Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-14 19:02:41 |
Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase (lien direct) |
|
Malware
|
|
★★
|
|
2022-12-14 11:12:35 |
(Déjà vu) Ughh. FBI\'s Vetted Threat Sharing Network \'InfraGard\' Hacked (lien direct) |
Investigative reported Brian Krebs reported December 13, 2022 that "InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online - using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself." |
Threat
|
|
★
|
|
2022-12-08 21:33:45 |
New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach (lien direct) |
|
|
|
★★★
|
|
2022-12-07 15:44:35 |
Cyber Insurers Focus on Catastrophic Attacks and Required Minimum Defenses as Premiums Double (lien direct) |
|
|
|
★★★
|
|
2022-12-07 15:44:32 |
Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware (lien direct) |
|
Malware
|
|
★★★
|
|
2022-12-06 14:30:00 |
CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams (lien direct) |
CyberheistNews Vol 12 #49 | December 6th, 2022
[Keep An Eye Out] Beware of New Holiday Gift Card Scams
By Roger A. Grimes
Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something.
The gift card market is estimated in the many hundreds of BILLIONS of dollars. Who doesn't like to get a free gift card? Unfortunately, scammers often use gift cards as a way to steal value from their victims. There are dozens of ways gift cards can be used by scammers to steal money.
Roger covers these three scams in a short [VIDEO] and in detail on the KnowBe4 blog:
You Need to Pay a Bill Using Gift Cards
Maliciously Modified Gift Cards in Stores
Phish You for Information to Supposedly Get a Gift Card
Blog post with 2:13 [VIDEO] and links you can share with your users and family:https://blog.knowbe4.com/beware-of-holiday-gift-card-scams
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.
Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.
NEW! KnowBe4 Mobile Learner App - Users Can Now Train Anytime, Anywhere!
NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers
NEW! AI-Driven phishing and training recommendations for your end users
Did You Know? You can upload your own training video and SCORM modules into your account for home workers
Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes
Find out how 50,000+ organizations have mobilized their end-users as their human firewall.
Date/Time: TOMORROW, Wednesday, December 7 @ 2:00 PM (ET)
Save My Spot!https://event.on24.com/wcc/r/3947028/0273119CCBF116DBE42DF81F151FF99F?partnerref=CHN3
|
Ransomware
Data Breach
Spam
Hack
Tool
Guideline
|
|
★★★
|
|
2022-12-02 17:36:53 |
Latest Netflix-Impersonated Phishing Attacks Surge in Frequency by 78% Since October (lien direct) |
|
|
|
★★
|
|
2022-12-02 17:36:35 |
Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations (lien direct) |
|
Ransomware
|
|
★★
|
|
2022-11-26 20:29:06 |
WhatsApp data breach sees nearly 500 million user records up for sale (lien direct) |
|
Data Breach
|
|
★★
|
|
2022-11-25 20:39:41 |
Cybersecurity incidents cost organizations $1,197 per employee, per year (lien direct) |
|
Studies
|
|
★★★★★
|
|
2022-11-22 14:36:16 |
New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims (lien direct) |
|
|
|
★★★
|
|
2022-11-21 20:59:17 |
4 out of 10 Emails are Unwanted as nearly 40% of all Attacks Start with Phishing (lien direct) |
|
|
|
|
|
2022-11-21 18:33:41 |
10 Million Health Records from Australian Insurer Medibank are Leaked After Refusing to Pay the Ransom (lien direct) |
|
Ransomware
|
|
★★★
|
|
2022-11-21 16:57:45 |
2022 Black Friday and Cyber Monday Scams (lien direct) |
