What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-22 13:48:30 | Coinbase Attack Used Social Engineering (lien direct) |
Coinbase describes a targeted social engineering attack that led to the theft of some employee data. The attacker first sent smishing messages to several Coinbase employees, urging them to click a link and log in to their Coinbase work account. One employee fell for the attack, and the threat actor then attempted to use the victim's account to gain access to Coinbase's internal systems. Fortunately, the company's security solutions prevented this. |
Threat | ★★★ | |
|
2023-02-21 14:00:00 | CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach (lien direct) |
CyberheistNews Vol 13 #08 | February 21st, 2023
[Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach
There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a "sophisticated and highly-targeted" spear phishing attack.
I spend a lot of time talking about phishing attacks and the specifics that closely surround that pivotal action taken by the user once they are duped into believing the phishing email was legitimate.
However, there are additional details about the attack we can analyze to see what kind of access the attacker was able to garner from this attack. But first, here are the basics:
According to Reddit, an attacker set up a website that impersonated the company's intranet gateway, then sent targeted phishing emails to Reddit employees. The site was designed to steal credentials and two-factor authentication tokens.
There are only a few details from the breach, but the notification does mention that the threat actor was able to access "some internal docs, code, as well as some internal dashboards and business systems."
Since the notice does imply that only a single employee fell victim, we have to make a few assumptions about this attack:
The attacker had some knowledge of Reddit's internal workings – The fact that the attacker can spoof an intranet gateway shows they had some familiarity with the gateway's look and feel, and its use by Reddit employees.
The targeting of victims was limited to users with specific desired access – Given the knowledge about the intranet, it's reasonable to believe that the attacker(s) targeted users with specific roles within Reddit. From the use of the term "code," I'm going to assume the target was developers or someone on the product side of Reddit.
The attacker may have been an initial access broker – Despite the access gained that Reddit is making out to be not a big deal, they do also mention that no production systems were accessed. This makes me believe that this attack may have been focused on gaining a foothold within Reddit versus penetrating more sensitive systems and data.
There are also a few takeaways from this attack that you can learn from:
2FA is an important security measure – Despite the fact that the threat actor collected and (I'm guessing) passed the credentials and 2FA details onto the legitimate Intranet gateway-a classic man-in-the |
Data Breach Hack Threat Guideline | ChatGPT | ★★ |
|
2023-02-15 14:18:35 | New Survey Reveals Employees are the Attack Surface (lien direct) |
|
★★ | ||
|
2023-02-15 13:18:20 | Reddit is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach (lien direct) |
|
Data Breach | ★★ | |
|
2023-02-14 14:00:00 | CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake (lien direct) |
CyberheistNews Vol 13 #07 | February 14th, 2023
[Scam of the Week] The Turkey-Syria Earthquake
Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria.
Less than 24 hours after two massive earthquakes claimed the lives of tens of thousands of people, cybercrooks are already piggybacking on the horrible humanitarian crisis. You need to alert your employees, friends and family... again.
Just one example are scammers that pose as representatives from a Ukrainian charity foundation that seeks money to help those affected by the natural disasters that struck in the early hours of Monday.
There are going to be a raft of scams varying from blood drives to pleas for charitable contributions for victims and their families. Unfortunately, this type of scam is the worst kind of phishbait, and it is a very good idea to inoculate people before they get suckered into falling for a scam like this.
I suggest you send the following short alert to as many people as you can. As usual, feel free to edit:
[ALERT] "Lowlife internet scum is trying to benefit from the Turkey-Syria earthquake. The first phishing campaigns have already been sent and more will be coming that try to trick you into clicking on a variety of links about blood drives, charitable donations, or "exclusive" videos.
"Don't let them shock you into clicking on anything, or open possibly dangerous attachments you did not ask for! Anything you receive about this recent earthquake, be very suspicious. With this topic, think three times before you click. It is very possible that it is a scam, even though it might look legit or was forwarded to you by a friend -- be especially careful when it seems to come from someone you know through email, a text or social media postings because their account may be hacked.
"In case you want to donate to charity, go to your usual charity by typing their name in the address bar of your browser and do not click on a link in any email. Remember, these precautions are just as important at the house as in the office, so tell your friends and family."
It is unfortunate that we continue to have to warn against the bad actors on the internet that use these tragedies for their own benefit. For KnowBe4 customers, we have a few templates with this topic in the Current Events. It's a good idea to send one to your users this week.
