What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-22 15:06:15 | (Déjà vu) CyberheistNews Vol 12 #12 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks (lien direct) |
![CyberheistNews Vol 12 #12 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks](https://blog.knowbe4.com/hubfs/CHN-Social.jpg)
[New White House Alert] Train Your Users Against Threat of Russian Cyberattacks
Email not displaying? |
CyberheistNews Vol 12 #12 | Mar. 22nd., 2022
[New White House Alert] Train Your Users Against Threat of Russian Cyberattacks
With the recent cyber attacks between Russia and Ukraine and the current intelligence coming from the U.S. Government, organizations want to shore up their defenses to reduce the risk of a successful attack by any nation-state.
|
Threat | ||
|
2022-03-21 22:16:51 | [BREAKING] White House warns Russia is prepping possible cyberattacks against US (lien direct) |
![[BREAKING] White House warns Russia is prepping possible cyberattacks against US](https://blog.knowbe4.com/hs-fs/hub/241394/file-2006657920.jpg)
With the recent cyber-attacks between Russia and Ukraine and the current intelligence coming from the US Government, organizations want to shore up their defenses to reduce the risk of a successful attack by any nation-state. |
|||
|
2022-03-21 14:40:34 | Chameleons Phish, Too (lien direct) |
One of the challenges cyber criminals face is that their scams often have a relatively short shelf-life. Once they've been used, the gaff is quickly blown, and the scammers hope to realize their gains before most of the potential marks are wise to the scam. |
|||
|
2022-03-17 12:43:59 | [Heads Up] New Evil Ransomware Feature: Disk Wiper if You Don\'t Pay (lien direct) |
There is a new ransomware-as-a-service (RaaS) strain called LokiLocker, researchers at Blackberry warn. The malware uses rare code obfuscation and includes a file wiper component that attackers can deploy if their victims don't pay. "It shouldn't be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. |
Ransomware Malware | ||
|
2022-03-17 12:00:00 | KnowBe4 Named a Leader in The Forrester Wave for Security Awareness and Training Solutions (lien direct) |
We're thrilled to announce that KnowBe4 has been named a Leader in The Forrester WaveTM : Security Awareness and Training Solutions, Q1 2022 report based on our current offering, strategy and market presence. |
Guideline | ||
|
2022-03-16 14:27:52 | Ransomware-Related Data Leaks Increase 82% as the Number of Cybercriminal Groups Nearly Triples (lien direct) |
New insight into the state of the attacks and threats paints a picture where the cybercriminals are growing in number, sophistication and successes, while victims just sit back seemingly helpless. |
|||
|
2022-03-16 14:25:21 | Backups Become the Focus as Three-Fourths of Organizations Experienced Ransomware Attacks (lien direct) |
New data puts the spotlight on how most organizations unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response. |
Ransomware | ||
|
2022-03-16 14:20:57 | New Phishing Method Uses VNC to Bypass MFA Measures and Gives Cybercriminals Needed Access (lien direct) |
Despite cloud vendors like Google detecting reverse proxies or man-in-the-middle (MiTM) attacks and halting logons to thwart malicious actions, a new method easily gains access. |
|||
|
2022-03-15 20:10:10 | [Eye Opener] Ukraine Is Now Being Hit With 4 Different Strains Of Wiper Malware (lien direct) |
Newly discovered data-destroying malware was found this week in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. "This new malware erases user data and partition information from attached drives," ESET Research Labs explained. |
Malware | ||
|
2022-03-15 15:28:19 | We Are In The First Open Source Intelligence War (lien direct) |
I am a member of OODA loop. They are a great team that keeps me up to date about InfoSec issues. Their site always has interesting articles and this one certainly got my attention. The title alone piqued my interest. I'm quoting the first few paragraphs and then link to the rest of the article. I think you will like it too: |
|||
|
2022-03-15 13:41:15 | (Déjà vu) CyberheistNews Vol 12 #11 [Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs (lien direct) |
[Heads Up] FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs
Email not displaying? |
CyberheistNews Vol 12 #11 | Mar. 15th., 2022
[Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs
The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors.