In years gone by, Black Friday was a 24-hour rush to the shops (you remember those places with actual people and merchandise that you could touch) where there was a set time for you to grab a bargain. People arrived at the shops the night before waiting in line for the doors to open. Then, in 2005 the clever people at the National Retail Federation decided that an online frenzy of shopping was needed the Monday after Thanksgiving. We know this Monday as Cyber Monday. In 2008, Cyber Monday hit the big time as Thanksgiving fell five days later than in 2007 so the people were hungry for the online deals. The anticipation of the online deals created a frenzy and launched Cyber Monday into the stratosphere. Over time, Black Friday became Black November as retailers cashed in on the sales and consumers obliged. |
|
|
|
|
2022-11-21 16:33:06 |
Over One-Third of Companies Who Pay the Ransom are Targeted for a Second Time (lien direct) |
|
|
|
|
|
2022-11-17 18:41:19 |
Valid Accounts Rank as the Top Initial Access Infection Vector, Putting a Spotlight on Credentials (lien direct) |
|
|
|
|
|
2022-11-17 18:41:16 |
Ransomware Attacks on UK Organizations are Not Being Reported Enough, Clouding Impact (lien direct) |
|
|
|
|
|
2022-11-17 18:41:12 |
Cyber Insurance Rates Begin to Stabilize as Insurers Gain Better Insight into Cyberattacks (lien direct) |
|
|
|
|
|
2022-11-17 13:49:53 |
Watch Out For This Tricky New Tactic Called Clone Phishing (lien direct) |
|
|
|
|
|
2022-11-10 14:49:01 |
Cyberattacks Globally Increased by 28% in the Third Quarter of 2022 as the Average Org Experiences Over 1,100 Attacks Weekly (lien direct) |
|
|
|
|
|
2022-11-09 11:54:55 |
[EYES OUT] This Scary Strain of Sleeper Ransomware Is Really a Data Wiper in Disguise (lien direct) |
|
Ransomware
|
|
|
|
2022-11-07 15:23:44 |
[HEADS UP] Australia Continues to be Vulnerable to Cybercrimes as Half a Billion Has Been Lost to Scammers (lien direct) |
|
|
|
|
|
2022-11-04 18:36:05 |
New LinkedIn-Impersonated Phishing Attack Uses Bad Sign-In Attempts to Harvest Credentials (lien direct) |
|
|
|
|
|
2022-11-03 17:47:30 |
Phishing for Feds: Credential-Harvesting Attacks Found in New Study (lien direct) |
|
|
|
|
|
2022-11-03 12:50:06 |
Hacking Biometrics: If You Thought Your Fingerprints Were Safe, Think Again! (lien direct) |
|
|
|
|
|
2022-10-31 14:43:11 |
LinkedIn Phishing Attack Bypassed Email Filters Because it Passed Both SPF and DMARC Auth (lien direct) |
Researchers at Armorblox have observed a phishing campaign impersonating LinkedIn. The emails inform the user that their LinkedIn account has been suspended due to suspicious activity. |
|
|
|
|
2022-10-28 18:13:03 |
Ransomware Attacks Via RDP Drop Significantly as Phishing Continues to Dominate (lien direct) |
|
|
|
|
|
2022-10-27 14:08:53 |
Stolen Devices and Phishing (lien direct) |
Researchers at Cyren describe a phishing attack that resulted from the theft of a stolen iPad. The iPad was stolen on a train in Switzerland, and briefly appeared on Apple's location services in Paris a few days later. The owner assumed the iPad was lost for good, but sent a message to the iPad with her phone number just in case. |
|
|
|
|
2022-10-26 18:58:36 |
[APPLY TODAY] Security Awareness Training Eligible for $185 million DHS Cybersecurity Grant Opportunity (lien direct) |
The Department of Homeland Security (DHS) is providing $185 million of grant money this year to U.S. states and territories to bolster their cybersecurity defenses, which includes security awareness training. The program will provide $1 billion over the next four years to help states and territories become more resilient to cyber threats. |
|
|
|
|
2022-10-26 18:31:34 |
(Déjà vu) KnowBe4 Top-Clicked Phishing Email Subjects for Q3 2022 [INFOGRAPHIC] (lien direct) |
KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, and top attack vector types. |
|
|
|
|
2022-10-24 17:58:54 |
Major UK Outsourcer Hit With Multi-Million Dollar Fine Due to a Phishing Attack (lien direct) |
|
|
|
|
|
2022-10-20 12:54:27 |
New Phishing Attack Attempts to Steal Social Security Numbers (lien direct) |
|
|
|
|
|
2022-10-18 14:05:18 |
Name-and-Shame Scams on Discord (lien direct) |
