What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-20 12:33:23 | Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks (lien direct) |
|
|||
|
2022-05-19 20:12:55 | It\'s More Than Phishing; How to Supercharge Your Security Awareness Training (lien direct) |
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple in Europe. |
|||
|
2022-05-19 12:56:27 | (Déjà vu) Phishing Campaign Impersonates Shipping Giant Maersk (lien direct) |
|
|||
|
2022-05-18 12:45:08 | WSJ: "Cyber Insurance Went Up A Whopping 92% In 2021" (lien direct) |
|
|||
|
2022-05-17 13:30:09 | Spear Phishing a Diplomat (lien direct) |
Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. The researchers attribute this attack to the Iranian state-sponsored threat actor APT34 (also known as OilRig or Helix Kitten). The body of the phishing email isn't particularly detailed, but the attackers put a significant amount of effort into impersonating an employee at the targeted individual's organization. |
Threat | APT 34 | |
|
2022-05-17 13:22:53 | CyberheistNews Vol 12 #20 [Heads Up] Now You Need to Watch Out for Spoofed Vanity URLs... (lien direct) |
![CyberheistNews Vol 12 #20 [Heads Up] Now You Need to Watch Out for Spoofed Vanity URLs...](https://blog.knowbe4.com/hubfs/CHN-Social.jpg)
|
|||
|
2022-05-16 17:51:27 | Why People Fall for Scams (lien direct) |
|
|||
|
2022-05-13 12:05:12 | Think BEC Won\'t Cost You Much? How Does $130 Million Sound? (lien direct) |
A new lawsuit brings to light the all-too common occurrence of a attack, with this occurring during a business acquisition and costing the buyer more than they bargained for. |
|||
|
2022-05-13 12:04:41 | Homeland Security: U.S. Ransomware Attacks Have Doubled in the Last Year (lien direct) |
A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far. |
Ransomware | ||
|
2022-05-12 16:23:17 | Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit (lien direct) |
Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages. |
Data Breach | ★★★ | |
|
2022-05-12 16:22:16 | Happy Credit Union Customers Become the Target of Spoofing Scams Due to a Lack of Email Security (lien direct) |
Taking advantage of heightened levels of customer trust and satisfaction, along with lowered levels of properly implemented security, credit unions are seeing a rise in email-based scams. |
★★★ | ||
|
2022-05-12 16:21:37 | European Wind-Energy Sector Is the Latest Target of Russian State-Sponsored Attacks (lien direct) |
While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government. |
★★★★ | ||
|
2022-05-12 12:58:50 | Beware of Spoofed Vanity URLs (lien direct) |
Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this technique for links created through Box, Zoom, and Google Docs and Forms. |
★★ | ||
|
2022-05-11 13:47:43 | KnowBe4 Earns 2022 Top Rated Award from TrustRadius (lien direct) |
We are proud to announce that TrustRadius has recognized KnowBe4 with a 2022 Top Rated Award. |
★★ | ||
|
2022-05-11 12:56:12 | Another Report of SEO in Phishing (lien direct) |
Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, largely driven by attackers using SEO (search engine optimization) to improve the search engine ranking of malicious sites. Most of these downloads were malware-laden PDF files. |
|||
|
2022-05-10 13:49:56 | Mustang Panda Uses Spear Phishing to Conduct Cyberespionage (lien direct) |
The China-based threat actor Mustang Panda is conducting spear phishing campaigns against organizations in NATO countries and Russia, as well as entities in the US and Asia, according to researchers at Cisco Talos. The goal of this activity is cyberespionage. |
Threat | ★★★★ | |
|
2022-05-10 13:38:48 | CyberheistNews Vol 12 #19 [Heads Up] There is a New Type of Phishing Campaign Using Simple Email Templates (lien direct) |
Tricky SMTP Relay Email Spoofing. Man Convicted For 23M Phishing Scam.
