This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T21:54:10+00:00 www.secnews.physaphae.fr knowbe4 - cybersecurity services There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friend's accounts are compromised all the time and I get sent scam requests for easy money. I get at least one scam message via SMS every day. My email inbox is full of phishing scams. I occasionally get phone calls from criminals claiming to be from my bank or some other local provider.]]> 2022-02-16T20:01:55+00:00 https://blog.knowbe4.com/traits-of-most-scams www.secnews.physaphae.fr/article.php?IdArticle=4137777 False None None None knowbe4 - cybersecurity services Phishing attacks on social media doubled over the course of 2021, according to a new report from PhishLabs by HelpSystems. Most (68%) of these attacks targeted organizations in the financial sector, followed by the telecommunications sector in second place at 24%.]]> 2022-02-16T13:38:03+00:00 https://blog.knowbe4.com/phishing-attacks-on-social-media-doubled-over-2021 www.secnews.physaphae.fr/article.php?IdArticle=4137778 False None None None knowbe4 - cybersecurity services [Heads Up] FBI Warns Against New Criminal QR Code Scams   Email not displaying? | CyberheistNews Vol 12 #07  |   Feb. 15th., 2022 [Heads Up] FBI Warns Against New Criminal QR Code Scams QR codes have been around for many years. While they were adopted for certain niche uses, they never did quite reach their full potential. They are a bit like Rick Astley in that regard, really popular for one song, but well after the boat had sailed. Do not get me wrong, Rick Astley achieved a lot. In recent years, he has become immortalized as a meme and Rick roller, but he could have been so much more. However, in recent years, with lockdown and the drive to keep things at arms length, QR codes have become an efficient way to facilitate contactless communications, or the transfer of offers without physically handing over a coupon. As this has grown in popularity, more people have become familiar with how to generate their own QR codes and how to use them as virtual business cards, discount codes, links to videos and all sorts of other things. QRime Codes As with most things, once they begin to gain a bit of popularity, criminals move in to see how they can manipulate the situation to their advantage. Recently, we have seen fake QR codes stuck to parking meters enticing unwitting drivers to scan the code, and hand over their payment details believing they were paying for parking, whereas they were actually handing over their payment information to criminals. The rise in QR code fraud resulted in the FBI releasing an advisory warning against fake QR codes that are being used to scam users. In many cases, a fake QR code will lead people to a website that looks like the intended legitimate site. So, the usual verification process of checking the URL and any other red flags apply. CONTINUED with links and 4 example malicious QR codes on the KnowBe4 blog: https://blog.knowbe4.com/qr-codes-in-the-time-of-cybercrime ]]> 2022-02-15T14:24:51+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-07-heads-up-fbi-warns-against-new-criminal-qr-code-scams www.secnews.physaphae.fr/article.php?IdArticle=4133418 False Ransomware,Data Breach,Spam,Malware,Threat,Guideline APT 43,APT 15 None knowbe4 - cybersecurity services If you think the only way your network and devices can be compromised via email is phishing, think again! ]]> 2022-02-14T20:58:14+00:00 https://blog.knowbe4.com/incredible-email-hacks-youd-never-expect-and-how-you-can-stop-them www.secnews.physaphae.fr/article.php?IdArticle=4128340 False None None None knowbe4 - cybersecurity services Meta (Facebook's corporate parent) and the digital banking company Chime have filed a joint lawsuit against two Nigerian citizens for allegedly impersonating Chime in phishing attacks, BleepingComputer reports. The defendants are accused of using “more than five Facebook accounts and more than 800 Instagram accounts” to direct users to spoofed Chime login pages in order to harvest their credentials.]]> 2022-02-14T13:54:05+00:00 https://blog.knowbe4.com/meta-files-lawsuit-over-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=4124995 False None None None knowbe4 - cybersecurity services In the wake of the great reset, cybercriminals are finding success posing as legitimate companies in job postings seeking new hires on well-known job sites.]]> 2022-02-11T13:53:08+00:00 https://blog.knowbe4.com/fbi-scammers-exploit-job-posting-sites-with-fake-jobs-to-steal-money-and-personal-information www.secnews.physaphae.fr/article.php?IdArticle=4112077 False None None None knowbe4 - cybersecurity services Abusing cloud providers including Microsoft Azure and AWS, cybercriminals are setting up malicious infrastructure to hide their operations and avoid detection.]]> 2022-02-11T13:52:41+00:00 https://blog.knowbe4.com/new-cyberattack-campaign-delivers-multiple-rats-via-trusted-cloud-services www.secnews.physaphae.fr/article.php?IdArticle=4112078 False None None None knowbe4 - cybersecurity services Even after the pandemic ends, many employees say they want to stay home and continue to work remotely. A recent study by the Mckinsey & Company that looked at over 800 jobs in nine countries revealed that 1 in 5 healthcare workers, a third of education workers, and a whopping 76% of those in finance and insurance can work from home with no loss of productivity.]]> 2022-02-11T13:00:00+00:00 https://blog.knowbe4.com/engaging-your-remote-workforce-go-beyond-compliance-with-training www.secnews.physaphae.fr/article.php?IdArticle=4111907 False None None None knowbe4 - cybersecurity services The healthcare sector is particularly vulnerable to phishing attacks, according to Mike Azzara at Mimecast. Employees in the healthcare industry need to be wary of brand impersonation attacks designed to steal credentials or hijack payments.]]