What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-20 20:13:11 | Embedded Email Attacks Are on the Rise and Aren\'t Being Detected by Security Solutions (lien direct) |
This classic tactic is making a comeback and is elegantly simple to execute, yet sufficiently complex enough to keep email scanning solutions from seeing it as malicious. |
|||
|
2021-12-20 16:56:12 | Spam Calling Rates Spike Globally (lien direct) |
Spam calls in the US spiked in October, according to Truecaller's annual Global Spam Report. The report observed that Truecaller customers in the US received 3,115,861 spam calls in October. The researchers note that a user in the US receives an average of 4.8 spam calls per month, totalling approximately 1.4 billion calls across the country every month. |
Spam | ||
|
2021-12-20 15:53:58 | Whitelisting On Known Headers Not Recommended (lien direct) |
We found a discussion on Twitter about this topic and we thought it would be useful to provide to provide the correct technical background related to whitelisting. |
|||
|
2021-12-16 21:27:59 | (Déjà vu) [EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Defense Is Successful (lien direct) |
![[EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Defense Is Successful](https://blog.knowbe4.com/hubfs/arvixdotorg.jpg)
A Swiss phishing study involving roughly 15,000 participants in a 15-month experiment produced some interesting results. The study was run by researchers at ETH Zurich, working together with a company that remained anonymous.
The company did not inform their employees about the simulated phishing program they were going to be part of. The four goals of the study were to determine: |
|||
|
2021-12-16 21:27:59 | [EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Alerts Is Successful (lien direct) |
A Swiss phishing study involving roughly 15,000 participants in a 15-month experiment produced some interesting results. The study was run by researchers at ETH Zurich, working together with a company that remained anonymous. The company did not inform their employees about the simulated phishing program they were going to be part of. The four goals of the study were to determine: |
|||
|
2021-12-16 17:44:04 | $148 Million Lost to Gift Card Scams in 2021 (So Far) (lien direct) |
A US Federal Trade Commission (FTC) data spotlight has found that people in the US lost $148 million to gift-card-related scams in the first nine months of 2021. The spotlight also found that median reported losses from these scams increased from $700 to $1,000 throughout the same period. |
|||
|
2021-12-15 21:24:13 | NSA: Cyberattacks are Putting the “Security of our Nation” at Stake (lien direct) |
When most see cyberattacks as something that is impactful at the organizational level, the head of the National Security Agency sees cyberattacks as being a threat to the entire nation. |
Threat | ||
|
2021-12-15 21:24:05 | The Evolving State of Cyber Insurance May Indicate More Scrutiny for IT and Security Teams (lien direct) |
The need to balance offering coverage for cyber incidents with maintaining a profit has cyber insurers rethinking how they will approach measuring insured risk and exposure. |
|||
|
2021-12-15 21:24:01 | Over 1000 Arrests and $27 Million Intercepted in Massive INTERPOL Sting Operation (lien direct) |
Bringing together specialized police units from 20 countries, Operation HAECHI-II targeted those involved in online fraud, romance scams, investment fraud and money laundering. |
|||
|
2021-12-15 21:23:55 | Netflix is the Latest Impersonated Brand in Ongoing Subscriber Targeting Scams (lien direct) |
With the increased interest in and availability of movie and TV streaming services, plenty of new scams are popping up attempting to steal personal details and credit card information. |
|||
|
2021-12-15 18:31:44 | Wall Street Journal article: "Shaming Employees For Phishing is Counterproductive" (lien direct) |
Shaming employees for falling for phishing attacks is the wrong approach, according to Dr. Karen Renaud, a chancellor's fellow at the University of Strathclyde. In an article for the Wall Street Journal, Renaud described a study she conducted alongside fellow researchers Rosalind Searle and Marc Dupuis in which the researchers asked people if they had ever been responsible for a cybersecurity incident at work, and how their management responded. |
|||
|
2021-12-15 14:59:45 | Log4j vulnerability - KnowBe4 Not Affected (lien direct) |
