, CISA patch order
- How to become a cybercrime investigator
- CEH version comparison: V12 to V13 evolution guide
- ISC2 CSSLP certification overview: What you need to know
- ISC2 CGRC: Overview & career path
- CRISC certification: Overview & career path [updated 2021]
- PMP certification: Overview and career path [updated 2021]
- ISACA CDPSE certification: Overview of the new ISACA privacy certification
- CGEIT certification: Overview and career path [updated 2021]
- What is a cyber range?
- Microsoft azure certification: Overview And career path
- CEH salary guide: What Certified Ethical Hackers really earn
- CCSP salary: How much can you make as a cloud security professional?
- Average CGRC (Certified in Governance, Risk and Compliance) salary
- CRISC Frequently Asked Questions (FAQ) [updated 2022]
- Average CSSLP Salary in 2021
- ISACA CDPSE exam details and process
- How To Become CGEIT Certified – Certification Requirements [updated 2021]
- How to pick the best cyber range for your cybersecurity training needs and budget
- CEH exam eligibility: Application process & requirements guide
- CISSP domains overview: Your complete preparation guide
- CCSP exam and CBK changes in August 2024
- Average CRISC Salary [2023 update]
- CGRC certification job titles and career outlook
- ISC2 CSSLP exam details and process
- ISACA CDPSE certification exam: Overview of domains
- An Introduction to the PMP: Exam Details and Process [updated 2021]
- CGEIT certification exam: overview of domains [Updated 2021]
- 10 Success Tips: How to Pass Your Certified Ethical Hacker (CEH) Exam
- How to become CCSP certified: Certification requirements
- Certified in Risk & Information Systems Control (CRISC) Exam Overview [updated 2022]
- ISC2 CGRC exam details and process
- Best CSSLP study resources and training materials
- ISACA CDPSE domain 1: Privacy governance
- 10 Tips for PMP Certification Exam Success [updated 2021]
- CGEIT certification exam details and process [updated 2021]
- Certified Ethical Hacker (CEH) study guides & resources [updated 2025]
- CCSP exam details and process in 2025: Your guide to cybersecurity certification success
- Top 20 project management interview questions in 2024
- ISC2 CGRC certification exam: Overview of domains
- CRISC: Exam details & process [updated 2021]
- Maintaining your CSSLP: CPE and renewal requirements
- CGEIT Frequently Asked Questions (FAQ) [updated 2021]
- Scalability & elasticity: Technical considerations when selecting a cyber range
- Certified Ethical Hacker (CEH) job outlook [updated 2025]
- Test your cloud knowledge with these CCSP sample questions
- Best CGRC certification study resources and training materials
- CRISC: Overview of domains [updated 2021]
- ISACA CDPSE domain 3: Data lifecycle
- ISC2 CSSLP job titles and career outlook
- PMP®️ domain information & overview [updated 2021]
Cybercrime investigator
Cybercrime has hit record levels, with an expected $7 trillion USD to be made from cybercriminal activity by 2021. Investigating these sorts of crimes can be
EC-Council CEH
CEH v13 is the world's first AI-powered ethical hacking certification. Discover what's new, how it compares to v12/v11 and why it's a career game-changer.
ISC2 CSSLP
Becoming a Certified Secure Software Lifecycle Professional (CSSLP) validates your knowledge and skills around developing secure code and software.
ISC2 CGRC
Earning the Certified in Governance, Risk and Compliance certification can help prove to employers that you stand well above the rest.