|
Ransomware | ||
|
2022-03-15 12:48:09 | Shipping Fraud Rises Nearly 800% in 2021 (lien direct) |
Shipping fraud had a global increase of nearly 800% over the course of 2021, according to TransUnion's 2022 Global Digital Fraud Trends Report. |
|||
|
2022-03-15 12:43:58 | Cybercrime-as-a-Service: Its Evolution and What You Can Do to Fight Back (lien direct) |
The cybercrime market has skyrocketed in a frightening way. With threats such as ransomware to Business Email Compromise (BEC), the stakes are higher than ever for organizations across all industries. |
Ransomware | ||
|
2022-03-14 13:16:00 | Social Engineering through Contact Form (lien direct) |
Email is the familiar form of phishing, but there's an ongoing criminal campaign that follows a different, arguably subtler avenue of approach: the corporate contact form. Abnormal Security has found that the BazarBackdoor is being distributed through this social engineering technique that succeeds in bypassing email filters. |
|||
|
2022-03-11 15:28:20 | Email-Based Vishing Attacks Skyrocket 554% as Phishing, Social Media, and Malware Attacks Are All on the Rise (lien direct) |
New analysis of attacks in 2021 show massive increases across the board, painting a very concerning picture for this year around cyberattacks of all types. |
Malware | ||
|
2022-03-10 14:31:37 | “Warm Greetings” (or not) : Saudi Aramco Impersonation (lien direct) |
Researchers at Malwarebytes warn of a phishing campaign that's targeting the oil and gas industry by impersonating Saudi Aramco. |
|||
|
2022-03-10 14:31:15 | Phishing and Scam Pages Increase by 153% as Cybercriminals Seek to Establish Credibility (lien direct) |
As part of either impersonating known brands or simply leveraging credible cloud services, the use of a web page as part of an attack has become a staple for threat actors. |
Threat | ||
|
2022-03-10 14:30:39 | Passwords are Reused 64% of the Time as the Number of Passwords to Remember Reaches Over 100 (lien direct) |
New data focusing on user cyber hygiene around password use shows users are repeatedly reusing passwords across multiple applications and environments, despite the rise in breaches. |
|||
|
2022-03-09 15:58:22 | 83% of all Successful Ransomware Attacks Featured Double and Triple Extortion (lien direct) |
With 2021 being the “testing ground” for ransomware extortion, 2022 is showing signs of ransomware gangs settling in on proven extortion tactics to ensure payment. |
Ransomware | ||
|
2022-03-09 15:58:04 | Social Engineering a Major Factor in Cyberattack on Camera Maker Axis Communications (lien direct) |
As details of the February attack continue to be divulged, it becomes evident that cybercriminals were able to get past both users and security controls. |
|||
|
2022-03-09 14:05:47 | Domains Associated with Phishing Directed Against Ukraine (lien direct) |
Researchers from Secureworks' Counter Threat Unit (CTU) are tracking phishing domains used by the “MOONSCAPE” threat actor to target users in Ukraine. The researchers note that Ukraine's Computer Emergency Response Team (CERT-UA) has attributed this campaign to the Belarusian threat actor UNC1151, but Secureworks hasn't yet confirmed this attribution. Belarus is one of Russia's closest allies, and is assisting in Moscow's war against Ukraine. |
Threat | ||
|
2022-03-09 13:50:37 | Phishing Impersonation and Attack Trends in 2021 (lien direct) |
Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure. |
|||
|
2022-03-08 14:16:18 | CyberheistNews Vol 12 #10 [Heads Up] A New Phishing Attack Warns About A Suspicious Russian Login (lien direct) |
![CyberheistNews Vol 12 #10 [Heads Up] A New Phishing Attack Warns About A Suspicious Russian Login](https://blog.knowbe4.com/hubfs/CHN-LOGO-2017-1.png){kind=logo}
[Heads Up] A New Phishing Attack Warns About A Suspicious Russian Login
Email not displaying? |
CyberheistNews Vol 12 #10 | Mar. 8th., 2022
[Heads Up] A New Phishing Attack Warns About a Suspicious Russian Login
The human cost of war is horrific. All Knowsters are shocked and saddened by the all-out Russia-Ukraine land war. However, we are also inspired by the Ukrainian people for their bravery, resistance and resilience. As we all know, the price of freedom is eternal vigilance combined with the willingness to fight back.
