What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-28 13:00:00 | Cyberheistnews Vol 13 # 13 [Oeil Overner] Comment déjouer les attaques de phishing basées sur l'IA sournoises [CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks] (lien direct) |
CyberheistNews Vol 13 #13 | March 28th, 2023
[Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks
Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO.
"A leader tasked with cybersecurity can get ahead of the game by understanding where we are in the story of machine learning (ML) as a hacking tool," Tyson writes. "At present, the most important area of relevance around AI for cybersecurity is content generation.
"This is where machine learning is making its greatest strides and it dovetails nicely for hackers with vectors such as phishing and malicious chatbots. The capacity to craft compelling, well-formed text is in the hands of anyone with access to ChatGPT, and that\'s basically anyone with an internet connection."
Tyson quotes Conal Gallagher, CIO and CISO at Flexera, as saying that since attackers can now write grammatically correct phishing emails, users will need to pay attention to the circumstances of the emails.
"Looking for bad grammar and incorrect spelling is a thing of the past - even pre-ChatGPT phishing emails have been getting more sophisticated," Gallagher said. "We must ask: \'Is the email expected? Is the from address legit? Is the email enticing you to click on a link?\' Security awareness training still has a place to play here."
Tyson explains that technical defenses have become very effective, so attackers focus on targeting humans to bypass these measures.
"Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. "This is where we can install a tripwire in our mindsets: we should be hyper aware of what it is we are acting upon when we act upon it.
"Not until an employee sends a reply, runs an attachment, or fills in a form is sensitive information at risk. The first ring of defense in our mentality should be: \'Is the content I\'m looking at legit, not just based on its internal aspects, but given the entire context?\' The second ring of defense in our mentality then has to be, \'Wait! I\'m being asked to do something here.\'"
New-school security awareness training with simulated phishing tests enables your employees to recognize increasingly sophisticated phishing attacks and builds a strong security culture.
Remember: Culture eats strategy for breakfast and is always top-down.
Blog post with links:https://blog.knowbe4.com/identifying-ai-enabled-phishing
|
Ransomware Malware Hack Tool Threat Guideline | ChatGPT ChatGPT | ★★★ |
|
2023-03-14 13:00:00 | CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears (lien direct) |
CyberheistNews Vol 13 #11 | March 14th, 2023
[Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears
Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes.
I'm giving you a short extract of the story and the link to the whole article is below.
"Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service.
"In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential info, client data, source code, or regulated information to the LLM.
"In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance company.
"And as more employees use ChatGPT and other AI-based services as productivity tools, the risk will grow, says Howard Ting, CEO of Cyberhaven.
"'There was this big migration of data from on-prem to cloud, and the next big shift is going to be the migration of data into these generative apps," he says. "And how that plays out [remains to be seen] - I think, we're in pregame; we're not even in the first inning.'"
Your employees need to be stepped through new-school security awareness training so that they understand the risks of doing things like this.
Blog post with links:https://blog.knowbe4.com/employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears
[New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blockl |
Ransomware Data Breach Spam Malware Threat Guideline Medical | ChatGPT ChatGPT | ★★ |
|
2023-03-10 14:46:12 | Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets (lien direct) |
|
Malware | ★★ | |
|
2023-02-28 14:00:00 | CyberheistNews Vol 13 #09 [Eye Opener] Should You Click on Unsubscribe? (lien direct) |
CyberheistNews Vol 13 #09 | February 28th, 2023
[Eye Opener] Should You Click on Unsubscribe?
By Roger A. Grimes.
Some common questions we get are "Should I click on an unwanted email's 'Unsubscribe' link? Will that lead to more or less unwanted email?"
The short answer is that, in general, it is OK to click on a legitimate vendor's unsubscribe link. But if you think the email is sketchy or coming from a source you would not want to validate your email address as valid and active, or are unsure, do not take the chance, skip the unsubscribe action.
In many countries, legitimate vendors are bound by law to offer (free) unsubscribe functionality and abide by a user's preferences. For example, in the U.S., the 2003 CAN-SPAM Act states that businesses must offer clear instructions on how the recipient can remove themselves from the involved mailing list and that request must be honored within 10 days.
Note: Many countries have laws similar to the CAN-SPAM Act, although with privacy protection ranging the privacy spectrum from very little to a lot more protection. The unsubscribe feature does not have to be a URL link, but it does have to be an "internet-based way." The most popular alternative method besides a URL link is an email address to use.
In some cases, there are specific instructions you have to follow, such as put "Unsubscribe" in the subject of the email. Other times you are expected to craft your own message. Luckily, most of the time simply sending any email to the listed unsubscribe email address is enough to remove your email address from the mailing list.
