Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-07-13 11:00:00 |
KnowBe4\'s 2022 Phishing By Industry Benchmarking Report Reveals that 32.4% of Untrained End Users Will Fail a Phishing Test (lien direct) |
Once again, the human layer continues to be the most desirable attack vector for cybercriminals. 2022 marks the 5th year KnowBe4 has analyzed hundreds of millions of elements of data in order to provide the 2022 Phishing by Industry Benchmark Report. |
|
|
|
|
2022-07-12 13:21:14 |
(Déjà vu) CyberheistNews Vol 12 #28 [Eye Opener] Lessons Learned From a Big Hotel\'s Recent Data Breach Caused by Social Engineering (lien direct) |
|
Data Breach
|
|
|
|
2022-07-11 16:39:16 |
Multi-Medium Phishing Tactics Increase Attack Effectiveness by 300% (lien direct) |
|
|
|
|
|
2022-07-11 12:48:06 |
Amazon Prime Day Phishing (lien direct) |
Check Point Research (CPR) observed a 37% increase in Amazon-themed phishing attacks during the first week of July, ahead of Amazon Prime day this week. The emails come in a variety of templates, including one that informs recipients that they've recently made an expensive purchase. The user is directed to download an attachment that contains malware. Another email tells users that their payment method needs to be confirmed, and contains a link to a phishing site. |
|
|
|
|
2022-07-08 12:55:07 |
Lessons Learned from a Popular Hotel\'s Recent Data Breach Involving Social Engineering (lien direct) |
|
Data Breach
|
|
|
|
2022-07-07 13:11:52 |
FBI Issues Warning on China for Attempting to \'Ransack\' Western Companies (lien direct) |
|
|
|
|
|
2022-07-06 13:06:58 |
(Déjà vu) CyberheistNews Vol 12 #27 [New FBI and CISA Alert] This Ransomware Strain Uses RDP Flaws to Hack Into Your Network (lien direct) |
|
Ransomware
Hack
|
|
|
|
2022-07-06 12:03:07 |
Phishing Emails Top the List as the Initial Attack Vector for Ransomware Attacks (lien direct) |
|
Ransomware
|
|
|
|
2022-07-01 10:47:10 |
[New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network (lien direct) |
|
Ransomware
Hack
|
|
|
|
2022-06-30 18:43:50 |
Celebrity Crypto Scams Just Keep on Getting Worse (lien direct) |
Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they realize what happened, which is 65% higher than the average crypto scam theft from the previous year. The article's source expects celebrity-endorsed crypto scams to increase another 87% next year based on current rising trends. |
|
|
|
|
2022-06-30 14:19:27 |
[Heads Up] Online Fraud Now Sky-high With \'Tinder Swindler\' Romance Scams Costing Hundreds of Millions (lien direct) |
|
|
|
|
|
2022-06-29 14:03:52 |
Wars and Lechery, Nothing Else Holds Fashion for Phishing Attacks (lien direct) |
|
|
|
★★★★
|
|
2022-06-29 13:27:04 |
Bad News to Ransom Payers: 80% of You Will Face a Second Attack Within 30 Days (lien direct) |
New insight into what happens during and after a ransomware attack paints a rather dismal picture of what to expect from attackers, your executives, and your operations. |
|
|
|
|
2022-06-29 13:26:57 |
80% of Organizations Await “Inevitable” Negative Consequences From Email-Born Cyberattacks (lien direct) |
|
|
|
|
|
2022-06-29 13:26:51 |
New Evasive Phishing Techniques Help Cybercriminals Launch “Untraceable” Campaigns (lien direct) |
|
|
|
|
|
2022-06-29 13:15:45 |
Innovative Way to Bypass MFA Using Microsoft WebView2 Is Familiar Nevertheless (lien direct) |
An interesting way to bypass multi-factor authentication (MFA) was recently announced by Bleeping Computer. This particular attack method requires a potential victim to be tricked into downloading a malicious executable (not so hard unfortunately), and the resulting rogue code then uses Microsoft Edge's WebView2 control to essential create a rogue web page which can mimic any other web page, except with new malicious coding inserted. |
|
|
|
|
2022-06-29 13:15:30 |
(Déjà vu) FBI Warns of Deepfakes Used to Apply for Remote Jobs (lien direct) |
|
|
|
|
|
2022-06-28 13:04:02 |
CyberheistNews Vol 12 #26 [Heads Up] The FBI Warns That LinkedIn Fraudsters Are Now a Significant Threat (lien direct) |
|
Threat
|
|
|
|
2022-06-28 11:00:00 |
(Déjà vu) Try the new Compliance Audit Readiness Assessment today for the NIST Cybersecurity Framework (lien direct) |
|
|
|
|
|
2022-06-27 13:56:17 |
MetaMask Crypto Wallet Phishing (lien direct) |
|
|
|
|
|
2022-06-23 17:56:47 |
Amazon Prime Day 2022 is Coming: Here are Quick Cybersecurity Tips to Help You Stay Safe (lien direct) |
|
|
|
|
|
2022-06-23 17:30:50 |
Technology, Microlearning, and its Impact on Users and Cybersecurity (lien direct) |
Technology is everywhere in society these days from our communication, shopping, and commerce capabilities. Whether email, online purchases, or using the blockchain, it amounts to large amounts of data collected about people. All this data, while easy to store, is also harder to manage and protect. Users exhibit a variety of behaviors when interacting with this data, and technology tracks those behaviors to effectively identify a specific person based on geography, time, and frequency. |
|
|
|
|
2022-06-23 15:21:31 |
Pre-Hijacking of Online Accounts are the Latest Method for Attackers to Impersonate and Target (lien direct) |
|
|
|
|
|
2022-06-23 15:21:24 |