|
|||
|
2022-03-08 13:30:14 | [World Premiere] KnowBe4\'s New Season 4 of Netflix-Style Security Awareness Video Series - \'The Inside Man\' (lien direct) |
We're thrilled to announce the long-awaited fourth season of the award-winning KnowBe4 Original Series - 'The Inside Man' is now available in the KnowBe4 ModStore! |
|||
|
2022-03-08 13:02:39 | (Déjà vu) FBI: Ransomware gang breached 52 US critical infrastructure orgs (lien direct) |
The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. |
Ransomware | ||
|
2022-03-07 14:48:53 | By the Way, There\'s No Draft - Smishing Campaign Alert (lien direct) |
Scammers are sending phony text messages (aka Smishing or SMS Phishing) informing people in the US that they've been drafted by the US Army, according to Army Times. |
|||
|
2022-03-07 13:00:00 | Log4j - Kevin Mitnick Explains One of the Most Serious Vulnerabilities in the Last Decade (lien direct) |
The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered. Sleepless nights followed for many. But a shortage of time and manpower has left this vulnerability wide open in many organizations. Is your organization one of them? |
Vulnerability | ||
|
2022-03-04 19:42:05 | The Recent Log4J Vulnerability Equation: Remote Code Execution (RCE) + National Vulnerability Database (NVD) = 10.0 (lien direct) |
RCE. These three letters add increased levels of stress to cybersecurity professionals regarding vulnerabilities against their hardware or software within their risk management program. |
Vulnerability | ||
|
2022-03-04 15:24:28 | According to KnowBe4 Research\'s Q1 2022 Report: Shadow IT Is Real (lien direct) |
Imagine needing to share a large PDF non-confidential document with a customer. It is too large to send via email, and recently you started using a cloud file sharing service to store files and make them accessible on your smartphone, tablet or other computers. You upload the file to the filesharing service and then share the link with the customer to make things easier. After a few clicks, a link is sent to the customer and they download the PDF document. The next day, you get a phone call from one of the information security officers from the organization asking about a file they noticed you transferred out of the company to the filesharing service. |
|||
|
2022-03-04 13:34:15 | Phishing Attacks Impersonating LinkedIn are up 232% in the Last Month Alone! (lien direct) |
During the period the world has dubbed “the great resignation”, phishing scammers are shifting tactics to take advantage of those looking for a new career or place of employment. |
|||
|
2022-03-04 13:34:12 | FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms (lien direct) |
In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of a successful scam. |
|||
|
2022-03-04 13:34:08 | CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks (lien direct) |
New advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its' impact. |
Ransomware | ||
|
2022-03-04 13:00:00 | (Déjà vu) Your KnowBe4 Fresh Content Updates from February 2022 (lien direct) |
Check out the 28 new pieces of training content added in February, alongside the always fresh content update highlights and new features. |
|||
|
2022-03-03 13:40:41 | What It\'s Like to Be the Face of Romance (Scams) (lien direct) |
A real US Army colonel named Daniel Blackmon is being impersonated in hundreds or even thousands of romance scams, according to Haley Britzky at Task & Purpose. The scammers took pictures from Col. Blackmon's social media pages and used them to craft phony profiles. The real Blackmon, who is happily married and utterly unconnected with the scammers, is aware of these scams and is doing his best to let people know that he won't message them if he doesn't know them, and that he won't ask for money. |
|||
|
2022-03-02 19:19:06 | Gain Insight into Where Your Organization Stands with the Security Culture Maturity Model (lien direct) |
We're thrilled to introduce the Security Culture Maturity Model, the industry's first maturity model specifically geared to measure security culture! |
|||
|
2022-03-02 18:32:16 | Data Breach Volumes in the U.S. Grow by 10% in 2021 (lien direct) |
New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year. |
Data Breach | ||
|
2022-03-02 18:32:00 | Timely “Help Ukraine” Online Crypto Scams Take in Millions (lien direct) |
A new series of "help Ukraine" donation posts have sprouted up across the Internet, but are really a cryptocurrency scam enticing users send crypto donations to counterfeit addresses. |
|||
|
2022-03-02 18:31:47 | FBI: SIM Swapping Attacks See More Than 500% Increases in The Number of Attacks and Monetary Losses (lien direct) |
With mobile devices used as secondary authentication, threat actors have been stepping up activity, looking for ways to transfer phone numbers to cybercriminal-controlled devices. |
Threat | ||
|
2022-03-02 18:31:34 | UK ICO Sees a Massive Increase in Targeted Email Attacks (lien direct) |
New data obtained from the UK's Information Commissioner's Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK's information rights organization. |
|||
|
2022-03-02 13:48:36 | Phishing Emails Warn of a Suspicious Login From Russia (lien direct) |
Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the issue, which “opens a fresh email with a pre-filled message to be sent to a specific email account.” If a user sends this email, the attacker will reply and attempt to rope them further into the scam. |
|||
|
2022-03-01 19:07:44 | (Déjà vu) CyberheistNews Vol 12 #09 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk (lien direct) |
[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk
Email not displaying? |
CyberheistNews Vol 12 #09 | Mar. 1st., 2022
[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk
The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.