[CONTINUED] at the KnowBe4 blog:https://blog.knowbe4.com/should-you-click-on-unsubscribe
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, March 1, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approac |
Malware Hack Tool Vulnerability Threat Guideline Prediction | APT 38 ChatGPT | ★★★ |
|
2023-02-23 16:28:45 | Malware Report: The Number of Unique Phishing Emails in Q4 Rose by 36% (lien direct) |
|
Malware | ★★★ | |
|
2023-01-31 20:04:16 | Microsoft OneNote Attachments Become the Latest Method to Spread Malware (lien direct) |
|
Malware | ★★ | |
|
2023-01-25 15:50:54 | [Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal (lien direct) |
![[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal](https://blog.knowbe4.com/hubfs/Screen%20Shot%202023-01-25%20at%209.40.35%20AM.png)
In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his career. In the episode, Roger discusses his early days of malware disassembly, the trials and tribulations of public speaking, and his magnum opus, his book about data-driven defense. |
Malware | ★★ | |
|
2022-12-27 14:20:16 | (Déjà vu) QBot Malware Attacks Use SVG files to Perform HTML Smuggling (lien direct) |
|
Malware | ★ | |
|
2022-12-22 14:44:21 | New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable” (lien direct) |
|
Malware | ★★ | |
|
2022-12-21 13:59:29 | XLL Files Used to Deliver Malware (lien direct) |
|
Malware | ★★★ | |
|
2022-12-14 19:02:41 | Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase (lien direct) |
|
Malware | ★★ | |
|
2022-12-07 15:44:32 | Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware (lien direct) |
|
Malware | ★★★ | |
|
2022-09-26 12:00:00 | You Need Aggressive Cyber Training, Not "So, So" Training (lien direct) |
According to nearly every study conducted over the last decade, social engineering is involved in the vast majority of cyber attacks. The figures range from about 30% to 90% of all hacking and malware attacks. There is no other root exploitation cause that organizations can focus on mitigating that would decrease cybersecurity risk more. |
Malware | ||
|
2022-08-31 13:30:07 | Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion (lien direct) |
|
Malware | ||
|
2022-04-26 12:49:59 | More_eggs Malware Distributed Via Spear Phishing (lien direct) |
Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire's Threat Response Unit (TRU). |
Malware Threat | ||
|
2022-04-05 18:37:54 | Info Stealer Malware Vidar Uses Microsoft Help Files to Launch Attacks (lien direct) |
It appears that the use of Microsoft CHM files is gaining popularity, and from the way this latest attack works, it's a rather ingenious and flexible method that could become more prevalent. |
Malware | ||
|
2022-03-29 13:03:08 | Email Conversation Hacking to Distribute Malware (lien direct) |
Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and helps them bypass security filters. |
Malware | ||
|
2022-03-23 18:00:06 | QakBot Banking Trojan Evolves and Now Takes Over Email Conversations to Spread Malware (lien direct) |
As if stealing all your credentials, cookies, and email wasn't bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims. |
Malware | ||
|
2022-03-17 12:43:59 | [Heads Up] New Evil Ransomware Feature: Disk Wiper if You Don\'t Pay (lien direct) |
There is a new ransomware-as-a-service (RaaS) strain called LokiLocker, researchers at Blackberry warn. The malware uses rare code obfuscation and includes a file wiper component that attackers can deploy if their victims don't pay. "It shouldn't be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. |
Ransomware Malware | ||
|
2022-03-15 20:10:10 | [Eye Opener] Ukraine Is Now Being Hit With 4 Different Strains Of Wiper Malware (lien direct) |
Newly discovered data-destroying malware was found this week in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. "This new malware erases user data and partition information from attached drives," ESET Research Labs explained. |
Malware | ||
|
2022-03-11 15:28:20 | Email-Based Vishing Attacks Skyrocket 554% as Phishing, Social Media, and Malware Attacks Are All on the Rise (lien direct) |
New analysis of attacks in 2021 show massive increases across the board, painting a very concerning picture for this year around cyberattacks of all types. |
Malware | ||
|
2022-03-01 19:07:44 | (Déjà vu) CyberheistNews Vol 12 #09 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk (lien direct) |
[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk
Email not displaying? |
CyberheistNews Vol 12 #09 | Mar. 1st., 2022
[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk
The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.
