This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T14:31:38+00:00 www.secnews.physaphae.fr knowbe4 - cybersecurity services Researchers at Trend Micro have spotted yet another scam taking advantage of the crisis in Ukraine by impersonating a legitimate charity. In this case, the scammers are posing as the relief organization Mercury One, attempting to steal money and personal information. We wrote about a "Help Ukraine" cryptocurrency scam and a Ukranian charity phishing scam last month, this is just the latest variety.]]> 2022-04-13T13:54:14+00:00 https://blog.knowbe4.com/smishing-scams-abuse-ukrainian-charity www.secnews.physaphae.fr/article.php?IdArticle=4441223 False None None None knowbe4 - cybersecurity services ]]> 2022-04-12T13:31:43+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-15-heads-up-hard-boiled-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=4434764 True None None None knowbe4 - cybersecurity services Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.]]> 2022-04-12T12:52:35+00:00 https://blog.knowbe4.com/business-email-compromise-the-costliest-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=4434582 False None None None knowbe4 - cybersecurity services Taking advantage of the value of a legitimate web service, along with a valid SSL certificate, a new campaign of phishing attack targeting online Microsoft credentials is leveraging Azure.]]> 2022-04-11T19:15:00+00:00 https://blog.knowbe4.com/microsoft-azure-new-home-for-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=4430824 False None None None knowbe4 - cybersecurity services We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.]]> 2022-04-11T12:00:00+00:00 https://blog.knowbe4.com/knowbe4-named-a-leader-in-the-spring-2022-g2-grid-report-for-security-awareness-training www.secnews.physaphae.fr/article.php?IdArticle=4428699 True Guideline None None knowbe4 - cybersecurity services We are excited to announce that KnowBe4 has been named a leader in the Spring 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the fourth consecutive quarter!]]> 2022-04-08T13:06:44+00:00 https://blog.knowbe4.com/knowbe4-named-a-leader-in-the-spring-2022-g2-grid-report-for-security-orchestration-automation-and-response-soar www.secnews.physaphae.fr/article.php?IdArticle=4417059 True Guideline None None knowbe4 - cybersecurity services Skyrocketing attack rates, double and triple extortion, increasing ransom demands… cybercriminals are inflicting pain in every way imaginable when it comes to today's ransomware attacks. And you need to be prepared to protect your network, NOW.]]> 2022-04-08T12:30:51+00:00 https://blog.knowbe4.com/ransomware-hostage-rescue-checklist-webinar www.secnews.physaphae.fr/article.php?IdArticle=4417060 False Ransomware None None knowbe4 - cybersecurity services A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It's not clear who the attackers were, but they used an old version of a road safety operations website belonging to Russia's Ministry of Internal Affairs, which helped the emails to bypass authentication checks.]]> 2022-04-07T12:52:18+00:00 https://blog.knowbe4.com/phishbait-invokes-russias-ministry-of-internal-affairs-road-safety-division www.secnews.physaphae.fr/article.php?IdArticle=4411275 False None None None knowbe4 - cybersecurity services New insights into the state of data security show a clear focus on the weakest part of your security stance – your users – and organizations doing little to address it.]]> 2022-04-07T12:28:50+00:00 https://blog.knowbe4.com/human-error-ranked-top-cybersecurity-threat www.secnews.physaphae.fr/article.php?IdArticle=4411276 False Threat None None knowbe4 - cybersecurity services Last month, Latvian and Lithuanian police – in conjunction with Europol – coordinated a raid on 3 call centers responsible for an international effort to defraud victims worldwide.]]> 2022-04-07T12:28:16+00:00 https://blog.knowbe4.com/multinational-police-efforts-shut-down-scam-call-center www.secnews.physaphae.fr/article.php?IdArticle=4411277 False None None None knowbe4 - cybersecurity services Stolen client data from Mailchimp put customers of the cryptocurrency hardware wallets on notice of potential social engineering attacks claiming to be Trezor.]]> 2022-04-06T13:32:36+00:00 https://blog.knowbe4.com/mailchimp-phishing-attack-hit-trezor-crypto-wallets www.secnews.physaphae.fr/article.php?IdArticle=4405716 False None None None knowbe4 - cybersecurity services Scammers are impersonating Europol with fraudulent phone calls in an attempt to steal personal and financial information, according to Kristina Ohr at Avast. The German Federal Criminal Police Office (Bundeskriminalamt, BKA) recently warned of this campaign as well.]]> 2022-04-06T12:55:09+00:00 https://blog.knowbe4.com/europol-calling-not-necessarily www.secnews.physaphae.fr/article.php?IdArticle=4405131 False None None None knowbe4 - cybersecurity services The group behind the recent attacks on Okta, NVIDIA, and Microsoft may be moving on to less-prominent organizations, using their data destruction extortion model on new victims.]]> 2022-04-05T18:38:15+00:00 https://blog.knowbe4.com/microsoft-warns-of-lapsus-targeting-organizations-for-data-exfiltration-and-destruction www.secnews.physaphae.fr/article.php?IdArticle=4401000 False None None None knowbe4 - cybersecurity services It appears that the use of Microsoft CHM files is gaining popularity, and from the way this latest attack works, it's a rather ingenious and flexible method that could become more prevalent.]]