Email not displaying? | View Knowbe4 Blog
CyberheistNews Vol 12 #19 | May 10th, 2022
[Heads Up] There is a New Type of Phishing Campaign Using Simple Email Templates A phishing campaign is using short, terse emails to trick people into visiting a credential-harvesting site, according to Paul Ducklin at Naked Security. The email informs recipients that two incoming messages were returned to the sender and directs the user to visit a link in order to view the messages. Since the e |
Guideline | ★★★ | |
|
2022-05-09 14:29:12 | Wave of Crypto Muggings Hits London\'s Financial District (lien direct) |
Criminals in London are targeting digital currency investors on the street in a wave of “crypto muggings”, with victims reporting that thousands of pounds were stolen from their crypto wallets after their mobile phones had been forcibly taken. City of London police provided |
★★★ | ||
|
2022-05-09 13:11:25 | Business Email Compromise Shouldn\'t Be the Cost of Doing Business (lien direct) |
The FBI last week published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has reached shocking proportions: between June of 2016 and December of 2021, the Bureau counted 241,206 domestic and international incidents of business email compromise. The “exposed dollar loss” (which includes both actual and attempted losses) is the real shocker: $43,312,749,946, more than forty-three-billion dollars. |
Threat | ★★★ | |
|
2022-05-06 16:46:44 | 10 of the Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them (lien direct) |
It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard “click and infect” attack vectors? |
★★★ | ||
|
2022-05-05 13:08:59 | Cozy Bear Goes Typosquatting (lien direct) |
Researchers at Recorded Future's Insikt Group warn that the Russian threat actor NOBELIUM (also known as APT29 or Cozy Bear) is using typosquatting domains to target the news and media industries with phishing pages. |
Threat | APT 29 | |
|
2022-05-05 13:08:33 | Microsoft is Leading the Way to a Password-Less Future (lien direct) |
As we observe World Password Day to create awareness around the need for password security, Microsoft is looking for frictionless ways to eliminate passwords entirely. |
Guideline | ||
|
2022-05-04 13:30:35 | SMTP Relay Email Spoofing Technique (lien direct) |
Researchers at Avanan have observed a surge in phishing emails that abuse a flaw in SMTP relay services to bypass email security filters. |
|||
|
2022-05-04 13:29:50 | 89% of Organizations Experienced One or More Successful Email Breach Types During the Last 12 Months (lien direct) |
With the number of email breaches per year almost doubling in the last three years, organizations still don't see email security solutions as being an effective means of stopping attacks. |
|||
|
2022-05-04 13:28:52 | FIN12 Threat Group Speeds Up Ransomware Attacks to Just Two Days After Initial Access (lien direct) |
As detection times are reducing across the board, threat groups are improving their craft and are prioritizing speed as the key ingredient in ransomware attacks. |
Ransomware Threat | ||
|
2022-05-04 13:28:05 | Organizations Have a 76% Likelihood of a Successful Cyberattack in the Next Year (lien direct) |
New data from TrendMicro and Ponemon shows how almost organizations globally are not fully prepared for the looming threat of almost-certain cyberattacks. |
Threat | ||
|
2022-05-03 13:36:38 | CyberheistNews Vol 12 #18 [Heads Up] The 4 Major Tactics: How Hackers Steal Your Passwords and How To Defend Yourself (lien direct) |
|
|||
|
2022-05-03 12:48:59 | Man Convicted for $23 Million Phishing Scam Against the US DoD (lien direct) |
A man in California has been convicted for stealing $23.5 million from the US Department of Defense in a phishing attack. The Justice Department explained in a press release that the man, Sercan Oyuntur, hijacked payments meant for a jet fuel supplier. |
|||
|
2022-05-02 20:45:24 | Holding a Great Employee Education Meeting (lien direct) |
I recently attended a customer's annual security awareness training employee event. I have attended a bunch of these over the years and I have loved them all. But this particular customer threw a great one! It included everything I think a security awareness training employee event should have. |
|||
|
2022-05-02 12:52:18 | Phishing Campaign Uses Simple Email Templates (lien direct) |
A phishing campaign is using short, terse emails to trick people into visiting a credential-harvesting site, according to Paul Ducklin at Naked Security. The email informs recipients that two incoming messages were returned to the sender, and directs the user to visit a link in order to view the messages. Since the emails are so short, the scammers avoid risking typos or grammatical errors that could have tipped off the recipient. |
|||
|
2022-04-28 22:05:02 | 75% of SMBs Would Only Survive Seven Days or less from a Ransomware Attack (lien direct) |
With ransomware attacks on the increase, new data shows a material portion of small and medium business organizations are completely ill-equipped to address an attack. |
Ransomware | ||
|
2022-04-28 22:04:48 | Half of IT Leaders Say their Non-Technical Staff are Unprepared for a Cyber Attack (lien direct) |
New data shows IT leadership believes users outside of IT create a “continued significant risk to organizations” despite having a layered security strategy to prevent attacks. |
Guideline | ||
|
2022-04-28 19:25:08 | [EYE OPENER] The Ransom Payment is Only 15% of The Total Cost of Ransomware Attacks (lien direct) |