> 2022-02-10T13:44:51+00:00 https://blog.knowbe4.com/brand-impersonation-and-the-healthcare-sector www.secnews.physaphae.fr/article.php?IdArticle=4105809 False None None None knowbe4 - cybersecurity services We're excited to announce that we have launched a new podcast called "Security Masterminds”! This podcast covers a range of topics in cybersecurity, with a particular focus on the human element. A new podcast will be released each month, with episodes lasting approximately 30 minutes. A variety of cybersecurity industry experts will be featured as guests.]]> 2022-02-09T19:33:21+00:00 https://blog.knowbe4.com/introducing-the-new-security-masterminds-podcast www.secnews.physaphae.fr/article.php?IdArticle=4101384 False None None None knowbe4 - cybersecurity services Ransomware is one of the most damaging types of cyber attacks of all time, and the one feared the most by business owners and cybersecurity defenders. This worry is not without reason. In an instant, an organization's critical IT infrastructure can be brought down for weeks to months, completely stopping all business. Some data and systems may be lost forever. Complete recovery may take over a year. Customer impacts may last long past the technical recovery process.]]> 2022-02-09T15:00:56+00:00 https://blog.knowbe4.com/a-new-ransomware-hostage-rescue-manual www.secnews.physaphae.fr/article.php?IdArticle=4100008 False Ransomware None None knowbe4 - cybersecurity services Cybercriminals are taking to more advanced functionality than traditional VBA scripting to both execute complex malicious actions via Excel and to obfuscate their true intention - phishing attacks.]]> 2022-02-08T23:25:28+00:00 https://blog.knowbe4.com/use-of-excel-.xll-add-ins-soars-nearly-600-to-infect-systems-in-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=4096598 False None None None knowbe4 - cybersecurity services With pressures by law enforcement on ransomware gangs in 2021, and more stringent security requirements by cyber insurers, cybercriminals are changing their tactics to ensure a payoff.]]> 2022-02-08T23:25:24+00:00 https://blog.knowbe4.com/average-ransomware-ransoms-jump-130-while-use-of-data-exfiltration-grows www.secnews.physaphae.fr/article.php?IdArticle=4096599 False Ransomware None None knowbe4 - cybersecurity services The history of ransomware spans over 30 years. The first specimen, known as the AIDS Trojan, was delivered via physical media using the postal system, and, upon its discovery, was quickly remediated by the security industry. More recent examples have proven comparatively more devastating, most notably the Colonial Pipeline incident, which caused fuel shortages and widespread disruption to much of the US East Coast. ]]> 2022-02-08T18:04:46+00:00 https://blog.knowbe4.com/the-evolution-and-future-of-ransomware www.secnews.physaphae.fr/article.php?IdArticle=4095079 False Ransomware None None knowbe4 - cybersecurity services Scammers are exploiting LinkedIn redirect links, or “Slinks,” to fool users and bypass email security filters, Brian Krebs reports. These links allow companies to track their marketing campaigns on LinkedIn, but they can be abused by criminals to create legitimate-looking URLs that redirect to phishing pages.]]> 2022-02-08T14:53:21+00:00 https://blog.knowbe4.com/scammers-now-exploit-slinks-in-linkedin www.secnews.physaphae.fr/article.php?IdArticle=4094183 False None None None knowbe4 - cybersecurity services [Heads Up] Beware of New QuickBooks Payment Scams   Email not displaying? | CyberheistNews Vol 12 #06  |   Feb. 8th., 2022 [Heads Up] Beware of New QuickBooks Payment Scams Many small and mid-sized companies use Intuit's popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program aggressively pushes other complimentary features. One of those add-on features is the ability to send customers' invoices via email. The payee can click on a “Review and pay” button in the email to pay the invoice. It used to be a free, but less mature, feature years ago, but these days, it costs extra. Still, if you are using QuickBooks for your accounting, the ability to generate, send, receive and electronically track invoices all in one place is a pretty easy sell. Unfortunately, phishing criminals are using QuickBooks' popularity to send business email compromise (BEC) scams. The emails appear as if they are coming from a legitimate vendor using QuickBooks, but if the potential victim takes the bait, the invoice they pay will be to the scammer. Worse, the payment request can require that the payee use ACH (automated clearing house) method, which requires the payee to input their bank account details. So, if the victim falls for the scam, the criminal now has their bank account information. Not good. Note: Some other QuickBooks scam warnings will tell you that QuickBooks will never ask for your ACH or banking details. This is not completely true. QuickBooks, the company and its support staff, never will, but QuickBooks email payment requests often do. Warn your users in Accounting. CONTINUED at the KnowBe4 blog with both legit and malicious example screenshots: https://blog.knowbe4.com/beware-of-quickbooks-payment-scams ]]> 2022-02-08T14:23:51+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-06-heads-up-beware-of-new-quickbooks-payment-scams www.secnews.physaphae.fr/article.php?IdArticle=4094184 False Malware,Hack,Threat,Conference APT 35 None knowbe4 - cybersecurity services QR codes have been around for many years. While they were adopted for certain niche uses, they never did quite reach their full potential. They are a bit like Rick Astley in that regard, really popular for one song, but well after the boat had sailed. Do not get me wrong, Rick Astley achieved a lot. In recent years, he has become immortalised as a meme and Rick roller, but he could have been so much more. ]]> 2022-02-07T18:55:27+00:00 https://blog.knowbe4.com/qr-codes-in-the-time-of-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=4091596 False None None None knowbe4 - cybersecurity services It's that time again, when we all dread finding out if we owe money or not. And cybercriminals are banking on it with a wide range of scams that all impersonate the IRS.]]