> 2022-04-05T18:37:54+00:00 https://blog.knowbe4.com/info-stealer-malware-vidar-uses-microsoft-help-files-to-launch-attacks www.secnews.physaphae.fr/article.php?IdArticle=4401001 False Malware None None knowbe4 - cybersecurity services Cybercriminals Groups and “as a Service” threat actor affiliates alike seem to be doing well, according to a new report on the state of ransomware from Palo Alto Networks' Unit42.]]> 2022-04-05T18:36:44+00:00 https://blog.knowbe4.com/ransomware-demands-and-payments-increase www.secnews.physaphae.fr/article.php?IdArticle=4401002 False Threat None None knowbe4 - cybersecurity services Social engineering continues to be a core component of the Iranian government's hacking operations, according to researchers at Recorded Future.]]> 2022-04-05T18:35:39+00:00 https://blog.knowbe4.com/social-engineering-from-tehran www.secnews.physaphae.fr/article.php?IdArticle=4401003 False None None None knowbe4 - cybersecurity services [EYE OPENER] A Lack of Employee Cyber Hygiene is the Next Big Threat   Email not displaying? | CyberheistNews Vol 12 #14  |   Apr. 5th., 2022 [EYE OPENER] A Lack of Employee Cyber Hygiene is the Next Big Threat A new report suggests that everything from endpoints, to passwords, to training, to security policies, to a lack of awareness is all contributing to much higher risk of cyberattack. Employee cyber risk is a multifaceted issue that revolves a lot around cyber hygiene, according to new data in Mobile Mentor's inaugural Endpoint Ecosystem Report. It involves a number of issues that organizations are going to need to address effectively and quickly. ]]> 2022-04-05T12:48:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-14-eye-opener-lack-of-employee-cyber-hygience-is-the-next-big-threat www.secnews.physaphae.fr/article.php?IdArticle=4398963 True Threat None None knowbe4 - cybersecurity services Bloomberg has reported that forged "Emergency Data Requests" last year induced Apple and Meta to surrender "basic subscriber details, such as a customer's address, phone number and IP address."]]> 2022-04-04T12:50:33+00:00 https://blog.knowbe4.com/social-engineering-by-emergency-data-request www.secnews.physaphae.fr/article.php?IdArticle=4392887 False None None None knowbe4 - cybersecurity services Check out the 74 new pieces of training content added in March, alongside the always fresh content update highlights and new features.]]> 2022-04-01T12:00:00+00:00 https://blog.knowbe4.com/fresh-content-updates-march-2022 www.secnews.physaphae.fr/article.php?IdArticle=4378436 True None None None knowbe4 - cybersecurity services Rather than take the usual path of sending an email and linking to a spoofed logon page, this attack takes a different set of actions that at first make no sense but may actually be brilliant.]]> 2022-03-31T17:04:37+00:00 https://blog.knowbe4.com/facebook-phishing-scam-takes-unexpected-turn www.secnews.physaphae.fr/article.php?IdArticle=4373905 False None None None knowbe4 - cybersecurity services A look at what makes up Web 3.0 and how it may be used includes insight into what kinds of cyberattacks may plague it, as cybercriminals look for new profitable opportunities.]]> 2022-03-31T15:52:59+00:00 https://blog.knowbe4.com/cisco-web-3.0-will-be-the-next-frontier-for-social-engineering-and-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=4373736 False None None None knowbe4 - cybersecurity services New data from the FBI's Internet Crime Complaint Center (IC3) shows a massive increase in the cost of internet crimes, with phishing and BEC topping the list.]]> 2022-03-31T15:52:17+00:00 https://blog.knowbe4.com/cost-of-internet-crimes-in-2021-exceeds-6.9-billion www.secnews.physaphae.fr/article.php?IdArticle=4373737 False None None None knowbe4 - cybersecurity services A widespread phishing scam is circulating in Facebook Messenger, according to Jeff Parsons at Metro. The phishing messages simply contain the words, “Look what I found,” along with a link. If the user clicks the link, they'll be taken to a spoofed Facebook login page that will steal their credentials. Notably, the attackers send the messages from compromised accounts of the target's Facebook friends, which increases the appearance of legitimacy.]]> 2022-03-31T14:13:29+00:00 https://blog.knowbe4.com/facebook-messenger-phishing-scam www.secnews.physaphae.fr/article.php?IdArticle=4373557 False None None None knowbe4 - cybersecurity services The FBI has issued a Private Industry Notification warning of phishing emails designed to steal login credentials from election officials. The Bureau believes these attacks will increase ahead of the 2022 midterm elections; the officials who need to be alert are at the state, local, territorial, and tribal levels.]]> 2022-03-31T12:57:59+00:00 https://blog.knowbe4.com/fbi-warning-phishing-targets-election-officials www.secnews.physaphae.fr/article.php?IdArticle=4372818 False None None None knowbe4 - cybersecurity services A new report suggests that everything from endpoints, to passwords, to training, to security policies, to a lack of awareness is all contributing to much higher risk of cyberattack.]]> 2022-03-30T12:16:33+00:00 https://blog.knowbe4.com/lack-of-employee-cyber-hygiene-next-big-threat www.secnews.physaphae.fr/article.php?IdArticle=4366173 False Threat None None knowbe4 - cybersecurity services A new report reviewing ransomware activity in 2021 shows an impressive uptick in the number of targeted attacks in Q4 of 2021 to 772 as more players join (or rejoin) the game.]]