Blog post with links:https://blog.knowbe4.com/scam-of-the-week-the-turkey-syria-earthquake
|
Ransomware Spam Threat Guideline | ChatGPT | ★★ |
|
2023-02-07 18:52:22 | Do Not Fall Victim to Cyber Attacks – Find Out What the Latest Hiscox Report Reveals! (lien direct) |
|
Studies | ★★★ | |
|
2023-02-07 13:26:47 | How Artificial Intelligence Can Make or Break Cybersecurity (lien direct) |
|
★★★ | ||
|
2023-02-02 21:31:58 | Yahoo Suddenly Rises in Popularity in Q4 to Become the Most Impersonated Brand in Phishing Attacks (lien direct) |
|
Yahoo Yahoo | ★★ | |
|
2023-02-02 21:31:56 | Initial Access Brokers Leverage Legitimate Google Ads to Gain Malicious Access (lien direct) |
|
★★ | ||
|
2023-02-01 14:24:06 | Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen? (lien direct) |
|
Hack | ChatGPT | ★★ |
|
2023-01-31 20:04:22 | Ransomware Targets are Getting Larger and Paying More as Fewer Victims Are Paying the Ransom (lien direct) |
|
Ransomware | ★★★ | |
|
2023-01-31 20:04:16 | Microsoft OneNote Attachments Become the Latest Method to Spread Malware (lien direct) |
|
Malware | ★★ | |
|
2023-01-30 13:52:25 | Russian and Iranian Spear Phishing Campaigns are Running Rampant in the UK (lien direct) |
The UK's National Cyber Security Centre (NCSC) has described two separate spear phishing campaigns launched by Russia's SEABORGIUM threat actor and Iran's TA453 (also known as Charming Kitten). The NCSC says both threat actors have targeted entities in the UK, including “academia, defence, governmental organisations, NGOs, think-tanks, as well as politicians, journalists, and activists." |
Threat Conference | APT 35 | ★★ |
|
2023-01-25 18:23:12 | Do Not Get Fooled Twice: Mailchimp\'s Latest Breach Raises Alarm Bells – Protect Yourself Now! (lien direct) |
For the second time in less than a year, Mailchimp has found itself in a precarious situation, having to admit that it has been breached. It appears that a social engineering attack tricked Mailchimp employees and contractors into giving up their login credentials, which were then used to access 133 Mailchimp accounts. |
★★ | ||
|
2023-01-25 15:50:54 | [Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal (lien direct) |
![[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal](https://blog.knowbe4.com/hubfs/Screen%20Shot%202023-01-25%20at%209.40.35%20AM.png)
In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his career. In the episode, Roger discusses his early days of malware disassembly, the trials and tribulations of public speaking, and his magnum opus, his book about data-driven defense. |
Malware | ★★ | |
|
2023-01-25 15:49:17 | Phishing Campaign Impersonates Japanese Rail Company (lien direct) |
|
★★ | ||
|
2023-01-24 18:14:53 | (Déjà vu) 2022 Report Confirms Business-Related Phishing Emails Trend [INFOGRAPHIC] (lien direct) |
![2022 Report Confirms Business-Related Phishing Emails Trend [INFOGRAPHIC]](https://blog.knowbe4.com/hubfs/Q42022-SOCIAL.jpg)
KnowBe4's latest reports on top-clicked phishing email subjects have been released for 2022 and Q4 2022. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, top attack vector types, and holiday email phishing subjects. |
Prediction | ★★★★★ | |
|
2023-01-20 13:59:19 | Blank-Image Attacks Impersonate DocuSign (lien direct) |
|
★ | ||
|
2023-01-20 12:03:01 | [Eye Popper] Ransomware Victims Refused To Pay Last Year (lien direct) |
![[Eye Popper] Ransomware Victims Refused To Pay Last Year](https://blog.knowbe4.com/hubfs/Ransomware-payments-graphic-courtesy-chainalysis-1.png)
|
Ransomware | ★ | |
|
2023-01-17 14:00:00 | (Déjà vu) CyberheistNews Vol 13 #03 [Eye Opener] Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them (lien direct) |
|
★ | ||
|
2023-01-17 13:51:45 | Cyberinsurer Beazley Introduces a $45M Cyber Catastrophe Bond to Offset Risk (lien direct) |
|
★★ | ||
|
2023-01-17 13:15:27 | Is Your Organization\'s Password Complexity Requirement Strong Enough? Probably Not (lien direct) |
|
★★ | ||
|
2023-01-16 14:21:53 | [New Feature] Continuously Monitor for Any Detected Password Vulnerabilities Within Your User Base with PasswordIQ (lien direct) |
![[New Feature] Continuously Monitor for Any Detected Password Vulnerabilities Within Your User Base with PasswordIQ](https://blog.knowbe4.com/hubfs/Password-IQ-SM-1-noCTA.jpg)
|
★★★ | ||
|
2023-01-10 21:43:49 | Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them (lien direct) |
|
★★★ | ||
|
2023-01-09 15:36:23 | The Good, the Bad and the Truth About Password Managers (lien direct) |
|
★★★ | ||
|
2023-01-06 13:51:44 | Ransomware and Fraudulent Funds Transfer are the Two Main Drivers of Cyber Loss (lien direct) |
|
Ransomware | ★★ | |
|
2023-01-05 13:34:42 | Phishing Campaigns Impersonate the UK Government (lien direct) |
|
★★★ | ||
|
2023-01-05 13:32:40 | These grim figures show that the ransomware problem isn\'t going away (lien direct) |