> 2022-02-07T14:55:24+00:00 https://blog.knowbe4.com/as-tax-season-starts-so-do-irs-scams-heres-what-to-look-for www.secnews.physaphae.fr/article.php?IdArticle=4090995 False None None None knowbe4 - cybersecurity services We are excited to announce that KnowBe4 has been named a leader in the Winter 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the third consecutive quarter!]]> 2022-02-04T18:28:02+00:00 https://blog.knowbe4.com/knowbe4-named-a-leader-in-the-winter-2022-g2-grid-report-for-security-orchestration-automation-and-response-soar www.secnews.physaphae.fr/article.php?IdArticle=4082246 False Guideline None None knowbe4 - cybersecurity services I do not have the data to support my conclusion, but myself and others have noticed the sharp increase in email phishing attempts that include only a phishing message and a phone number to call. There are no embedded links or file attachments, and the subjects are just plausible enough that I can see them slipping by normal phishing filters and tricking some very small percentage of people. ]]> 2022-02-04T13:59:55+00:00 https://blog.knowbe4.com/phone-number-only-phishing-on-the-rise www.secnews.physaphae.fr/article.php?IdArticle=4080591 False None None None knowbe4 - cybersecurity services The key to really good cybersecurity is to concentrate on just 4 things. Master them first before you begin to try and do the other hundreds of things that everyone else is going to tell you need to do.]]> 2022-02-03T20:28:15+00:00 https://blog.knowbe4.com/the-4-things-you-should-be-doing-right-now-to-best-improve-your-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=4077780 False None None None knowbe4 - cybersecurity services Security professionals can often be perceived as being overly paranoid. Don't click this or the criminals will get into the system, always have at least 3 firewalls to prevent the nuclear codes from being stolen, and any password shorter than 64 characters is about as useful as half a pair of scissors. ]]> 2022-02-03T20:17:15+00:00 https://blog.knowbe4.com/the-benefits-of-paranoia www.secnews.physaphae.fr/article.php?IdArticle=4077781 False None None None knowbe4 - cybersecurity services Orders of top-selling snack brands from KP Snacks are on hold in the aftermath of a Conti ransomware attack that includes data theft of confidential information.]]> 2022-02-03T20:15:47+00:00 https://blog.knowbe4.com/u.k.-snack-manufacturer-expects-months-of-delays-after-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=4077782 False Ransomware None None knowbe4 - cybersecurity services Check out the 20 new pieces of training content added in January, alongside the always fresh content update highlights and new features.]]> 2022-02-03T14:14:53+00:00 https://blog.knowbe4.com/your-knowbe4-fresh-content-updates-from-january-2022 www.secnews.physaphae.fr/article.php?IdArticle=4076346 True None None None knowbe4 - cybersecurity services Researchers at Norton LifeLock have found that web trackers are collecting much more information about users' browsing activity than had previously been believed. Such trackers can follow users around much of the Internet in order to build a profile about them. The profiles are usually compiled for advertising purposes.]]> 2022-02-03T13:27:29+00:00 https://blog.knowbe4.com/web-trackers-collect-much-more-info-about-your-users-browsing-activity-than-previously-believed www.secnews.physaphae.fr/article.php?IdArticle=4076003 False None None 4.0000000000000000 knowbe4 - cybersecurity services We are excited to announce that the power of AI has been brought to the KnowBe4 Optional Learning feature to offer users suggestions for additional training opportunities.]]> 2022-02-03T13:00:00+00:00 https://blog.knowbe4.com/new-feature-give-your-users-additional-learning-opportunities-driven-by-ai-with-new-ai-recommended-optional-learning-feature www.secnews.physaphae.fr/article.php?IdArticle=4075841 False None None None knowbe4 - cybersecurity services New analysis of published data from ransomware attacks puts the spotlight on the potential that some of your most critical data stolen puts you materially at risk of another attack.]]> 2022-02-02T20:51:37+00:00 https://blog.knowbe4.com/1-in-7-ransomware-extortion-leaks-include-sensitive-operational-technology-details www.secnews.physaphae.fr/article.php?IdArticle=4072784 False Ransomware None None knowbe4 - cybersecurity services With the lines increasingly blurred between whether a cyber attack is “state sponsored” or just a malicious group of individuals, we're likely going to see more denials of claims.]]> 2022-02-02T20:50:42+00:00 https://blog.knowbe4.com/opinion-is-your-cyber-insurance-going-to-cover-cyber-war www.secnews.physaphae.fr/article.php?IdArticle=4072785 False None None None knowbe4 - cybersecurity services We're excited to announce the release of the official trailer for Season 4 of the award-winning Knowbe4 Original Series - 'The Inside Man'!]]> 2022-02-02T13:00:00+00:00 https://blog.knowbe4.com/knowbe4-unveils-official-trailer-for-the-inside-man-season-4 www.secnews.physaphae.fr/article.php?IdArticle=4070229 False None None None knowbe4 - cybersecurity services New data shows a massive increase between October 2021 and January 2022 in phishing attacks focusing on one of the world's current concerns for home and in-office testing.]]> 2022-02-01T19:40:11+00:00 https://blog.knowbe4.com/covid-19-test-related-phishing-scams-jump-521-into-january www.secnews.physaphae.fr/article.php?IdArticle=4067224 False None None None knowbe4 - cybersecurity services Security Threat Researchers at Symantec have published details about malware being put out by the “Gamaredon” threat group (who have been tied to Russian Federal Security Service), responsible for attacks in the Ukraine since 2013.]]