|
Malware | NotPetya | |
|
2022-02-25 12:12:46 | [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk (lien direct) |
![[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk](https://blog.knowbe4.com/hubfs/RTS5RLIM.jpg)
The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine. |
Malware | NotPetya | |
|
2022-02-15 14:24:51 | CyberheistNews Vol 12 #07 [Heads Up] FBI Warns Against New Criminal QR Code Scams (lien direct) |
[Heads Up] FBI Warns Against New Criminal QR Code Scams
Email not displaying? |
CyberheistNews Vol 12 #07 | Feb. 15th., 2022
[Heads Up] FBI Warns Against New Criminal QR Code Scams
QR codes have been around for many years. While they were adopted for certain niche uses, they never did quite reach their full potential. They are a bit like Rick Astley in that regard, really popular for one song, but well after the boat had sailed. Do not get me wrong, Rick Astley achieved a lot. In recent years, he has become immortalized as a meme and Rick roller, but he could have been so much more.
However, in recent years, with lockdown and the drive to keep things at arms length, QR codes have become an efficient way to facilitate contactless communications, or the transfer of offers without physically handing over a coupon. As this has grown in popularity, more people have become familiar with how to generate their own QR codes and how to use them as virtual business cards, discount codes, links to videos and all sorts of other things.
QRime Codes
As with most things, once they begin to gain a bit of popularity, criminals move in to see how they can manipulate the situation to their advantage. Recently, we have seen fake QR codes stuck to parking meters enticing unwitting drivers to scan the code, and hand over their payment details believing they were paying for parking, whereas they were actually handing over their payment information to criminals.
The rise in QR code fraud resulted in the FBI releasing an advisory warning against fake QR codes that are being used to scam users. In many cases, a fake QR code will lead people to a website that looks like the intended legitimate site. So, the usual verification process of checking the URL and any other red flags apply.
CONTINUED with links and 4 example malicious QR codes on the KnowBe4 blog:
https://blog.knowbe4.com/qr-codes-in-the-time-of-cybercrime
|
Ransomware Data Breach Spam Malware Threat Guideline | APT 15 APT 43 | |
|
2022-02-08 14:23:51 | CyberheistNews Vol 12 #06 [Heads Up] Beware of New Quickbooks Payment Scams (lien direct) |
![CyberheistNews Vol 12 #06 [Heads Up] Beware of New Quickbooks Payment Scams](https://blog.knowbe4.com/hubfs/Stu_Headshot_2021_resize.png)
[Heads Up] Beware of New QuickBooks Payment Scams
Email not displaying? |
CyberheistNews Vol 12 #06 | Feb. 8th., 2022
[Heads Up] Beware of New QuickBooks Payment Scams
Many small and mid-sized companies use Intuit's popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program aggressively pushes other complimentary features. One of those add-on features is the ability to send customers' invoices via email.
The payee can click on a “Review and pay” button in the email to pay the invoice. It used to be a free, but less mature, feature years ago, but these days, it costs extra. Still, if you are using QuickBooks for your accounting, the ability to generate, send, receive and electronically track invoices all in one place is a pretty easy sell.
Unfortunately, phishing criminals are using QuickBooks' popularity to send business email compromise (BEC) scams. The emails appear as if they are coming from a legitimate vendor using QuickBooks, but if the potential victim takes the bait, the invoice they pay will be to the scammer.
Worse, the payment request can require that the payee use ACH (automated clearing house) method, which requires the payee to input their bank account details. So, if the victim falls for the scam, the criminal now has their bank account information. Not good.
Note: Some other QuickBooks scam warnings will tell you that QuickBooks will never ask for your ACH or banking details. This is not completely true. QuickBooks, the company and its support staff, never will, but QuickBooks email payment requests often do. Warn your users in Accounting.
CONTINUED at the KnowBe4 blog with both legit and malicious example screenshots:
https://blog.knowbe4.com/beware-of-quickbooks-payment-scams
|
Malware Hack Threat Conference | APT 35 | |
|
2022-02-01 19:40:07 | 8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets (lien direct) |
Security Threat Researchers at Symantec have published details about malware being put out by the “Gamaredon” threat group (who have been tied to Russian Federal Security Service), responsible for attacks in the Ukraine since 2013. |
Malware Threat | ||
|
2022-02-01 14:37:29 | CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential (lien direct) |
|
Ransomware Malware Hack Tool Threat Guideline | NotPetya NotPetya Wannacry Wannacry APT 27 APT 27 | |
|
2022-01-27 14:13:49 | Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021 (lien direct) |
With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the spotlight. |
Malware | ||
|
2021-12-28 16:19:30 | The Impacts of Phishing Attacks (lien direct) |
More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a malware phishing attack. |
Malware |
To see everything:
Our RSS (filtrered)