> 2022-03-30T12:16:02+00:00 https://blog.knowbe4.com/ransomware-attack-volume-increases-by-18-percent www.secnews.physaphae.fr/article.php?IdArticle=4366174 False None None None knowbe4 - cybersecurity services The shift in devices used by today's workforce has resulted in increases in cybersecurity concerns and incidents, despite a majority of orgs with defined BYOD programs in place.]]> 2022-03-30T12:15:33+00:00 https://blog.knowbe4.com/mobile-device-usage-have-led-to-security-incidents-in-nearly-half-of-organizations www.secnews.physaphae.fr/article.php?IdArticle=4366175 False None None None knowbe4 - cybersecurity services [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online   Email not displaying? | CyberheistNews Vol 12 #13  |   Mar. 29th., 2022 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, and how the tech still needs to improve. While much of the headlines today around the Russian invasion of Ukraine focus on the war on the ground and in the air, a cyberwar is being waged behind the scenes. It began with wiper ransomware attacks on Ukrainian businesses and government agencies and has culminated so far with a newly released deepfake video of Ukrainian president Zelenskyy asking his troops to lay down their weapons and surrender. ]]> 2022-03-29T13:59:07+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-13-heads-up-published-zelenskyy-deepfake-video-demonstrates-the-modern-war-online www.secnews.physaphae.fr/article.php?IdArticle=4359897 True Ransomware None None knowbe4 - cybersecurity services Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and helps them bypass security filters.]]> 2022-03-29T13:03:08+00:00 https://blog.knowbe4.com/email-conversation-hacking-to-distribute-malware www.secnews.physaphae.fr/article.php?IdArticle=4359411 False Malware None None knowbe4 - cybersecurity services Multifactor Authentication (MFA), but real-world use has shown that most of today's most popular implementations are not sufficiently protective against real attacks. In short, using social engineering, hackers have been able to bypass most Push-Based MFA like it was not even there.]]> 2022-03-28T17:51:20+00:00 https://blog.knowbe4.com/making-better-push-based-mfa www.secnews.physaphae.fr/article.php?IdArticle=4354895 False None None None knowbe4 - cybersecurity services Fraudsters are taking advantage of the buy-now, pay-later (BNPL) payment model, according to Jim Ducharme, COO of Outseer. On the CyberWire's Hacking Humans podcast, Ducharme explained that scammers can either impersonate victims or take over their accounts in order to make fraudulent purchases.]]> 2022-03-28T13:31:28+00:00 https://blog.knowbe4.com/buy-now-pay-later-scams www.secnews.physaphae.fr/article.php?IdArticle=4353583 False None None None knowbe4 - cybersecurity services WIRED wrote: "More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet's rotation, the satellite beams high-speed internet down to people across Europe. S]]> 2022-03-24T19:20:26+00:00 https://blog.knowbe4.com/wired-a-mysterious-satellite-hack-has-victims-far-beyond-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4336426 False Hack None None knowbe4 - cybersecurity services Fidelity just published an article titled "Cybersecurity: A growing risk". They note that the threat of Russian cyberattacks highlights vulnerabilities across industries. I'm quoting a small section and I suggest you read the rest of the article here. ]]> 2022-03-24T19:05:50+00:00 https://blog.knowbe4.com/fidelity-why-cybersecurity-is-material-to-all-industries www.secnews.physaphae.fr/article.php?IdArticle=4336052 False Threat None None knowbe4 - cybersecurity services Scammers continue to exploit the crisis in Ukraine, according to researchers at Bitdefender. Over the past week, the researchers believe the fraudsters have adjusted their tactics in response to increased media coverage of these scams.]]> 2022-03-24T14:21:32+00:00 https://blog.knowbe4.com/repertoire-of-ukraine-charity-phishing-scams www.secnews.physaphae.fr/article.php?IdArticle=4334999 False None None None knowbe4 - cybersecurity services Google's Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang. EXOTIC LILY uses phishing attacks to gain access to organizations' networks, then sells this access to other gangs for further exploitation.]]> 2022-03-24T14:20:53+00:00 https://blog.knowbe4.com/initial-access-broker-group-relies-on-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=4335000 False Ransomware,Threat None None knowbe4 - cybersecurity services When it's time to complete a compliance audit, are you thinking, "Ugh, is it that time again?" And, as more organizations demand proof that  their data is protected in the cloud, keeping up with risk assessments and audits to prove compliance is a continuous problem.  ]]> 2022-03-24T12:00:00+00:00 https://blog.knowbe4.com/compliance-audit-readiness-assessment-soc-2-ssae-18-framework www.secnews.physaphae.fr/article.php?IdArticle=4334166 False None None None knowbe4 - cybersecurity services New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.]]> 2022-03-23T18:00:34+00:00 https://blog.knowbe4.com/number-of-phishing-attacks-hits-an-all-time-high-in-2021-tripling-that-of-early-2020 www.secnews.physaphae.fr/article.php?IdArticle=4330502 False None None None knowbe4 - cybersecurity services In an unusual turn of events, a recent court decision sided with the policyholder, despite specific policy language that probably should have favored the insurer.]]