KnowBe4 is aware of the recent log4j vulnerability (CVE-2021-44228) and has been investigating this issue in-depth. We can confirm that no KnowBe4 products are affected by this at this time and therefore no actions are required to be taken by our customers. |
Vulnerability | ★★ | |
|
2021-12-14 19:19:57 | Answer 4 Questions To Avoid a Social Engineering Attack (lien direct) |
I am usually not a man of a few words. I am the opposite. I write hundreds of pages a month and talk non-stop in person. But lately, I have been trying to be better at saying more with less. With that in mind, I tried to boil down social engineering attacks in as few words as possible. |
|||
|
2021-12-14 14:35:53 | CyberheistNews Vol 11 #49 [HEADS UP] Tricky New TSA PreCheck Scam Steals Your Personal and Credit Card Details (lien direct) |
![CyberheistNews Vol 11 #49 [HEADS UP] Tricky New TSA PreCheck Scam Steals Your Personal and Credit Card Details](https://blog.knowbe4.com/hubfs/CHN-Social.jpg)
|
|||
|
2021-12-14 13:45:50 | The Unbearable Lightness of Phishing Pages (lien direct) |
Researchers at Kaspersky have found that most phishing pages are active for less than one day, with many of them going offline after just a few hours. Most of these short-lived pages were set up through hosting providers. |
|||
|
2021-12-13 14:09:38 | Socially Engineering Your Way to Customer Data (lien direct) |
US telecommunications company Cox Communications has disclosed a data breach that exposed some customers' information, BleepingComputer reports. The company said in a breach notification letter that an attacker was able to gain access to some customer accounts after using social engineering tactics to impersonate a Cox employee. |
Data Breach | ||
|
2021-12-09 21:00:15 | 2021 Security Hints & Tips for Holiday Travels (lien direct) |
The holiday season may be closer to "normal" this year, and that means your users will be even more focused on holiday activities - including travel. Cybercriminals will undoubtedly be using relevant social engineering tactics to take advantage of people that have been cooped up the last two years. In fact, the FBI recently sent a warning to beware of travel scams during the holidays. |
|||
|
2021-12-09 13:46:20 | Real Cyberattack as Phishbait for a Scammer (lien direct) |
Scammers are exploiting a real “cyber incident” at a Riverhead New York high school to send out robocalls that claim to be coming from the local police department, RiverheadLOCAL reports. |
|||
|
2021-12-08 15:47:28 | Credential-Harvesting Phishing Campaign Urges Review of Spam (lien direct) |
Researchers at MailGuard have observed a phishing campaign that's using phony “spam notification” emails that purport to come from Microsoft Office 365. The emails tell recipients that an important-looking email has been sent to their spam folder, and they'll need to click a link to view the supposed message. |
Spam | ||
|
2021-12-07 15:53:12 | Victims: After a Data Breach, Changing Passwords and Good Password Hygiene Remain Unimportant (lien direct) |
New shocking data shows how unconcerned victim users are after being notified of a data breach involving their credentials, personal information, and even social media accounts. |
Data Breach | ||
|
2021-12-07 15:53:06 | New TSA PreCheck Scam Seeks to Collect Your Personal and Credit Card Details (lien direct) |
Doing one of the best jobs impersonating a website ever seen, this new scam attempts to take those renewing or initially signing up through a believable process that most would fall for. |
|||
|
2021-12-07 15:52:59 | Half of All Organizations Have Had Employees Approached to Aid in Ransomware Attacks (lien direct) |
Partially due to the shift to working remotely, cybercriminals are finding some resemblance of success in getting internal assistance, begging the question of what to do about it. |
Ransomware | ||
|
2021-12-07 15:15:15 | SideCopy: How an Intelligence Service Uses Phishbait (lien direct) |
Researchers at Malwarebytes offer more details on a spear phishing campaign run by a Pakistani threat actor that's come to be known as “SideCopy.” The campaign was first reported by Facebook earlier this year. |
Threat | ||
|
2021-12-07 14:27:41 | CyberheistNews Vol 11 #48 [Heads Up] Morgan Stanley Warns Against Recent “Brushing Scam” (lien direct) |
|
|||
|
2021-12-06 21:14:54 | Conducting Data Protection Impact Assessments on Your Cloud Environments (lien direct) |
Whether you're creating a new product, going through mergers & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk. |
Guideline |
To see everything:
Our RSS (filtrered)