![[EYE OPENER] The Ransom Payment is Only 15% of The Total Cost of Ransomware Attacks](https://blog.knowbe4.com/hubfs/Cyber%20Attacks%20Up%20125%25%20Ransomware%20Tops%20List.jpg)
As the number of ransomware attacks has increased 24% over the previous year, security researchers estimate the total associated attack costs to be just over 7 times higher. |
Ransomware | ||
|
2022-04-28 12:41:31 | Criminal Gang Impersonates Russian Government in Phishing Campaign (lien direct) |
Researchers at IBM Security X-Force are tracking a financially motivated cybercriminal group called “Hive0117” that's impersonating a Russian government agency to target users in Eastern Europe. |
|||
|
2022-04-26 14:04:10 | CyberheistNews Vol 12 #17 [EYE OPENER] "Being Annoying" as a Social Engineering Tactic (lien direct) |
|
|||
|
2022-04-26 13:54:16 | How Hackers Get Your Passwords and How To Defend Yourself (lien direct) |
Despite the world's best efforts to get everyone off passwords and onto something else (e.g., MFA, passwordless authentication, biometrics, zero trust, etc.) for decades, passwords have pervasively persisted. Today, nearly everyone has multiple forms of MFA for different applications and websites AND many, many passwords. |
|||
|
2022-04-26 13:53:55 | Hacking the Hacker: An Inside Look at the Karakurt Cyber Extortion Group (lien direct) |
By breaking into an attack server, security researchers have uncovered new details that show the connection between the Karakurt group and Conti ransomware. |
|||
|
2022-04-26 13:53:38 | Nearly all Data Breaches in Q1 2022 Were the Result of a Cyber Attack (lien direct) |
New data from the Identity Theft Resource Center shows rises in the number of data compromises following 2021's record-setting year, all stemming from cyber attacks. |
|||
|
2022-04-26 13:53:19 | Cyber Attacks on the Global Supply Chain Have Increased by 51% (lien direct) |
As supply chain vendors become a greater target, the businesses reliant upon them don't seem to be responding with the appropriate urgency, according to new data. |
|||
|
2022-04-26 12:49:59 | More_eggs Malware Distributed Via Spear Phishing (lien direct) |
Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire's Threat Response Unit (TRU). |
Malware Threat | ||
|
2022-04-25 12:51:35 | Community Associations Confront Social Engineering (lien direct) |
It's not just deep-pocketed corporations that prove attractive targets for social engineering. Any organization that holds information that can fetch a good price in the criminal marketplace will draw the attention of social engineers. |
|||
|
2022-04-21 16:26:04 | If You Got a “Your Bill Is Paid For” Text, You\'re Part of a Massive T-Mobile Texting Scam (lien direct) |
The latest scam targeting T-Mobile customers impersonating T-Mobile and focused on collecting your personal data by tempting you with free “gifts”. |
|||
|
2022-04-21 16:25:45 | LinkedIn is the Most Impersonated Brand in Phishing Attacks (lien direct) |
Social media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found. |
|||
|
2022-04-21 15:46:04 | New Phishing Attack Targets MetaMask Users for their Crypto Wallet Private Keys (lien direct) |
A new phishing campaign impersonates MetaMask, informs victims their cryptocurrency wallets aren't “verified” and threatens suspension. |
|||
|
2022-04-21 15:45:27 | UK Information Commissioner: Many Cybersecurity Incidents are “Preventable” (lien direct) |
In a recent article about the largest cyberthreats currently facing the UK, John Edwards – the UK's newly-appointed information commissioner- talks about the need for a security culture in the workplace. |
|||
|
2022-04-21 14:14:00 | Critical: CISA Warns of Potential Attacks on Infrastructure by Russian State-Sponsored and Criminal Cyber Gangs (lien direct) |
In a joint multi-country cybersecurity advisory (CSA), governments are warning their respective critical infrastructure organizations to be vigilant against increased malicious cyber threat activity. |
Threat | ||
|
2022-04-20 12:49:57 | TraderTraitor: When States do Social Engineering (lien direct) |
North Korea's Lazarus Group is using social engineering attacks to target users of cryptocurrency, according to a joint advisory from the US FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department. |
Medical | APT 38 APT 28 | |
|
2022-04-19 14:33:27 | Ransomware Attacks Show Temporary Slowing but are Expected to Increase in 2022 [Graphs] (lien direct) |
![Ransomware Attacks Show Temporary Slowing but are Expected to Increase in 2022 [Graphs]](https://blog.knowbe4.com/hubfs/Ransomware%20Highlight%20Threat%20of%20Social%20Engineering.jpg)
New data from Recorded Future shows how the war in Ukraine is causing a brief slowdown of ransomware attacks on healthcare, governments and schools that is predicted to return to growing levels. |
★★★ | ||
|
2022-04-19 14:31:40 | Only Half of All Organizations Have Refreshed Their Security Strategy Based on the Pandemic (lien direct) |
A new study published by Ponemon Institute shows that a material portion of organizations are still using pre-pandemic security processes and policies, putting the org at risk. |
★★★ | ||
|
2022-04-19 14:31:22 | FBI Warns of Bank Fraud Phishing Campaign (lien direct) |
The FBI has warned of a smishing campaign that's targeting people in the US with phony bank fraud notifications. The text messages inform users that someone has attempted to initiate a money transfer on their account. |
★★★ |
To see everything:
Our RSS (filtrered)