> 2022-02-01T19:40:07+00:00 https://blog.knowbe4.com/8-new-malware-payloads-spotted-as-part-of-attacks-against-ukrainian-targets www.secnews.physaphae.fr/article.php?IdArticle=4067225 False Malware,Threat None None knowbe4 - cybersecurity services A phishing campaign is impersonating Zoom in order to steal users' Microsoft credentials, according to Lauryn Cash at Armorblox. The emails landed in about 10,000 inboxes, and targeted “a major online mortgage brokerage company located in North America.”]]> 2022-02-01T19:40:04+00:00 https://blog.knowbe4.com/new-phishing-campaign-is-impersonating-zoom-to-steal-credentials www.secnews.physaphae.fr/article.php?IdArticle=4067226 False None None None knowbe4 - cybersecurity services   ]]> 2022-02-01T14:37:29+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-05-dhs-sounds-alarm-on-new-russian-destructive-disk-wiper-attack-potential www.secnews.physaphae.fr/article.php?IdArticle=4065596 False Ransomware,Malware,Hack,Tool,Threat,Guideline NotPetya,NotPetya,APT 27,APT 27,Wannacry,Wannacry None knowbe4 - cybersecurity services Many small and mid-sized companies use Intuit's very popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program aggressively pushes other complimentary features. One of those add-on features is the ability to send customers' invoices via email. The payee can click on a “Review and pay” button in the email to pay the invoice. It used to be a free, but less mature, feature years ago, but these days, it costs extra. Still, if you are using QuickBooks for your accounting, the ability to generate, send, receive and electronically track invoices all in one place is a pretty easy sell. Intuit touts QuickBooks' ability to send email invoices here. ]]> 2022-01-31T14:16:17+00:00 https://blog.knowbe4.com/beware-of-quickbooks-payment-scams www.secnews.physaphae.fr/article.php?IdArticle=4059312 False None None None knowbe4 - cybersecurity services Attackers are exploiting pandemic-related supply-chain disruptions to launch phishing campaigns, according to Troy Gill, senior manager of threat intelligence at Zix. In an article for Threatpost, Gill describes a phishing attack that impersonated a major shipping company.]]> 2022-01-31T14:16:14+00:00 https://blog.knowbe4.com/increased-shipping-delays-now-served-as-phishbait www.secnews.physaphae.fr/article.php?IdArticle=4059313 False Threat None None knowbe4 - cybersecurity services We're pleased to announce that we have been featured in Okta's eighth edition of the "Business at Work" report. This report is an in-depth look into how organizations and people work today - exploring workforces and customers, and the applications and services they use to be productive. ]]> 2022-01-28T15:11:32+00:00 https://blog.knowbe4.com/knowbe4-continues-to-be-one-of-oktas-most-popular-apps-in-the-2021-businesses-at-work-report www.secnews.physaphae.fr/article.php?IdArticle=4046764 False None None None knowbe4 - cybersecurity services As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization's most critical third-party security gaps.]]> 2022-01-27T19:31:27+00:00 https://blog.knowbe4.com/a-data-driven-approach-for-your-third-party-risk-management-processes www.secnews.physaphae.fr/article.php?IdArticle=4042755 False None None None knowbe4 - cybersecurity services Rather than steal your user's credentials, this latest attack takes the OAuth route to gain access to the victim's mailbox. This gives cybercriminals continual access, regardless of whether the user is logged on or not.]]> 2022-01-27T14:13:57+00:00 https://blog.knowbe4.com/microsoft-warns-of-latest-consent-phishing-attack-intent-on-reading-your-email www.secnews.physaphae.fr/article.php?IdArticle=4041461 False None None None knowbe4 - cybersecurity services When we hear about compromised credentials, there's always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.]]> 2022-01-27T14:13:53+00:00 https://blog.knowbe4.com/dark-web-service-sells-access-to-compromised-accounts-and-browser-sessions www.secnews.physaphae.fr/article.php?IdArticle=4041462 False None None None knowbe4 - cybersecurity services With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the spotlight.]]> 2022-01-27T14:13:49+00:00 https://blog.knowbe4.com/malicious-office-documents-jump-to-37-of-all-malware-downloads-at-the-end-of-2021 www.secnews.physaphae.fr/article.php?IdArticle=4041463 False Malware None None knowbe4 - cybersecurity services CNN just reported on a Jan 23 Intelligence Bulletin from the US Department of Homeland Security (DHS) that warned state and local governments and critical infrastructure operators about the risk of Russia hitting the US with cyberattacks in retaliation for a possible US or NATO response to a potential Russian invasion of Ukraine. ]]> 2022-01-27T13:01:08+00:00 https://blog.knowbe4.com/heads-up-dhs-sounds-alarm-on-new-russian-destructive-disk-wiper-attack-potential www.secnews.physaphae.fr/article.php?IdArticle=4040870 False None NotPetya None knowbe4 - cybersecurity services Sixty-five percent of organizations report that their employees have been contacted by ransomware attackers in an attempt to recruit insider threats, according to researchers at Pulse and Hitachi ID.]]> 2022-01-26T13:37:30+00:00 https://blog.knowbe4.com/ransomware-operators-try-to-recruit-insiders www.secnews.physaphae.fr/article.php?IdArticle=4035539 False Ransomware None None knowbe4 - cybersecurity services Ireland's Teaching Council has been fined €60,000 by the country's Data Protection Commission (DPC) over a breach of nearly ten thousand teachers' data, the Irish Examiner reports. An attacker gained access to two employees' Gmail accounts by sending credential-harvesting phishing emails, then set up auto-forwarding rules to forward incoming emails to the attacker's email address.]]