> 2022-03-23T18:00:26+00:00 https://blog.knowbe4.com/phishing-attack-wire-fraud-case-favors-policyholder www.secnews.physaphae.fr/article.php?IdArticle=4330503 False None None None knowbe4 - cybersecurity services As if stealing all your credentials, cookies, and email wasn't bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims.]]> 2022-03-23T18:00:06+00:00 https://blog.knowbe4.com/qakbot-takes-over-email-conversations-to-spread-malware www.secnews.physaphae.fr/article.php?IdArticle=4330504 False Malware None None knowbe4 - cybersecurity services This simple invoice scam appears to be a part of a much broader campaign targeting municipalities, posing as existing subcontractors.]]> 2022-03-23T17:59:56+00:00 https://blog.knowbe4.com/phishing-scam-costs-city-of-fresno-over-600000 www.secnews.physaphae.fr/article.php?IdArticle=4330505 False None None None knowbe4 - cybersecurity services Researchers at Avanan warn that attackers are using reCAPTCHAs on their phishing sites to avoid detection by security scanners.]]> 2022-03-23T12:46:14+00:00 https://blog.knowbe4.com/exploiting-trust-in-recaptcha www.secnews.physaphae.fr/article.php?IdArticle=4328861 False None None None knowbe4 - cybersecurity services The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, as well as how the tech still needs to improve.]]> 2022-03-22T20:10:05+00:00 https://blog.knowbe4.com/zelenskyy-deepfake-video-modern-war-is-online www.secnews.physaphae.fr/article.php?IdArticle=4325613 False None None None knowbe4 - cybersecurity services New data shows phishing, social engineering, and impersonation dominate as cybercriminals are becoming more frequent and successful with their attacks.]]> 2022-03-22T20:08:43+00:00 https://blog.knowbe4.com/smb-experience-social-engineering-phishing www.secnews.physaphae.fr/article.php?IdArticle=4325614 False None None None knowbe4 - cybersecurity services [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks   Email not displaying? | CyberheistNews Vol 12 #12  |   Mar. 22nd., 2022 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks With the recent cyber attacks between Russia and Ukraine and the current intelligence coming from the U.S. Government, organizations want to shore up their defenses to reduce the risk of a successful attack by any nation-state. ]]> 2022-03-22T15:06:15+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-12-white-house-alert-train-your-users-against-threat-of-russian-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=4324007 True Threat None None knowbe4 - cybersecurity services With the recent cyber-attacks between Russia and Ukraine and the current intelligence coming from the US Government, organizations want to shore up their defenses to reduce the risk of a successful attack by any nation-state. ]]> 2022-03-21T22:16:51+00:00 https://blog.knowbe4.com/breaking-white-house-warns-russia-is-prepping-possible-cyberattacks-against-us www.secnews.physaphae.fr/article.php?IdArticle=4320327 False None None None knowbe4 - cybersecurity services One of the challenges cyber criminals face is that their scams often have a relatively short shelf-life. Once they've been used, the gaff is quickly blown, and the scammers hope to realize their gains before most of the potential marks are wise to the scam.]]> 2022-03-21T14:40:34+00:00 https://blog.knowbe4.com/chameleon-phishing-website-pages www.secnews.physaphae.fr/article.php?IdArticle=4317837 False None None None knowbe4 - cybersecurity services There is a new ransomware-as-a-service (RaaS) strain called LokiLocker, researchers at Blackberry warn. The malware uses rare code obfuscation and includes a file wiper component that attackers can deploy if their victims don't pay. "It shouldn't be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. ]]> 2022-03-17T12:43:59+00:00 https://blog.knowbe4.com/heads-up-new-evil-ransomware-feature-disk-wiper-if-you-dont-pay www.secnews.physaphae.fr/article.php?IdArticle=4298335 False Ransomware,Malware None None knowbe4 - cybersecurity services We're thrilled to announce that KnowBe4 has been named a Leader in The Forrester WaveTM : Security Awareness and Training Solutions, Q1 2022 report based on our current offering, strategy and market presence.]]> 2022-03-17T12:00:00+00:00 https://blog.knowbe4.com/knowbe4-named-a-leader-in-the-forrester-wave-for-security-awareness-and-training-solutions-2022 www.secnews.physaphae.fr/article.php?IdArticle=4297741 False Guideline None None knowbe4 - cybersecurity services New insight into the state of the attacks and threats paints a picture where the cybercriminals are growing in number, sophistication and successes, while victims just sit back seemingly helpless.]]> 2022-03-16T14:27:52+00:00 https://blog.knowbe4.com/ransomware-data-leaks-increase-82-percent www.secnews.physaphae.fr/article.php?IdArticle=4292193 False None None None knowbe4 - cybersecurity services New data puts the spotlight on how most organizations unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response.]]> 2022-03-16T14:25:21+00:00 https://blog.knowbe4.com/three-fourths-of-organizations-experienced-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4292194 False Ransomware None None knowbe4 - cybersecurity services Despite cloud vendors like Google detecting reverse proxies or man-in-the-middle (MiTM) attacks and halting logons to thwart malicious actions, a new method easily gains access.]]