What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-19 13:33:29 | A Cyberespionage Group Uses Social Engineering (lien direct) |
A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro. |
Threat | ||
|
2022-01-18 20:04:43 | (Déjà vu) CyberheistNews Vol 12 #03 FBI: Beware of a New Google Voice Authentication Scam – Even if You Don\'t Use Google Voice! (lien direct) |
|
|||
|
2022-01-18 16:59:26 | North Korean Cryptocurrency Theft Relies on Social Engineering (lien direct) |
A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang's Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers at Kaspersky have found. The campaign, “SnatchCrypto,” is using malicious documents to gain access to internal communications, then using social engineering to manipulate employees. |
Threat Medical | APT 38 APT 28 | |
|
2022-01-17 13:00:00 | KnowBe4 Named a 2021 Gartner Peer Insights™ Customers\' Choice for Security Awareness Computer-Based Training (lien direct) |
KnowBe4 is excited to announce that we have been recognized as an overall Customers' Choice in the December 2021 Gartner Peer Insights 'Voice of the Customer': Security Awareness Computer-Based Training Report. KnowBe4 also received two additional category distinctions across Company Size and Deployment Region, including Customers' Choice Midsize Enterprise and Customers' Choice North America. |
|||
|
2022-01-14 13:27:37 | Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse (lien direct) |
We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is beginning to happen now and will make us wish for the good, old days of Ransomware 2.0. |
Ransomware | ||
|
2022-01-13 20:08:08 | Fifty FIFA eSports Accounts Were Hacked Via Social Engineering (lien direct) |
Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company's customer service employees. |
|||
|
2022-01-12 17:11:13 | FBI: Beware of a New Google Voice Authentication Scam – Even if You Don\'t Use Google Voice! (lien direct) |
A new advisory warns of a scam that can affect literally anyone designed as a precursor to additional vishing scams and/or to perform Gmail account takeovers. |
|||
|
2022-01-12 17:11:06 | Payment Fraud Moves to the Real World with Fake QR Codes on Parking Meters (lien direct) |
Scammers are using the professional-looking stickers to point those parking to an alternate pay site to collect credit card details in the perfect situation where victims would be none the wiser. |
|||
|
2022-01-12 15:31:17 | U.S. Government Warns of More Cyberattacks Targeting Critical Infrastructure (lien direct) |
A new joint cybersecurity advisory from CISA, the FBI, and the NSA cautions organizations against Russian-based attacks and provides mitigations to be implemented. |
|||
|
2022-01-12 14:37:22 | It\'s a Fact: Cyberattacks Continue Because Your Users Forget (lien direct) |
The weakest part of your cybersecurity can be identified by looking at how cyberattacks take place, and how well your defenses stand up. But did you know the answer comes from the year 1885? |
|||
|
2022-01-12 14:37:18 | “Information Disorder”: Giving a Name to One of the Most Impactful Parts of Phishing Scams (lien direct) |
At the core of every phishing scam is a combination of a bunch of lies and (sometimes) a few truths. A new focus on better defining the misuse of information provides insight into why phishing works. |
|||
|
2022-01-12 14:37:15 | Over 200 Ransomware Strains Detected in Last Part of 2021 (lien direct) |
With the news focused on just a few key ransomware strains, it's understandable to think you'll never be a target. But newly-released data shows who's doing the attacking and who's being targeted. |
Ransomware | ||
|
2022-01-12 13:00:00 | KnowBe4 Named a Leader in the Winter 2022 G2 Grid Report for Security Awareness Training (lien direct) |
The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence. |
Guideline | ||
|
2022-01-11 14:52:45 | Business Email Compromise Attack Leads to Millions in Non-Profit Loss (lien direct) |
A business email compromise attack at Illinois's Office of the Special Deputy Receiver led to a loss of $6.85 million, Ray Long at the Chicago Tribune reports. Long describes the Office as “a nonprofit that works with the director of the Illinois Department of Insurance and exists largely to protect creditors and policyholders of financially troubled or insolvent insurance companies.” |
Guideline | ||
|
2022-01-11 14:31:56 | CyberheistNews Vol 12 #02 [Eye Opener] 3 Tips To Pass Your Certified Security Awareness and Culture Professional (SACP) Exam (lien direct) |
|
|||
|
2022-01-07 13:23:08 | Ransomware Attacks Could Result in Higher Cybersecurity Stocks (lien direct) |
Ransomware attacks have been dominant for hackers. And according to Investor's recent article, this means good news for cybersecurity stocks. |
|||
|
2022-01-07 13:00:00 | Your KnowBe4 Fresh Content Updates from December 2021 (lien direct) |
Check out the 38 new pieces of training content added in December, alongside the always fresh content update highlights and new features. |
|||
|