> 2022-01-25T15:30:43+00:00 https://blog.knowbe4.com/irish-teaching-council-fined-60000-for-phishing-induced-breach www.secnews.physaphae.fr/article.php?IdArticle=4030913 False None None None knowbe4 - cybersecurity services ]]> 2022-01-25T14:17:54+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-04-fbi-heads-up-us-defense-industry-targeted-with-new-usb-based-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4030318 False Ransomware None None knowbe4 - cybersecurity services Privacy issues came about all across the board in 2020, 2021, and 2022 will be no different. From WhatsApp updating their terms of service and losing millions of users to countless proposals by legislatures to enact stricter privacy laws, and the interconnectedness of everything and everyone in our lives, we will begin to see huge advancements in the area of data privacy over the next year. I'll take it up a notch and say that 2022 starts the next decade of privacy - and let's start with Data Privacy Week. ]]> 2022-01-25T13:29:41+00:00 https://blog.knowbe4.com/2022-continues-the-new-decade-of-privacy www.secnews.physaphae.fr/article.php?IdArticle=4030122 False None None None knowbe4 - cybersecurity services We are excited to announce that the KnowBe4 Industry Benchmarking feature has been expanded to now include industry benchmark comparison data for KnowBe4's Security Culture Survey (SCS).]]> 2022-01-25T13:00:00+00:00 https://blog.knowbe4.com/new-benchmarking-feature-compare-your-organizations-security-culture-with-other-organizations-in-your-industry www.secnews.physaphae.fr/article.php?IdArticle=4030123 False None None None knowbe4 - cybersecurity services Younger and older people differ in their susceptibility to different types of social engineering attacks, according to researchers at Avast. Younger people tend to fall for scams distributed through social media apps, while older people are more likely to fall for banking and tech support scams.]]> 2022-01-24T14:11:49+00:00 https://blog.knowbe4.com/a-generational-divide-among-social-engineering-victims www.secnews.physaphae.fr/article.php?IdArticle=4026046 False None None None knowbe4 - cybersecurity services Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains.]]> 2022-01-21T13:24:40+00:00 https://blog.knowbe4.com/fbi-us-defense-industry-organizations-targeted-with-usb-based-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4009608 False Ransomware None None knowbe4 - cybersecurity services Scammers targeting customers of mobile carrier O2 are enticing victim engagement by offering discounts on their mobile plan as much as 40%.]]> 2022-01-21T13:24:37+00:00 https://blog.knowbe4.com/new-u.k.-vishing-scam-offers-significant-phone-plan-discounts-in-exchange-for-your-phone-providers-one-time-security-code www.secnews.physaphae.fr/article.php?IdArticle=4009609 False None None None knowbe4 - cybersecurity services In our efforts to raise awareness among users of the importance of cybersecurity and the part they have to play in it, we sometimes go about things in a long-winded manner. ]]> 2022-01-20T15:22:17+00:00 https://blog.knowbe4.com/in-order-to-have-good-security-culture-behaviour-comes-first www.secnews.physaphae.fr/article.php?IdArticle=4003993 False None None None knowbe4 - cybersecurity services International shipping company DHL was the most impersonated brand in phishing attacks during the fourth quarter of 2022, researchers at Check Point have found.]]> 2022-01-20T14:26:04+00:00 https://blog.knowbe4.com/dhl-is-now-the-most-spoofed-brand-in-phishing www.secnews.physaphae.fr/article.php?IdArticle=4003778 False None None None knowbe4 - cybersecurity services As organizations work to protect against the relentless series of ransomware attacks that have plagued businesses large and small, the methods of attack seem to be leveling out.]]> 2022-01-20T14:26:01+00:00 https://blog.knowbe4.com/ransomware-attacks-are-growing-in-number-but-not-in-sophistication www.secnews.physaphae.fr/article.php?IdArticle=4003779 False None None None knowbe4 - cybersecurity services Hackers take advantage of legitimate comment functionality as a way to look legitimate, reach the Inbox, and avoid detection, despite using malicious links for phishing attacks.]]> 2022-01-20T14:25:58+00:00 https://blog.knowbe4.com/google-docs-comment-feature-is-the-key-to-a-new-wave-of-phishing-campaigns www.secnews.physaphae.fr/article.php?IdArticle=4003780 False None None None knowbe4 - cybersecurity services According to new data, ransomware is expected to be a larger and more likely threat in the next year, making the impacts felt today very relevant as the impetus for improved cybersecurity.]]> 2022-01-20T14:25:55+00:00 https://blog.knowbe4.com/half-of-all-organizations-hit-by-ransomware-experience-productivity-loss www.secnews.physaphae.fr/article.php?IdArticle=4003781 False Ransomware,Threat None None knowbe4 - cybersecurity services KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and Europe, Middle East and Africa), and 'in the wild' attacks.]]> 2022-01-19T20:33:56+00:00 https://blog.knowbe4.com/q4-2021-top-clicked-phishing-results-compare-us-emea www.secnews.physaphae.fr/article.php?IdArticle=3998221 False None None None knowbe4 - cybersecurity services A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.]]> 2022-01-19T13:33:29+00:00 https://blog.knowbe4.com/a-cyberespionage-group-uses-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=3994356 False Threat None None knowbe4 - cybersecurity services ]]> 2022-01-18T20:04:43+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-03-fbi-beware-of-a-new-google-voice-authentication-scam-even-if-you-dont-use-google-voice www.secnews.physaphae.fr/article.php?IdArticle=3988879 True None None None knowbe4 - cybersecurity services A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang's Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers at Kaspersky have found. The campaign, “SnatchCrypto,” is using malicious documents to gain access to internal communications, then using social engineering to manipulate employees.]]