This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-02T14:13:47+00:00 www.secnews.physaphae.fr knowbe4 - cybersecurity services De nouvelles informations sur les attaques de ransomwares montrent que les cyberattaques sont une préoccupation majeure pour les organisations & # 8211;avec beaucoup de choses qui ne savent pas qu'ils étaient victimes qu'après l'attaque.

---

New insight into ransomware attacks show that cyber attacks are a top concern for organizations – with many not aware they were a victim until after the attack.]]> 2024-05-31T17:43:03+00:00 https://blog.knowbe4.com/nearly-every-ransomware-attack-today-includes-exfiltrating-your-data www.secnews.physaphae.fr/article.php?IdArticle=8510730 False Ransomware None None knowbe4 - cybersecurity services ]]> 2024-05-21T13:03:37+00:00 https://blog.knowbe4.com/cyberheistnews-vol-14-21-how-come-unknown-attack-vectors-are-surging-in-ransomware-infections www.secnews.physaphae.fr/article.php?IdArticle=8504036 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-05-16T16:54:01+00:00 https://blog.knowbe4.com/black-basta-ransomware-uses-phishing www.secnews.physaphae.fr/article.php?IdArticle=8501064 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-05-14T18:30:08+00:00 https://blog.knowbe4.com/unknown-initial-attack-vectors-continue www.secnews.physaphae.fr/article.php?IdArticle=8499737 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services Boeing récemmenta confirmé qu'en octobre 2023, il a été victime d'une attaque du Gang de ransomware de Lockbit, qui a perturbé certaines de ses parties et opérations de distribution.Les attaquants ont demandé à 200 millions de dollars de ne pas publier les données qu'ils avaient exfiltrées.

---

Boeing recently confirmed that in October 2023, it fell victim to an attack by the LockBit ransomware gang, which disrupted some of its parts and distribution operations. The attackers demanded a whopping $200 million not to release the data they had exfiltrated.]]> 2024-05-10T10:49:49+00:00 https://blog.knowbe4.com/must-read-how-boeing-battled-a-whopping-200m-ransomware-demand www.secnews.physaphae.fr/article.php?IdArticle=8497136 False Ransomware None 5.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-04-23T15:37:01+00:00 https://blog.knowbe4.com/global-optics-provider-hit-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8487479 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services Ce nouveau jeu dure 10 minutes, disponible en anglais (GB) et au niveau d'abonnement Diamond. & Nbsp;

---

We released a new game, now available on the KnowBe4 Modstore. I played it myself and this is recommended for all Inside Man fans!  "Mark Shepherd, The Inside Man himself, is recruiting a crack security team to thwart the sinister \'Handler\'. Your mission is to accumulate points in a series of challenges that apply lessons learnt throughout The Inside Man series, to test your expertise in combating phishing, social engineering, password breaches, ransomware and document security. "This new Game is 10 minutes in duration, available in English (GB), and at Diamond subscription level. ]]> 2024-04-22T20:21:06+00:00 https://blog.knowbe4.com/your-blnew-game-the-inside-man-new-recruits-gameog-post-title-here www.secnews.physaphae.fr/article.php?IdArticle=8487011 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-03-18T14:14:00+00:00 https://blog.knowbe4.com/healthcare-organizations-be-wary-of-increased-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8466102 False Ransomware,Medical None 2.0000000000000000 knowbe4 - cybersecurity services Un rapport récent révèle un écart important dans les priorités des services informatiques de marché intermédiaire lorsqu'il s'agit de traiter les cybermenaces. Il est quelque peu ironique que les professionnels informatiques se retrouvent enchevêtrés dans un paradoxe logique lorsqu'ils répondent aux enquêtes, comme le démontre Node4 \\ 's & nbsp; Rapport de priorités informatiques du marché moyen 2024 .Ce rapport met en lumière le fait que deux des trois principales cyber-menaces concernant les services informatiques du marché intermédiaire sont des menaces et des ransomwares basés sur l'IA, les menaces d'initiés se classant comme la principale préoccupation cette année.

---

A recent report reveals a significant discrepancy in the priorities of mid-market IT departments when it comes to addressing cyber threats. It\'s somewhat ironic that IT professionals find themselves entangled in a logical paradox when responding to surveys, as demonstrated by Node4\'s Mid-Market IT Priorities Report 2024. This report sheds light on the fact that two of the top three cyber threats concerning mid-market IT departments are AI-based threats and ransomware, with insider threats ranking as the primary concern this year.]]> 2024-03-07T20:22:08+00:00 https://blog.knowbe4.com/ai-and-ransomware-top-list-of-mid-market-it-cyber-threat www.secnews.physaphae.fr/article.php?IdArticle=8460492 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services Des données nouvellement publiées couvrant les cyber-états vécues en 2023 éclairent à quel point l'an dernier était très différent et peint un tableau de ce à quoi s'attendre des cyberattaques en 2024.