2022-01-06 19:20:00 | Hive Ransomware-as-a-Service Races to the Top as Affiliates Breach 350 Organizations in Just 4 Months (lien direct) |
A mere blip on the ransomware radar a quarter ago, the massive onslaught of attacks using Hive Ransomware demonstrates how dangerous the “as-a-Service” model really is. |
Ransomware | ||
|
2022-01-06 19:19:54 | Over 1200 Man-in-the-Middle Phishing Toolkits Designed to Intercept 2FA Found in the Wild (lien direct) |
An academic partnership between Stony Brook University and Palo Alto Networks uncovered a massive use of tools that will steal authentication cookies mid-stream instead of credentials. |
|||
|
2022-01-06 19:19:37 | 121 Brands Impersonated in Massive 91-Country Survey-Turned-Fraud Scam (lien direct) |
With an estimated take of over $80 million a month, this scam uses new evasive tactics designed to make detection and investigation of these attacks difficult at best. |
|||
|
2022-01-06 18:20:04 | Obvious, but Probably Effective: Konni RAT Screensaver (lien direct) |
A North Korean threat actor is targeting users in Russia with a New Year's Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say the campaign “started at least from August 2021 aimed at Russian targets operating in the diplomatic sector.” The researchers note that the threat actor used a ZIP file in this spear phishing attack, as opposed to a document with malicious macros. |
Threat | ||
|
2022-01-06 18:17:59 | New York State Warns of Credential Stuffing (lien direct) |
New York Attorney General Letitia James has released a guide to help businesses defend themselves against credential stuffing attacks. Credential stuffing is a type of brute-force attack in which attackers use automation to test stolen usernames and passwords against many different websites. New York's advisory explains that credential stuffing “leverages the natural human tendency to reuse passwords to cope with the ever-growing number of online accounts that must be managed. Attackers know that the username and password used at one website may also be used at a half-dozen others.” |
|||
|
2022-01-05 14:17:59 | CyberheistNews Vol 12 #01 [Heads Up] New Omicron-Themed Phishing Attack is Now Running Rampant (lien direct) |
|
|||
|
2022-01-04 15:04:02 | Cryptocurrency Scam Profits Jump 81% in 2021 to $7.7 Billion (lien direct) |
Despite a massive drop in crypto scams in 2020 due to the pandemic, a new report highlights the massive growth in crypto scams… and the profitable results they're yielding. |
|||
|
2022-01-04 15:03:58 | Reducing Stress with CBD Is the Latest Theming for Phishing Attacks (lien direct) |
Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to help with their ailments. |
|||
|
2022-01-04 15:03:54 | Copyright Infringement Notice to Instagram Users Serves as Newest Phishbait (lien direct) |
Scammers are sending phony accusations of copyright infringement to Instagram users in a new phishing attack, Paul Ducklin writes at Naked Security. The scammers are taking advantage of the fact that many Instagram pages with large followings are concerned about being banned for posting copyrighted content. |
|||
|
2022-01-04 15:03:50 | Shoulder Surfing is Still a Thing for Successful Social Engineering Attacks (lien direct) |
Social engineering isn't concerned with either novelty or elegance. All that matters is whether it works. ESET's Jake Moore described a case in point for We Live Security: all someone might need to gain access to your snapchat account is look over your shoulder at the right moment, just like the kid at the next desk trying to cheat on a test back in elementary school. |
|||
|
2022-01-01 16:59:12 | 2022 Resolution: "I\'ll Be A Certified Security Awareness and Culture Professional (SACP)™" (lien direct) | Threat Guideline | |||
|
2021-12-30 20:58:38 | Amazon Token Crypto “Presale” Scam Takes Advantage of News Hype and Steals Your Real Cryptocurrency (lien direct) |
The growing interest in new cryptocurrencies and the potential to get in early on Amazon's supposedly forthcoming crypto has scammers taking victims for thousands of dollars. |
|||
|
2021-12-30 20:58:33 | New “Karakurt” Threat Group is Gaining Attention Through Multiple and Frequent Extortion Attacks (lien direct) |
A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware. |
Threat | ||
|
2021-12-29 16:01:30 | Omicron-Themed Phishing Campaign is Running Rampant (lien direct) |
A mean-spirited phishing campaign is mocking victims after infecting their devices with Dridex malware, according to Lawrence Abrams at BleepingComputer. |
|||
|
2021-12-29 16:01:23 | Organizations Worldwide Experience Over 722 Million Attacks in the Last 30 Days! (lien direct) |
Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening. |
|||
|
2021-12-29 16:01:12 | (Déjà vu) 5 Notable Obscure Phishing Scams (lien direct) |
I love that KnowBe4's customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4's products help its customers to educate and test which scams a worker will easily recognize and which ones they need more education on. KnowBe4's product helps administrators figure out exactly who needs more education and on what topics. We know that customers who frequently educate and test their co-workers reduce cybersecurity risk lower than those that do not. |