|
Malware | NotPetya | |
|
2022-03-01 14:42:52 | Scammers Will Take Advantage of New IRS Rules (lien direct) |
New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian. |
|||
|
2022-03-01 11:49:52 | Russia Could “Absolutely” Lash Out at US Through Cyber, Lawmaker Warns (lien direct) |
NextGov reports: "Chairman Sen. Mark Warner, D-Va, gives an opening statement as FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify at a Senate Intelligence Committee hearing on Capitol Hill on February 23, 2021.
|
|||
|
2022-02-28 15:45:46 | Wartime Suffering as Phishbait (lien direct) |
It's easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only gives them another pretext to dangle in front of the unwary. |
|||
|
2022-02-27 13:26:32 | [EYES OPEN] The Kremlin Propaganda Machine Now Works Overtime. INFOGRAPHIC (lien direct) |
![[EYES OPEN] The Kremlin Propaganda Machine Now Works Overtime. INFOGRAPHIC](https://blog.knowbe4.com/hubfs/RUSSIA-DISINFORMATION-MAP.png)
With an ongoing land war in Ukraine, everyone needs to be alert for the Kremlin's parallel disinformation campaigns. Many people simply are not aware of the massive amount of false data that is being spread by an extensive, Russia-controlled network of media outlets, websites and social media accounts. The Russian government is spreading disinformation to at least 4 different audiences: |
|||
|
2022-02-25 12:12:46 | [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk (lien direct) |
![[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk](https://blog.knowbe4.com/hubfs/RTS5RLIM.jpg)
The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine. |
Malware | NotPetya | |
|
2022-02-23 14:46:21 | When the Phishers Want a Reply, not a Click (lien direct) |
A sextortion phishing campaign is targeting French speakers accusing them of viewing child abuse content, according to Paul Ducklin at Naked Security. The emails purport to come from the French police, and are designed to frighten users into replying to the email to assert their innocence. After a user replies, the scammer will attempt to convince them to pay a bogus fine to have the matter dropped. |
|||
|
2022-02-22 14:52:39 | CyberheistNews Vol 12 #08 [Eye Opener] Here Are the 4 Traits of Most Scams (lien direct) |
|
|||
|
2022-02-22 14:02:06 | New Phishing Campaign Angles for Monzo Banking Customers (lien direct) |
A phishing campaign is targeting users of the UK-based digital banking company Monzo, BleepingComputer reports. Security researcher William Thomas came across an SMS phishing (smishing) campaign that's sending text messages that purport to come from Monzo. |
|||
|
2022-02-22 14:01:58 | 20 Year-Old “Right-to-Left Override” Functionality Used in Attacks to Trick Microsoft 365 Users Out of Credentials (lien direct) |
Used to disguise malicious file extensions, this legacy functionality is being repurposed in attacks to obfuscate attachment types and steal credentials in an impressive way. |
To see everything:
Our RSS (filtrered)