“Failure to Authenticate” Wire Transaction at the Heart of a Cyber Insurance Appeal Case (lien direct) |
|
|
|
|
|
2022-06-23 15:21:18 |
Phishing Scammers Leverage Telegraph\'s Loose Governance to Host Crypto and Credential Scams (lien direct) |
The free and unmonitored webpage publishing platform has been identified as being used in phishing scams dating back as early as mid-2019, as a key part to bypass security solutions. |
|
|
★★★★
|
|
2022-06-23 13:09:21 |
Vendor Impersonation Competing with CEO Fraud (lien direct) |
|
|
|
|
|
2022-06-23 11:05:35 |
[Heads Up] Russia has increases the cyber attacks against countries that help Ukraine (lien direct) |
The Wall Street Journal just reported that Russian intelligence agencies have increased the pace of cyberattacks against nations that have provided aid to Ukraine, according to new research published Wednesday by Microsoft, which said it had observed Moscow-backed hacking attempts in over 40 countries. |
|
|
|
|
2022-06-22 12:59:46 |
Spear Phishing Campaign Targets the US Military (lien direct) |
|
|
|
|
|
2022-06-21 13:15:06 |
FBI Warns of Fraudsters on LinkedIn (lien direct) |
|
|
|
|
|
2022-06-21 13:08:17 |
(Déjà vu) CyberheistNews Vol 12 #25 [Heads Up] Facebook Phishing Scam Steals Millions of Credentials (lien direct) |
|
|
|
|
|
2022-06-21 12:52:10 |
KnowBe4 June 2022 Perspective (lien direct) |
Information Security is mission-critical today.The global risk situation is higher than ever.Your employees are still your largest attack vector.New-school security awareness training is a -must-have- layer in your security stack.Compared to the risk, the subscription is a complete no-brainer. |
|
|
|
|
2022-06-20 14:12:52 |
Smishing Text Scams Have Doubled in the Last Three Years (lien direct) |
|
|
|
|
|
2022-06-20 14:12:11 |
New PDF-Based Phishing Attack Demonstrates that Office Docs Aren\'t Passé – They are Just Obfuscated! (lien direct) |
Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs. |
|
|
|
|
2022-06-20 14:12:04 |
Over 2000 Social Engineering Scammers Arrested in Multi-Country Crackdown on Fraud, BEC, and Money Laundering (lien direct) |
|
|
|
|
|
2022-06-20 14:11:58 |
Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target (lien direct) |
|
|
|
|
|
2022-06-20 14:11:30 |
142 Million Customer Records From MGM Resorts Leaked for Free Download (lien direct) |
|
|
|
|
|
2022-06-20 14:11:18 |
New Phishing Campaign Uses ChatBot Functionality to Build Trust and Steal Credit Card Details (lien direct) |
|
|
|
|
|
2022-06-20 14:11:02 |
The Next Evolution in Cyberattacks You Need to Worry About: AI (lien direct) |
|
|
|
|
|
2022-06-20 14:10:51 |
Less Than 40% of Asia-Pacific Organizations Are Confident to Stop Cyber Threats as 83% Experience At Least One Ransomware Attack a Year (lien direct) |
|
Ransomware
Threat
|
|
|
|
2022-06-16 13:54:29 |
Anna Collard, SVP Content Strategy & Evangelist, KnowBe4 Africa Has Been Acknowledged as a Global Influencer in Cyber (lien direct) |
IFSEC Global recently acknowledged our very own Anna Collard as a IFSEC Global Influencer in Security for 2022! She was one of the few nominated by a panel of highly respected judges, and can be found in the 'Cybersecurity Professionals' section. |
|
|
|
|
2022-06-16 12:43:51 |
A Closer Look at HR Scams: Does Niceness Have a Downside? (lien direct) |
|
|
|
|
|
2022-06-15 13:20:03 |
Spear Phishing Campaign Targets Former Israeli Officials (lien direct) |
|
|
|
|
|
2022-06-14 13:52:59 |
CyberheistNews Vol 12 #24 [Heads Up] What About the Risks of Your Password Manager? (lien direct) |
|
|
|
|
|
2022-06-14 13:19:28 |
Monkeypox Scams Continue to Increase (lien direct) |
|
|
|
|
|
2022-06-13 12:32:18 |
Facebook Phishing Scam Steals Millions of Credentials (lien direct) |
|
|
|
|
|
2022-06-09 16:02:12 |
Approaching Ransomware Victims Privately (lien direct) |
Researchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims' names after the initial attack, giving the victims a chance to pay up before the attack is publicized. This puts an additional layer of pressure on the victim to pay quickly, because it may allow them to avoid the reputational damage that's among the biggest threats a victim faces. If the victim refuses to pay, the attackers can then publish their name and threaten to release the stolen data. |
Ransomware
Threat
|
|
|
|
2022-06-09 14:13:18 |
What About Password Manager Risks? (lien direct) |
In KnowBe4's new Password Policy ebook, What Your Password Policy Should Be, we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly random 12-character or longer password is impervious to all known password guessing and cracking attacks. A human-created password has to be 20 characters or longer to get the same protection. Humans do not like creating or using very long (and sometimes also complex) passwords, so we recommend using a trusted password manager program instead. |
|
|
|
|
2022-06-08 13:23:51 |
Karakurt Adds Irritating Phone Calls to its Crimes (lien direct) |
|
|
|
|
|
2022-06-07 23:17:38 |
40% of CSOs say Their Organization is Not Prepared for Cyberattacks as Phishing is the Top Likely Cause of Breaches (lien direct) |
|
|
|
★★
|
|
2022-06-07 23:17:26 |
Old Dog, New Trick: Hackers Use Logons in URLs to Bypass Email Scanners (lien direct) |
|
|
|
|