> 2022-03-16T14:20:57+00:00 https://blog.knowbe4.com/phishing-method-uses-vnc-to-bypass-mfa-measures www.secnews.physaphae.fr/article.php?IdArticle=4292195 False None None None knowbe4 - cybersecurity services Newly discovered data-destroying malware was found this week in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. "This new malware erases user data and partition information from attached drives," ESET Research Labs explained.]]> 2022-03-15T20:10:10+00:00 https://blog.knowbe4.com/eye-opener-ukraine-is-now-being-hit-with-4-different-strains-of-wiper-malware www.secnews.physaphae.fr/article.php?IdArticle=4287449 False Malware None None knowbe4 - cybersecurity services I am a member of OODA loop. They are a great team that keeps me up to date about InfoSec issues. Their site always has interesting articles and this one certainly got my attention. The title alone piqued my interest. I'm quoting the first few paragraphs and then link to the rest of the article. I think you will like it too:]]> 2022-03-15T15:28:19+00:00 https://blog.knowbe4.com/we-are-in-the-first-open-source-intelligence-war www.secnews.physaphae.fr/article.php?IdArticle=4285649 False None None None knowbe4 - cybersecurity services [Heads Up] FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs   Email not displaying? | CyberheistNews Vol 12 #11 |   Mar. 15th., 2022 [Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors. ]]> 2022-03-15T13:41:15+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-11-heads-up-fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs www.secnews.physaphae.fr/article.php?IdArticle=4284892 True Ransomware None None knowbe4 - cybersecurity services Shipping fraud had a global increase of nearly 800% over the course of 2021, according to TransUnion's 2022 Global Digital Fraud Trends Report. ]]> 2022-03-15T12:48:09+00:00 https://blog.knowbe4.com/shipping-fraud-rises-nearly-800-percent www.secnews.physaphae.fr/article.php?IdArticle=4284271 False None None None knowbe4 - cybersecurity services The cybercrime market has skyrocketed in a frightening way. With threats such as ransomware to Business Email Compromise (BEC), the stakes are higher than ever for organizations across all industries.]]> 2022-03-15T12:43:58+00:00 https://blog.knowbe4.com/cybercrime-as-a-service-evolution-how-to-fight-back www.secnews.physaphae.fr/article.php?IdArticle=4284272 False Ransomware None None knowbe4 - cybersecurity services Email is the familiar form of phishing, but there's an ongoing criminal campaign that follows a different, arguably subtler avenue of approach: the corporate contact form. Abnormal Security has found that the BazarBackdoor is being distributed through this social engineering technique that succeeds in bypassing email filters.]]> 2022-03-14T13:16:00+00:00 https://blog.knowbe4.com/social-engineering-through-contact-form www.secnews.physaphae.fr/article.php?IdArticle=4277478 False None None None knowbe4 - cybersecurity services New analysis of attacks in 2021 show massive increases across the board, painting a very concerning picture for this year around cyberattacks of all types.]]> 2022-03-11T15:28:20+00:00 https://blog.knowbe4.com/email-based-vishing-attacks-skyrocket-554-percent www.secnews.physaphae.fr/article.php?IdArticle=4261108 False Malware None None knowbe4 - cybersecurity services Researchers at Malwarebytes warn of a phishing campaign that's targeting the oil and gas industry by impersonating Saudi Aramco.]]> 2022-03-10T14:31:37+00:00 https://blog.knowbe4.com/warm-greetings-or-not-saudi-aramco-impersonation www.secnews.physaphae.fr/article.php?IdArticle=4254532 False None None None knowbe4 - cybersecurity services As part of either impersonating known brands or simply leveraging credible cloud services, the use of a web page as part of an attack has become a staple for threat actors.]]> 2022-03-10T14:31:15+00:00 https://blog.knowbe4.com/phishing-and-scam-pages-increase-by-153-percent www.secnews.physaphae.fr/article.php?IdArticle=4254533 False Threat None None knowbe4 - cybersecurity services New data focusing on user cyber hygiene around password use shows users are repeatedly reusing passwords across multiple applications and environments, despite the rise in breaches.]]> 2022-03-10T14:30:39+00:00 https://blog.knowbe4.com/passwords-reused-64-percent-of-the-time www.secnews.physaphae.fr/article.php?IdArticle=4254534 False None None None knowbe4 - cybersecurity services With 2021 being the “testing ground” for ransomware extortion, 2022 is showing signs of ransomware gangs settling in on proven extortion tactics to ensure payment.]]> 2022-03-09T15:58:22+00:00 https://blog.knowbe4.com/83-of-all-successful-ransomware-attacks-featured-double-and-triple-extortion www.secnews.physaphae.fr/article.php?IdArticle=4250356 False Ransomware None None knowbe4 - cybersecurity services As details of the February attack continue to be divulged, it becomes evident that cybercriminals were able to get past both users and security controls.]]> 2022-03-09T15:58:04+00:00 https://blog.knowbe4.com/social-engineering-a-major-factor-in-cyberattack-on-camera-maker-axis-communications www.secnews.physaphae.fr/article.php?IdArticle=4250357 False None None None knowbe4 - cybersecurity services Researchers from Secureworks' Counter Threat Unit (CTU) are tracking phishing domains used by the “MOONSCAPE” threat actor to target users in Ukraine. The researchers note that Ukraine's Computer Emergency Response Team (CERT-UA) has attributed this campaign to the Belarusian threat actor UNC1151, but Secureworks hasn't yet confirmed this attribution. Belarus is one of Russia's closest allies, and is assisting in Moscow's war against Ukraine.]]