|||
|
2021-12-29 16:01:00 | Conti Ransomware Affiliate Attacks Australian Utilities Giant\'s Corporate Network (lien direct) |
While news reports indicate no impact to the utilities company's ability to deliver electricity to its' customers, this could be the start of attacks on critical infrastructure in Australia. |
Ransomware | ||
|
2021-12-29 16:00:50 | Google Takes a Step Towards Reducing the Use of Calendar Invitations as Phishing Tools (lien direct) |
Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim's calendar to lower the malicious value of an invite. |
|||
|
2021-12-29 14:36:00 | CyberheistNews Vol 11 #51 [Heads Up] Phishing Attacks Remain the Top Type of Cybersecurity Breach This Year (lien direct) |
|
|||
|
2021-12-28 18:28:54 | West Virginia Healthcare Breach Traced to Phishing (lien direct) |
Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information. |
Data Breach | ||
|
2021-12-28 16:19:30 | The Impacts of Phishing Attacks (lien direct) |
More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a malware phishing attack. |
Malware | ||
|
2021-12-23 21:17:23 | New Nigerian Phishing Scams Target U.S. Military Families with Needed “Services” (lien direct) |
With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more. |
|||
|
2021-12-23 21:17:00 | Office 365 “Spam Notification” Phishing Emails Seek to Capture Credentials (lien direct) |
A new campaign spotted in the wild uses a tried-and-true method of convincing victims to provide their Office 365 logon credentials to be used in future attacks. |
|||
|
2021-12-23 17:07:22 | U.K. Workers Aren\'t Concerned about Company Cybersecurity Despite 60% Having Been Victims of a Cyberattack (lien direct) |
New data shows a huge disparity between the likelihood of cyberattack against U.K. organizations and their employee's cybersecurity awareness and vigilance. |
|||
|
2021-12-23 16:39:19 | One-Third of Phishing Pages Are Inactive After Just One Day (lien direct) |
We've always known phishing scammers work very quickly, moving from campaign to campaign, but new data indicates some scammers are moving on in terms of literally hours. |
|||
|
2021-12-23 16:38:50 | Canadian Government Urges Organizations to Take Additional Steps to Protect Against Ransomware Attacks (lien direct) |
Citing upticks in attacks, Canada's Centre for Cyber Security asks organizations to step up protective measures, offering guidance and a playbook to improve security. |
Ransomware | ||
|
2021-12-23 14:06:46 | Having an Efficient Security Awareness Training Program (lien direct) |
I love that KnowBe4's customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4's products help its customers to educate and test what scams a worker will easily recognize and which ones they need more education on. KnowBe4's product helps administrators figure out exactly who needs more education and on what topics. We know that customers who more consistently and frequently educate and test their co-workers reduce cybersecurity risk lower than those who do not. |
★★★★★ | ||
|
2021-12-22 17:00:01 | [Scam of the Week] Black Friday & Cyber Monday Cybersecurity Tips 2021 (lien direct) |
Cybercriminals are at it again with holiday phishing scams. Because of the popularity of online shopping, retailers' online Black Friday deals attract more and more scammers every year. Cyber Monday will also mean big online sales. That means you and your users need to be extra cautious when shopping online over the Black Friday and Cyber Monday weekend. |
|||
|
2021-12-21 16:51:13 | With KnowBe4\'s Phish Alert Button, You Can Now Collect Feedback from Your Users When They Report Suspicious Emails (lien direct) |
We are excited to announce the availability of KnowBe4's enhanced Phish Alert Button for Microsoft 365 with the new User Comments feature! |
|||
|
2021-12-21 15:20:31 | Phishing Campaign Impersonates Pfizer (lien direct) |
A phishing campaign is impersonating Pfizer with phony request-for-quotation (RFQ) emails, according to Roger Kay at INKY. The email lures had fairly convincing PDF attachments that didn't contain any malicious links or malware, and instead prompted the user to reach out to the scammer for more details. |
|||
|
2021-12-21 14:20:08 | (Déjà vu) CyberheistNews Vol 11 #50 [EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Defense Is Successful (lien direct) |
|
|||
|
2021-12-20 20:14:15 | Phishing Remains Top Form of Cybersecurity Breach in 2021 (lien direct) |
Over half of organizations say they've experienced a cybersecurity breach caused by phishing in the last 12 months, dwarfing the second-place breach cause (malware) by almost 30%. |
|||
|
2021-12-20 20:13:47 | Double Extortion Ransomware Attacks That Publish Victim Data Increase 935% (lien direct) |
According to new data, the number of victim companies impacted by double extortion has jumped from 229 by the first half of 2020 to nearly 2400 by the first half of 2021. |
Ransomware |
To see everything:
Our RSS (filtrered)