> 2022-01-18T16:59:26+00:00 https://blog.knowbe4.com/north-korean-cryptocurrency-theft-relies-on-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=3987812 False Threat,Medical APT 38,APT 28 None knowbe4 - cybersecurity services KnowBe4 is excited to announce that we have been recognized as an overall Customers' Choice in the December 2021 Gartner Peer Insights 'Voice of the Customer': Security Awareness Computer-Based Training Report. KnowBe4 also received two additional category distinctions across Company Size and Deployment Region, including Customers' Choice Midsize Enterprise and Customers' Choice North America.]]> 2022-01-17T13:00:00+00:00 https://blog.knowbe4.com/knowbe4-named-a-2021-gartner-peer-insights-customers-choice-for-security-awareness-computer-based-training www.secnews.physaphae.fr/article.php?IdArticle=3979134 False None None None knowbe4 - cybersecurity services We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is beginning to happen now and will make us wish for the good, old days of Ransomware 2.0.]]> 2022-01-14T13:27:37+00:00 https://blog.knowbe4.com/nuclear-ransomware-3.0-we-thought-it-was-bad-and-then-it-got-even-worse www.secnews.physaphae.fr/article.php?IdArticle=3963733 False Ransomware None None knowbe4 - cybersecurity services Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company's customer service employees.]]> 2022-01-13T20:08:08+00:00 https://blog.knowbe4.com/fifty-fifa-esports-accounts-were-hacked-via-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=3959570 False None None None knowbe4 - cybersecurity services A new advisory warns of a scam that can affect literally anyone designed as a precursor to additional vishing scams and/or to perform Gmail account takeovers.]]> 2022-01-12T17:11:13+00:00 https://blog.knowbe4.com/fbi-beware-of-a-new-google-voice-authentication-scam-even-if-you-dont-use-google-voice www.secnews.physaphae.fr/article.php?IdArticle=3952999 False None None None knowbe4 - cybersecurity services Scammers are using the professional-looking stickers to point those parking to an alternate pay site to collect credit card details in the perfect situation where victims would be none the wiser.]]> 2022-01-12T17:11:06+00:00 https://blog.knowbe4.com/payment-fraud-moves-to-the-real-world-with-fake-qr-codes-on-parking-meters www.secnews.physaphae.fr/article.php?IdArticle=3953000 False None None None knowbe4 - cybersecurity services A new joint cybersecurity advisory from CISA, the FBI, and the NSA cautions organizations against Russian-based attacks and provides mitigations to be implemented.]]> 2022-01-12T15:31:17+00:00 https://blog.knowbe4.com/u.s.-government-warns-of-more-cyberattacks-targeting-critical-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=3952503 False None None None knowbe4 - cybersecurity services The weakest part of your cybersecurity can be identified by looking at how cyberattacks take place, and how well your defenses stand up. But did you know the answer comes from the year 1885?]]> 2022-01-12T14:37:22+00:00 https://blog.knowbe4.com/its-a-fact-cyberattacks-continue-because-your-users-forget www.secnews.physaphae.fr/article.php?IdArticle=3951946 False None None None knowbe4 - cybersecurity services At the core of every phishing scam is a combination of a bunch of lies and (sometimes) a few truths. A new focus on better defining the misuse of information provides insight into why phishing works.]]> 2022-01-12T14:37:18+00:00 https://blog.knowbe4.com/information-disorder-giving-a-name-to-one-of-the-most-impactful-parts-of-phishing-scams www.secnews.physaphae.fr/article.php?IdArticle=3951947 False None None None knowbe4 - cybersecurity services With the news focused on just a few key ransomware strains, it's understandable to think you'll never be a target. But newly-released data shows who's doing the attacking and who's being targeted.]]> 2022-01-12T14:37:15+00:00 https://blog.knowbe4.com/over-200-ransomware-strains-detected-in-last-part-of-2021 www.secnews.physaphae.fr/article.php?IdArticle=3951948 False Ransomware None None knowbe4 - cybersecurity services The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.]]> 2022-01-12T13:00:00+00:00 https://blog.knowbe4.com/knowbe4-named-a-leader-in-the-winter-2022-g2-grid-report-for-security-awareness-training www.secnews.physaphae.fr/article.php?IdArticle=3951737 False Guideline None None knowbe4 - cybersecurity services A business email compromise attack at Illinois's Office of the Special Deputy Receiver led to a loss of $6.85 million, Ray Long at the Chicago Tribune reports. Long describes the Office as “a nonprofit that works with the director of the Illinois Department of Insurance and exists largely to protect creditors and policyholders of financially troubled or insolvent insurance companies.”]]> 2022-01-11T14:52:45+00:00 https://blog.knowbe4.com/business-email-compromise-attack-leads-to-millions-in-non-profit-loss www.secnews.physaphae.fr/article.php?IdArticle=3947534 False Guideline None None knowbe4 - cybersecurity services ]]> 2022-01-11T14:31:56+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-02-eye-opener-3-tips-to-pass-your-certified-security-awareness-and-culture-professional-sacp-exam www.secnews.physaphae.fr/article.php?IdArticle=3947535 False None None None knowbe4 - cybersecurity services Ransomware attacks have been dominant for hackers. And according to Investor's recent article, this means good news for cybersecurity stocks. ]]> 2022-01-07T13:23:08+00:00 https://blog.knowbe4.com/ransomware-attacks-could-result-in-higher-cybersecurity-stocks www.secnews.physaphae.fr/article.php?IdArticle=3936674 False None None None knowbe4 - cybersecurity services Check out the 38 new pieces of training content added in December, alongside the always fresh content update highlights and new features.]]