> 2022-03-09T14:05:47+00:00 https://blog.knowbe4.com/domains-associated-with-phishing-directed-against-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4249909 False Threat None None knowbe4 - cybersecurity services Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.]]> 2022-03-09T13:50:37+00:00 https://blog.knowbe4.com/2021-phishing-impersonation-attack-trends-2021 www.secnews.physaphae.fr/article.php?IdArticle=4249910 False None None None knowbe4 - cybersecurity services [Heads Up] A New Phishing Attack Warns About A Suspicious Russian Login   Email not displaying? | CyberheistNews Vol 12 #10  |   Mar. 8th., 2022 [Heads Up] A New Phishing Attack Warns About a Suspicious Russian Login The human cost of war is horrific. All Knowsters are shocked and saddened by the all-out Russia-Ukraine land war. However, we are also inspired by the Ukrainian people for their bravery, resistance and resilience. As we all know, the price of freedom is eternal vigilance combined with the willingness to fight back. ]]> 2022-03-08T14:16:18+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-10-heads-up-a-new-phishing-attack-warns-about-a-suspicious-russian-login www.secnews.physaphae.fr/article.php?IdArticle=4246106 False None None None knowbe4 - cybersecurity services We're thrilled to announce the long-awaited fourth season of the award-winning KnowBe4 Original Series - 'The Inside Man' is now available in the KnowBe4 ModStore!]]> 2022-03-08T13:30:14+00:00 https://blog.knowbe4.com/world-premiere-knowbe4s-new-season-4-of-netflix-style-security-awareness-video-series-the-inside-man www.secnews.physaphae.fr/article.php?IdArticle=4245698 False None None None knowbe4 - cybersecurity services The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors.]]> 2022-03-08T13:02:39+00:00 https://blog.knowbe4.com/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs www.secnews.physaphae.fr/article.php?IdArticle=4245530 True Ransomware None None knowbe4 - cybersecurity services Scammers are sending phony text messages (aka Smishing or SMS Phishing) informing people in the US that they've been drafted by the US Army, according to Army Times.]]> 2022-03-07T14:48:53+00:00 https://blog.knowbe4.com/by-the-way-theres-no-draft-smishing-campaign www.secnews.physaphae.fr/article.php?IdArticle=4241707 False None None None knowbe4 - cybersecurity services The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered.  Sleepless nights followed for many. But a shortage of time and manpower has left this vulnerability wide open in many organizations. Is your organization one of them?]]> 2022-03-07T13:00:00+00:00 https://blog.knowbe4.com/log4j-kevin-mitnick-explains-one-of-the-most-serious-vulnerabilities-in-the-last-decade www.secnews.physaphae.fr/article.php?IdArticle=4241119 False Vulnerability None None knowbe4 - cybersecurity services RCE. These three letters add increased levels of stress to cybersecurity professionals regarding vulnerabilities against their hardware or software within their risk management program. ]]> 2022-03-04T19:42:05+00:00 https://blog.knowbe4.com/log4j-vulnerability-remote-code-execution-rce-national-vulnerability-database www.secnews.physaphae.fr/article.php?IdArticle=4228387 False Vulnerability None None knowbe4 - cybersecurity services Imagine needing to share a large PDF non-confidential document with a customer. It is too large to send via email, and recently you started using a cloud file sharing service to store files and make them accessible on your smartphone, tablet or other computers. You upload the file to the filesharing service and then share the link with the customer to make things easier. After a few clicks, a link is sent to the customer and they download the PDF document. The next day, you get a phone call from one of the information security officers from the organization asking about a file they noticed you transferred out of the company to the filesharing service.]]> 2022-03-04T15:24:28+00:00 https://blog.knowbe4.com/q1-2022-knowbe4-research-report-shadow-it-impacts-security-culture www.secnews.physaphae.fr/article.php?IdArticle=4227107 False None None None knowbe4 - cybersecurity services During the period the world has dubbed “the great resignation”, phishing scammers are shifting tactics to take advantage of those looking for a new career or place of employment.]]> 2022-03-04T13:34:15+00:00 https://blog.knowbe4.com/phishing-attacks-impersonating-linkedin-are-up-232-in-the-last-month-alone www.secnews.physaphae.fr/article.php?IdArticle=4226504 False None None None knowbe4 - cybersecurity services In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of a successful scam.]]> 2022-03-04T13:34:12+00:00 https://blog.knowbe4.com/fbi-scammers-take-business-email-compromise-attacks-to-virtual-meeting-platforms www.secnews.physaphae.fr/article.php?IdArticle=4226505 False None None None knowbe4 - cybersecurity services New advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its' impact.]]> 2022-03-04T13:34:08+00:00 https://blog.knowbe4.com/cisa-2021-cyberattack-trends-indicate-increases-in-global-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4226506 False Ransomware None None knowbe4 - cybersecurity services Check out the 28 new pieces of training content added in February, alongside the always fresh content update highlights and new features.]]