Scammers are sending Discord messages with phony accusations to trick users into clicking on phishing links, according to Shan Abdul at MakeUseOf. The messages are sent from compromised accounts to the accounts' friends lists, so they appear to be coming from a trusted friend. The messages tell the user that their account has been posting shady things, and asks them to click on a link for proof. |
|
|
|
|
2022-10-14 13:03:08 |
New Phishing Campaign Uses Office Docs to Install Cobalt Strike Beacon (lien direct) |
|
|
|
|
|
2022-10-12 16:00:00 |
Encrypted Files are the Overwhelming Way Organizations “Detect” Ransomware Attacks (lien direct) |
|
Ransomware
|
|
|
|
2022-10-09 15:41:09 |
[Head Scratcher] The cyber insurance market is badly broken. But why exactly? (lien direct) |
|
|
|
|
|
2022-10-04 13:30:00 |
(Déjà vu) CyberheistNews Vol 12 #40 [Eye Opener] The FBI Warns Against a New Cyber Attack Vector Called Business Identity Compromise (BIC) (lien direct) |
|
|
|
|
|
2022-10-04 13:14:59 |
Cyber Risk Remains Top Concern for Businesses with a Distinct Lack of Unpreparedness (lien direct) |
|
|
|
|
|
2022-10-04 13:14:56 |
One-Fourth of Organizations Have Been Victim to a Ransomware Attack with 59% Starting with Email (lien direct) |
New analysis highlights just how prevalent ransomware attacks are today, how material the impacts are, whether organizations get their data back, and exactly how these attacks start. |
Ransomware
|
|
|
|
2022-10-03 13:07:51 |
German Police Collar Alleged Phishing Cybercriminals (lien direct) |
The Bundeskriminalamt (BKA), Germany's federal criminal police, raided three homes on Thursday, September 29th, in the course of an investigation of a cyber criminal operation the BKA says netted approximately €4,000,000 from its victims by using phishing tactics. Two suspects were arrested and charged; the disposition of the third individual will depend upon the results of further investigation. |
|
|
|
|
2022-09-28 19:51:33 |
A Master Class on Cybersecurity: Roger Grimes Teaches Password Best Practices (lien direct) |
|
|
|
|
|
2022-09-28 13:05:46 |
American Airlines Traces Breach to Phishing Incident (lien direct) |
|
|
|
|
|
2022-09-28 12:54:46 |
[Eye Opener] FBI Warns Against New Business Identity Compromise (BIC). Top 5 Deepfake Defenses (lien direct) |
The FBI warns against that synthetic content may be used in a “newly defined cyber attack vector” called Business Identity Compromise (BIC)
Imagine you're on a conference call with your colleagues. Discussing the latest Sales numbers. Information that your competitors would love to get a hold of. |
|
|
|
|
2022-09-27 13:00:42 |
FBI: Cyber Criminals Will Continue Targeting Healthcare Payment Processors Through Phishing Campaigns and Social Engineering (lien direct) |
|
|
|
|
|
2022-09-26 14:00:46 |
Recent Optus Data Breach Teaches the Importance of Recognizing Social Engineering (lien direct) |
|
Data Breach
|
|
|
|
2022-09-26 12:00:00 |
You Need Aggressive Cyber Training, Not "So, So" Training (lien direct) |
According to nearly every study conducted over the last decade, social engineering is involved in the vast majority of cyber attacks. The figures range from about 30% to 90% of all hacking and malware attacks. There is no other root exploitation cause that organizations can focus on mitigating that would decrease cybersecurity risk more. |
Malware
|
|
|
|
2022-09-23 17:58:10 |
“Browser-in-the-Browser” Phishing Technique Spotted in New Steam Account Attack (lien direct) |
|
|
|
|
|
2022-09-20 13:30:00 |
(Déjà vu) CyberheistNews Vol 12 #38 [HEADS UP] New Uber Security Breach \'Looks Bad\', Caused by Social Engineering (lien direct) |
|
|
Uber
Uber
|
|
|
2022-09-16 12:36:02 |
Uber security breach \'looks bad\', caused by social engineering (lien direct) |
|
|
Uber
|
|
|
2022-09-14 16:40:18 |
Cisco Attempt Attributed to Lapsus$ Group (lien direct) |
|
|
|
|