> 2022-01-07T13:00:00+00:00 https://blog.knowbe4.com/your-knowbe4-fresh-content-updates-from-december-2021 www.secnews.physaphae.fr/article.php?IdArticle=3936545 False None None None knowbe4 - cybersecurity services A mere blip on the ransomware radar a quarter ago, the massive onslaught of attacks using Hive Ransomware demonstrates how dangerous the “as-a-Service” model really is.]]> 2022-01-06T19:20:00+00:00 https://blog.knowbe4.com/hive-ransomware-as-a-service-races-to-the-top-as-affiliates-breach-350-organizations-in-just-4-months www.secnews.physaphae.fr/article.php?IdArticle=3933390 False Ransomware None None knowbe4 - cybersecurity services An academic partnership between Stony Brook University and Palo Alto Networks uncovered a massive use of tools that will steal authentication cookies mid-stream instead of credentials.]]> 2022-01-06T19:19:54+00:00 https://blog.knowbe4.com/over-1200-man-in-the-middle-phishing-toolkits-design-to-intercept-2fa-found-in-the-wild www.secnews.physaphae.fr/article.php?IdArticle=3933391 False None None None knowbe4 - cybersecurity services With an estimated take of over $80 million a month, this scam uses new evasive tactics designed to make detection and investigation of these attacks difficult at best.]]> 2022-01-06T19:19:37+00:00 https://blog.knowbe4.com/121-brands-impersonated-in-massive-91-country-survey-turned-fraud-scam www.secnews.physaphae.fr/article.php?IdArticle=3933392 False None None None knowbe4 - cybersecurity services A North Korean threat actor is targeting users in Russia with a New Year's Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say the campaign “started at least from August 2021 aimed at Russian targets operating in the diplomatic sector.” The researchers note that the threat actor used a ZIP file in this spear phishing attack, as opposed to a document with malicious macros.]]> 2022-01-06T18:20:04+00:00 https://blog.knowbe4.com/obvious-but-probably-effective-konni-rat-screensaver www.secnews.physaphae.fr/article.php?IdArticle=3933226 False Threat None None knowbe4 - cybersecurity services New York Attorney General Letitia James has released a guide to help businesses defend themselves against credential stuffing attacks. Credential stuffing is a type of brute-force attack in which attackers use automation to test stolen usernames and passwords against many different websites. New York's advisory explains that credential stuffing “leverages the natural human tendency to reuse passwords to cope with the ever-growing number of online accounts that must be managed. Attackers know that the username and password used at one website may also be used at a half-dozen others.”]]> 2022-01-06T18:17:59+00:00 https://blog.knowbe4.com/new-york-state-warns-of-credential-stuffing www.secnews.physaphae.fr/article.php?IdArticle=3933227 False None None None knowbe4 - cybersecurity services ]]> 2022-01-05T14:17:59+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-01-heads-up-new-omicron-themed-phishing-attack-is-now-running-rampant www.secnews.physaphae.fr/article.php?IdArticle=3927625 False None None None knowbe4 - cybersecurity services Despite a massive drop in crypto scams in 2020 due to the pandemic, a new report highlights the massive growth in crypto scams… and the profitable results they're yielding.]]> 2022-01-04T15:04:02+00:00 https://blog.knowbe4.com/cryptocurrency-scam-profits-jump-81-in-2021-to-7.7-billion www.secnews.physaphae.fr/article.php?IdArticle=3923122 False None None None knowbe4 - cybersecurity services Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to help with their ailments.]]> 2022-01-04T15:03:58+00:00 https://blog.knowbe4.com/reducing-stress-with-cbd-is-the-latest-theming-for-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=3923123 False None None None knowbe4 - cybersecurity services Scammers are sending phony accusations of copyright infringement to Instagram users in a new phishing attack, Paul Ducklin writes at Naked Security. The scammers are taking advantage of the fact that many Instagram pages with large followings are concerned about being banned for posting copyrighted content.]]> 2022-01-04T15:03:54+00:00 https://blog.knowbe4.com/copyright-infringement-notice-to-instagram-users-serves-as-newest-phishbait www.secnews.physaphae.fr/article.php?IdArticle=3923124 False None None None knowbe4 - cybersecurity services Social engineering isn't concerned with either novelty or elegance. All that matters is whether it works. ESET's Jake Moore described a case in point for We Live Security: all someone might need to gain access to your snapchat account is look over your shoulder at the right moment, just like the kid at the next desk trying to cheat on a test back in elementary school.]]> 2022-01-04T15:03:50+00:00 https://blog.knowbe4.com/shoulder-surfing-is-still-a-thing-for-successful-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=3923125 False None None None knowbe4 - cybersecurity services ]]> 2022-01-01T16:59:12+00:00 https://blog.knowbe4.com/2022-resolution-ill-be-a-certified-security-awareness-and-culture-professional-sacp www.secnews.physaphae.fr/article.php?IdArticle=3914402 False Threat,Guideline None None knowbe4 - cybersecurity services The growing interest in new cryptocurrencies and the potential to get in early on Amazon's supposedly forthcoming crypto has scammers taking victims for thousands of dollars.]]> 2021-12-30T20:58:38+00:00 https://blog.knowbe4.com/amazon-token-crypto-presale-scam-takes-advantage-of-news-hype-and-steals-your-real-cryptocurrency www.secnews.physaphae.fr/article.php?IdArticle=3909923 False None None None knowbe4 - cybersecurity services A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.]]> 2021-12-30T20:58:33+00:00 https://blog.knowbe4.com/new-karakurt-threat-group-is-gaining-attention-through-multiple-and-frequent-extortion-attacks www.secnews.physaphae.fr/article.php?IdArticle=3909924 False Threat None None knowbe4 - cybersecurity services A mean-spirited phishing campaign is mocking victims after infecting their devices with Dridex malware, according to Lawrence Abrams at BleepingComputer.]]