> 2022-03-04T13:00:00+00:00 https://blog.knowbe4.com/your-knowbe4-fresh-content-updates-from-february-2022 www.secnews.physaphae.fr/article.php?IdArticle=4226348 True None None None knowbe4 - cybersecurity services A real US Army colonel named Daniel Blackmon is being impersonated in hundreds or even thousands of romance scams, according to Haley Britzky at Task & Purpose. The scammers took pictures from Col. Blackmon's social media pages and used them to craft phony profiles. The real Blackmon, who is happily married and utterly unconnected with the scammers, is aware of these scams and is doing his best to let people know that he won't message them if he doesn't know them, and that he won't ask for money.]]> 2022-03-03T13:40:41+00:00 https://blog.knowbe4.com/what-its-like-to-be-the-face-of-romance-scams www.secnews.physaphae.fr/article.php?IdArticle=4221327 False None None None knowbe4 - cybersecurity services We're thrilled to introduce the Security Culture Maturity Model, the industry's first maturity model specifically geared to measure security culture!]]> 2022-03-02T19:19:06+00:00 https://blog.knowbe4.com/gain-insight-into-where-your-organization-stands-with-the-security-culture-maturity-model www.secnews.physaphae.fr/article.php?IdArticle=4217372 False None None None knowbe4 - cybersecurity services New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.]]> 2022-03-02T18:32:16+00:00 https://blog.knowbe4.com/data-breach-volumes-in-the-u.s.-grow-by-10-in-2021 www.secnews.physaphae.fr/article.php?IdArticle=4216896 False Data Breach None None knowbe4 - cybersecurity services A new series of "help Ukraine" donation posts have sprouted up across the Internet, but are really a cryptocurrency scam enticing users send crypto donations to counterfeit addresses.]]> 2022-03-02T18:32:00+00:00 https://blog.knowbe4.com/timely-help-ukraine-online-crypto-scams-take-in-millions www.secnews.physaphae.fr/article.php?IdArticle=4216897 False None None None knowbe4 - cybersecurity services With mobile devices used as secondary authentication, threat actors have been stepping up activity, looking for ways to transfer phone numbers to cybercriminal-controlled devices.]]> 2022-03-02T18:31:47+00:00 https://blog.knowbe4.com/fbi-sim-swapping-attacks-see-more-than-500-increases-in-the-number-of-attacks-and-monetary-losses www.secnews.physaphae.fr/article.php?IdArticle=4216898 False Threat None None knowbe4 - cybersecurity services New data obtained from the UK's Information Commissioner's Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK's information rights organization.]]> 2022-03-02T18:31:34+00:00 https://blog.knowbe4.com/uk-ico-sees-a-massive-increase-in-targeted-email-attacks www.secnews.physaphae.fr/article.php?IdArticle=4216899 False None None None knowbe4 - cybersecurity services Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the issue, which “opens a fresh email with a pre-filled message to be sent to a specific email account.” If a user sends this email, the attacker will reply and attempt to rope them further into the scam.]]> 2022-03-02T13:48:36+00:00 https://blog.knowbe4.com/phishing-emails-warn-of-a-suspicious-login-from-russia www.secnews.physaphae.fr/article.php?IdArticle=4215207 False None None None knowbe4 - cybersecurity services [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk   Email not displaying? | CyberheistNews Vol 12 #09  |   Mar. 1st., 2022 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk   The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine. ]]> 2022-03-01T19:07:44+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-09-heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover www.secnews.physaphae.fr/article.php?IdArticle=4209918 True Malware NotPetya None knowbe4 - cybersecurity services New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.]]> 2022-03-01T14:42:52+00:00 https://blog.knowbe4.com/scammers-will-take-advantage-of-new-irs-rules www.secnews.physaphae.fr/article.php?IdArticle=4208085 False None None None knowbe4 - cybersecurity services NextGov reports: "Chairman Sen. Mark Warner, D-Va, gives an opening statement as FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify at a Senate Intelligence Committee hearing on Capitol Hill on February 23, 2021.  ]]> 2022-03-01T11:49:52+00:00 https://blog.knowbe4.com/russia-could-absolutely-lash-out-at-us-through-cyber-lawmaker-warns www.secnews.physaphae.fr/article.php?IdArticle=4206734 False None None None knowbe4 - cybersecurity services It's easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only gives them another pretext to dangle in front of the unwary.]]> 2022-02-28T15:45:46+00:00 https://blog.knowbe4.com/wartime-suffering-as-phishbait www.secnews.physaphae.fr/article.php?IdArticle=4200740 False None None None knowbe4 - cybersecurity services With an ongoing land war in Ukraine, everyone needs to be alert for the Kremlin's parallel disinformation campaigns. Many people simply are not aware of the massive amount of false data that is being spread by an extensive, Russia-controlled network of media outlets, websites and social media accounts. The Russian government is spreading disinformation to at least 4 different audiences: ]]> 2022-02-27T13:26:32+00:00 https://blog.knowbe4.com/eyes-open-the-kremlin-propaganda-machine-now-works-overtime.-infographic www.secnews.physaphae.fr/article.php?IdArticle=4195487 False None None None knowbe4 - cybersecurity services The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.  ]]> 2022-02-25T12:12:46+00:00 https://blog.knowbe4.com/heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover-risk www.secnews.physaphae.fr/article.php?IdArticle=4182126 False Malware NotPetya None knowbe4 - cybersecurity services A sextortion phishing campaign is targeting French speakers accusing them of viewing child abuse content, according to Paul Ducklin at Naked Security. The emails purport to come from the French police, and are designed to frighten users into replying to the email to assert their innocence. After a user replies, the scammer will attempt to convince them to pay a bogus fine to have the matter dropped.]]> 2022-02-23T14:46:21+00:00 https://blog.knowbe4.com/when-the-phishers-want-a-reply-not-a-click www.secnews.physaphae.fr/article.php?IdArticle=4172266 False None None None knowbe4 - cybersecurity services   ]]> 2022-02-22T14:52:39+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-08-eye-opener-here-are-the-4-traits-of-most-scams www.secnews.physaphae.fr/article.php?IdArticle=4166702 False None None None knowbe4 - cybersecurity services A phishing campaign is targeting users of the UK-based digital banking company Monzo, BleepingComputer reports. Security researcher William Thomas came across an SMS phishing (smishing) campaign that's sending text messages that purport to come from Monzo.]]> 2022-02-22T14:02:06+00:00 https://blog.knowbe4.com/new-phishing-campaign-angles-for-monzo-banking-customers www.secnews.physaphae.fr/article.php?IdArticle=4166521 False None None None knowbe4 - cybersecurity services Used to disguise malicious file extensions, this legacy functionality is being repurposed in attacks to obfuscate attachment types and steal credentials in an impressive way.]]> 2022-02-22T14:01:58+00:00 https://blog.knowbe4.com/20-year-old-right-to-left-override-functionality-used-in-attacks-to-trick-microsoft-365-users-out-of-credentials www.secnews.physaphae.fr/article.php?IdArticle=4166522 False None None None knowbe4 - cybersecurity services This banking trojan-turned-information-stealer has been around for nearly 15 years. But its latest iteration – seen even in the past few weeks – has stepped up in its' ability to act quickly.]]> 2022-02-22T14:01:50+00:00 https://blog.knowbe4.com/new-qbot-attack-only-takes-30-minutes-to-elevate-privileges-and-steal-data www.secnews.physaphae.fr/article.php?IdArticle=4166523 False None None None knowbe4 - cybersecurity services Scams follow fashion because money follows fashion. So it's no surprise that non-fungible tokens (NFTs), which have become a hot speculative property, have drawn scam artists for phishing campaigns. They're not so much interested in the NFTs themselves as they are in the speculators' cash. OceanSea, a leading NFT marketplace, has responded to panicky tweets from users to reassure them that it's on top of rumors of “an exploit” connected to the smart contracts traders use.]]> 2022-02-21T19:50:06+00:00 https://blog.knowbe4.com/phishing-campaign-targets-nft-speculators www.secnews.physaphae.fr/article.php?IdArticle=4162600 False Guideline APT 32 None knowbe4 - cybersecurity services In a post Wednesday last week, Microsoft issued a warning that they are seeing a brand new type of blockchain-centric attack aimed at web3 -- a term used to describe the decentralized environment created on the blockchain. ]]> 2022-02-20T19:56:23+00:00 https://blog.knowbe4.com/heads-up-there-is-a-whole-new-type-of-blockchain-scam-called-ice-phishing www.secnews.physaphae.fr/article.php?IdArticle=4156866 False None None None knowbe4 - cybersecurity services New analysis of ransomware attacks shows growth in the number of active strains, ransoms collected, and use of third-party services all adding up to a more organized and profitable industry.]]> 2022-02-17T15:08:55+00:00 https://blog.knowbe4.com/conti-ransomware-attacks-reap-in-180-million-in-2021-as-average-ransomware-payments-rise-by-34 www.secnews.physaphae.fr/article.php?IdArticle=4139319 False Ransomware None None knowbe4 - cybersecurity services Use of QR codes is becoming a mainstream part of advertising, but also is getting the attention of scammers intent on redirecting you to a malicious site they control.]]> 2022-02-17T15:08:51+00:00 https://blog.knowbe4.com/coinbases-qr-code-superbowl-ad-only-helps-normalize-qr-based-scams www.secnews.physaphae.fr/article.php?IdArticle=4139320 False None None None knowbe4 - cybersecurity services Organizations that are not using Microsoft's multi-factor authentication are finding themselves victims of credential attacks that involve threat actors installing Outlook on a controlled device.]]> 2022-02-17T15:08:48+00:00 https://blog.knowbe4.com/scammers-use-a-mix-of-stolen-credentials-inbox-rules-and-a-rogue-outlook-client-install-to-phish-internal-and-external-victims www.secnews.physaphae.fr/article.php?IdArticle=4139321 False Threat None None knowbe4 - cybersecurity services There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friend's accounts are compromised all the time and I get sent scam requests for easy money. I get at least one scam message via SMS every day. My email inbox is full of phishing scams. I occasionally get phone calls from criminals claiming to be from my bank or some other local provider.]]> 2022-02-16T20:01:55+00:00 https://blog.knowbe4.com/traits-of-most-scams www.secnews.physaphae.fr/article.php?IdArticle=4137777 False None None None