|
Ransomware | ★★ | |
|
2023-01-04 14:30:00 | CyberheistNews Vol 13 #01 [Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks (lien direct) |
|
LastPass | ★★ | |
|
2022-12-29 15:22:48 | Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks (lien direct) |
|
Studies | ★★ | |
|
2022-12-28 19:27:36 | [Heads Up] LastPass Attack Could Supercharge Spear Phishing Attacks (lien direct) |
![[Heads Up] LastPass Attack Could Supercharge Spear Phishing Attacks](https://blog.knowbe4.com/hubfs/Roger-Grimes-HD_Cutout.png)
|
LastPass | ★★ | |
|
2022-12-28 14:30:15 | CyberheistNews Vol 12 #52 [Heads Up] Top 10 Cyber Security Predictions for Next Year. Read It, This Is a Good One (lien direct) |
|
★★ | ||
|
2022-12-28 12:15:35 | [Eye Opener] Insurance policy doesn\'t cover ransomware attack, Ohio Supreme Court says (lien direct) |
|
Ransomware | ★★★ | |
|
2022-12-27 14:24:49 | Attackers Pose as Facebook Support Using Legitimate Facebook Posts to Bypass Security Solutions (lien direct) |
|
★ | ||
|
2022-12-27 14:20:16 | (Déjà vu) QBot Malware Attacks Use SVG files to Perform HTML Smuggling (lien direct) |
|
Malware | ★ | |
|
2022-12-22 21:17:28 | Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes (lien direct) |
|
★★★ | ||
|
2022-12-22 14:44:21 | New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable” (lien direct) |
|
Malware | ★★ | |
|
2022-12-21 13:59:29 | XLL Files Used to Deliver Malware (lien direct) |
|
Malware | ★★★ | |
|
2022-12-16 13:15:38 | Hospitals Warned of Royal Ransomware Attacks by U.S. Department of Health (lien direct) |
|
Ransomware | ★★ | |
|
2022-12-14 19:02:41 | Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase (lien direct) |
|
Malware | ★★ | |
|
2022-12-14 11:12:35 | (Déjà vu) Ughh. FBI\'s Vetted Threat Sharing Network \'InfraGard\' Hacked (lien direct) |
Investigative reported Brian Krebs reported December 13, 2022 that "InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online - using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself." |
Threat | ★ | |
|
2022-12-08 21:33:45 | New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach (lien direct) |
|
★★★ | ||
|
2022-12-07 15:44:35 | Cyber Insurers Focus on Catastrophic Attacks and Required Minimum Defenses as Premiums Double (lien direct) |
|
★★★ | ||
|
2022-12-07 15:44:32 | Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware (lien direct) |
|
Malware | ★★★ | |
|
2022-12-06 14:30:00 | CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams (lien direct) |
CyberheistNews Vol 12 #49 | December 6th, 2022
[Keep An Eye Out] Beware of New Holiday Gift Card Scams
By Roger A. Grimes
Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something.
The gift card market is estimated in the many hundreds of BILLIONS of dollars. Who doesn't like to get a free gift card? Unfortunately, scammers often use gift cards as a way to steal value from their victims. There are dozens of ways gift cards can be used by scammers to steal money.
Roger covers these three scams in a short [VIDEO] and in detail on the KnowBe4 blog:
You Need to Pay a Bill Using Gift Cards
Maliciously Modified Gift Cards in Stores
Phish You for Information to Supposedly Get a Gift Card
Blog post with 2:13 [VIDEO] and links you can share with your users and family:https://blog.knowbe4.com/beware-of-holiday-gift-card-scams
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.
Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.
NEW! KnowBe4 Mobile Learner App - Users Can Now Train Anytime, Anywhere!
NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers
NEW! AI-Driven phishing and training recommendations for your end users
Did You Know? You can upload your own training video and SCORM modules into your account for home workers
Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes
Find out how 50,000+ organizations have mobilized their end-users as their human firewall.
Date/Time: TOMORROW, Wednesday, December 7 @ 2:00 PM (ET)
Save My Spot!https://event.on24.com/wcc/r/3947028/0273119CCBF116DBE42DF81F151FF99F?partnerref=CHN3
|
Ransomware Data Breach Spam Hack Tool Guideline | ★★★ | |
|
2022-12-02 17:36:53 | Latest Netflix-Impersonated Phishing Attacks Surge in Frequency by 78% Since October (lien direct) |
|
★★ | ||
|
2022-12-02 17:36:35 | Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations (lien direct) |
|
Ransomware | ★★ | |
|
2022-11-26 20:29:06 | WhatsApp data breach sees nearly 500 million user records up for sale (lien direct) |
|
Data Breach | ★★ | |
|
2022-11-25 20:39:41 | Cybersecurity incidents cost organizations $1,197 per employee, per year (lien direct) |
|
Studies | ★★★★★ | |
|
2022-11-22 14:36:16 | New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims (lien direct) |
|
★★★ |
To see everything:
Our RSS (filtrered)