> 2021-12-29T16:01:30+00:00 https://blog.knowbe4.com/omicron-themed-phishing-campaign-is-running-rampant www.secnews.physaphae.fr/article.php?IdArticle=3904195 False None None None knowbe4 - cybersecurity services Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening.]]> 2021-12-29T16:01:23+00:00 https://blog.knowbe4.com/organizations-worldwide-experience-over-722-million-attacks-in-the-last-30-days www.secnews.physaphae.fr/article.php?IdArticle=3904196 False None None None knowbe4 - cybersecurity services I love that KnowBe4's customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4's products help its customers to educate and test which scams a worker will easily recognize and which ones they need more education on. KnowBe4's product helps administrators figure out exactly who needs more education and on what topics. We know that customers who frequently educate and test their co-workers reduce cybersecurity risk lower than those that do not.]]> 2021-12-29T16:01:12+00:00 https://blog.knowbe4.com/5-notable-obscure-phishing-scams www.secnews.physaphae.fr/article.php?IdArticle=3904197 True None None None knowbe4 - cybersecurity services While news reports indicate no impact to the utilities company's ability to deliver electricity to its' customers, this could be the start of attacks on critical infrastructure in Australia.]]> 2021-12-29T16:01:00+00:00 https://blog.knowbe4.com/conti-ransomware-affiliate-attacks-australian-utilities-giants-corporate-network www.secnews.physaphae.fr/article.php?IdArticle=3904198 False Ransomware None None knowbe4 - cybersecurity services Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim's calendar to lower the malicious value of an invite.]]> 2021-12-29T16:00:50+00:00 https://blog.knowbe4.com/google-takes-a-step-towards-reducing-the-use-of-calendar-invitations-as-phishing-tools www.secnews.physaphae.fr/article.php?IdArticle=3904199 False None None None knowbe4 - cybersecurity services ]]> 2021-12-29T14:36:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-11-51-heads-up-phishing-attacks-remain-the-top-type-of-cybersecurity-breach-this-year www.secnews.physaphae.fr/article.php?IdArticle=3904021 False None None None knowbe4 - cybersecurity services Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.]]> 2021-12-28T18:28:54+00:00 https://blog.knowbe4.com/west-virginia-healthcare-breach-traced-to-phishing www.secnews.physaphae.fr/article.php?IdArticle=3900215 False Data Breach None None knowbe4 - cybersecurity services More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a malware phishing attack.]]> 2021-12-28T16:19:30+00:00 https://blog.knowbe4.com/the-impacts-of-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=3899360 False Malware None None knowbe4 - cybersecurity services With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more.]]> 2021-12-23T21:17:23+00:00 https://blog.knowbe4.com/new-nigerian-phishing-scams-target-u.s.-military-families-with-needed-services www.secnews.physaphae.fr/article.php?IdArticle=3864439 False None None None knowbe4 - cybersecurity services A new campaign spotted in the wild uses a tried-and-true method of convincing victims to provide their Office 365 logon credentials to be used in future attacks.]]> 2021-12-23T21:17:00+00:00 https://blog.knowbe4.com/office-365-spam-notification-phishing-emails-seek-to-capture-credentials www.secnews.physaphae.fr/article.php?IdArticle=3864440 False None None None knowbe4 - cybersecurity services New data shows a huge disparity between the likelihood of cyberattack against U.K. organizations and their employee's cybersecurity awareness and vigilance.]]> 2021-12-23T17:07:22+00:00 https://blog.knowbe4.com/u.k.-workers-arent-concerned-about-company-cybersecurity-despite-60-having-been-victims-of-a-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=3862204 False None None None knowbe4 - cybersecurity services We've always known phishing scammers work very quickly, moving from campaign to campaign, but new data indicates some scammers are moving on in terms of literally hours.]]> 2021-12-23T16:39:19+00:00 https://blog.knowbe4.com/one-third-of-phishing-pages-are-inactive-after-just-one-day www.secnews.physaphae.fr/article.php?IdArticle=3861986 False None None None knowbe4 - cybersecurity services Citing upticks in attacks, Canada's Centre for Cyber Security asks organizations to step up protective measures, offering guidance and a playbook to improve security.]]> 2021-12-23T16:38:50+00:00 https://blog.knowbe4.com/canadian-government-urges-organizations-to-protect-against-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=3861987 False Ransomware None None knowbe4 - cybersecurity services I love that KnowBe4's customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4's products help its customers to educate and test what scams a worker will easily recognize and which ones they need more education on. KnowBe4's product helps administrators figure out exactly who needs more education and on what topics. We know that customers who more consistently and frequently educate and test their co-workers reduce cybersecurity risk lower than those who do not.]]> 2021-12-23T14:06:46+00:00 https://blog.knowbe4.com/having-an-efficient-security-awareness-training-program www.secnews.physaphae.fr/article.php?IdArticle=3860796 False None None 5.0000000000000000 knowbe4 - cybersecurity services Cybercriminals are at it again with holiday phishing scams. Because of the popularity of online shopping, retailers' online Black Friday deals attract more and more scammers every year. Cyber Monday will also mean big online sales. That means you and your users need to be extra cautious when shopping online over the Black Friday and Cyber Monday weekend. ]]> 2021-12-22T17:00:01+00:00 https://blog.knowbe4.com/scam-of-the-week-black-friday-cyber-monday-cybersecurity-tips www.secnews.physaphae.fr/article.php?IdArticle=3850455 False None None None