---

Newly-released data covering cyberthreats experienced in 2023 sheds some light on how very different last year was and paints a picture of what to expect of cyber attacks in 2024.]]> 2024-02-28T19:26:02+00:00 https://blog.knowbe4.com/ransomware-incidents-spike-84-as-most-ransomware-victims www.secnews.physaphae.fr/article.php?IdArticle=8456586 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-02-19T21:01:02+00:00 https://blog.knowbe4.com/only-7-organizations-restore-data-processes-within-days-after-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8452422 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services 2024-02-14T13:57:40+00:00 https://blog.knowbe4.com/ai-in-cyberspace www.secnews.physaphae.fr/article.php?IdArticle=8450001 False Ransomware,Threat None 3.0000000000000000 knowbe4 - cybersecurity services 2024-02-08T13:00:00+00:00 https://blog.knowbe4.com/malvertising-on-the-rise www.secnews.physaphae.fr/article.php?IdArticle=8447997 False Ransomware,Malware None 2.0000000000000000 knowbe4 - cybersecurity services 2024-01-31T18:52:23+00:00 https://blog.knowbe4.com/ransomware-decline-as-attackers-flee-market-middle www.secnews.physaphae.fr/article.php?IdArticle=8445276 False Ransomware,Threat None 3.0000000000000000 knowbe4 - cybersecurity services La poussée de ransomware -As-A-Service Affiliates est probablement la raison de l'augmentation spectaculaire du nombre d'organisations victimes, avec tous les indicateurs suggérant que cette tendance persistera en 2024.

---

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend will persist into 2024. ]]> 2024-01-25T17:43:48+00:00 https://blog.knowbe4.com/ransomware-attack-victims-surge-in-2023-to-over-4000 www.secnews.physaphae.fr/article.php?IdArticle=8443061 False Ransomware,Prediction None 3.0000000000000000 knowbe4 - cybersecurity services 2024-01-18T13:38:31+00:00 https://blog.knowbe4.com/swatting-latest-tactic-in-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8440281 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-01-03T15:57:52+00:00 https://blog.knowbe4.com/ransomware-disrupts-multiple-german-hospitals www.secnews.physaphae.fr/article.php?IdArticle=8433749 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services 2023-12-28T16:06:43+00:00 https://blog.knowbe4.com/uk-government-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8430358 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-12-06T19:23:26+00:00 https://blog.knowbe4.com/worlds-largest-bank-becomes-ransomware-victim www.secnews.physaphae.fr/article.php?IdArticle=8419660 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services 2023-11-21T21:25:14+00:00 https://blog.knowbe4.com/ransomware-attacks-affect-majority-organizations-2023 www.secnews.physaphae.fr/article.php?IdArticle=8415584 False Ransomware,Studies None 3.0000000000000000 knowbe4 - cybersecurity services 2023-11-17T15:56:46+00:00 https://blog.knowbe4.com/knowbe4-cisco-duo-integration www.secnews.physaphae.fr/article.php?IdArticle=8413450 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services L'homme mord le chien: Dans une touche inhabituelle dans la cybercriminalité, le groupe Ransomware Blackcat / Alphv manipule la nouvelle règle de 4 jours de la sec \\ pour augmenter la pression sur leurs victimes.Cette dernière manœuvre met en évidence une compréhension sophistiquée des impacts réglementaires sur les stratégies de ransomware.

---

Man Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC\'s new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in ransomware strategies.]]> 2023-11-16T21:42:05+00:00 https://blog.knowbe4.com/blackcat-ransomwares-new-sec-reporting-tactic-turn-regulations-against-victims www.secnews.physaphae.fr/article.php?IdArticle=8413081 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-11-14T19:01:17+00:00 https://blog.knowbe4.com/3-percent-organizations-worldwide-experienced-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8412015 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-11-09T20:57:11+00:00 https://blog.knowbe4.com/social-engineering-it-support-desk-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8408720 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services 2023-11-02T14:20:30+00:00 https://blog.knowbe4.com/analyze-emails-crowdstrike-falcon-knowbe4-phisher-plus www.secnews.physaphae.fr/article.php?IdArticle=8404725 False Ransomware,Malware,Threat None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-10-17T18:40:56+00:00 https://blog.knowbe4.com/ransomware-insurance-claims-rise www.secnews.physaphae.fr/article.php?IdArticle=8396839 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-10-12T12:02:06+00:00 https://blog.knowbe4.com/human-operated-ransomware-attacks-double www.secnews.physaphae.fr/article.php?IdArticle=8394700 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services Alors que les attaquants évoluent leurs ensembles d'outils et leurs outils, la baisse significative du temps de résidence signifie un risque beaucoup plus élevé pour les organisations qui ont désormais moins de temps pour détecter et répondre aux attaques initiales.

---

As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial attacks.]]> 2023-10-09T12:17:46+00:00 https://blog.knowbe4.com/ransomware-dwell-time-drops-by-77-to-under-24-hours www.secnews.physaphae.fr/article.php?IdArticle=8393170 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services Les résultats récents dans un rapport Spycloud montrent que les entreprises commencent à reconnaître et à déplacer leurs priorités pour se défendre contre Ransomware Attaques, mais l'utilisationdes logiciels malveillants d'infostealer ont toujours un taux de réussite élevé pour les cybercriminels.

---

Recent findings in a SpyCloud report shows companies are starting to recognize and shift their priorities to defend against ransomware attacks, but the use of infostealer malware still has a high success rate for cybercriminals. ]]> 2023-09-25T13:53:35+00:00 https://blog.knowbe4.com/organizations-understand-impact-ransomware-but-not-enough-to-defeat-infostealer-malware www.secnews.physaphae.fr/article.php?IdArticle=8387607 False Ransomware,Malware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-09-19T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-38-no-dice-for-mgm-vegas-as-it-battles-ransomware-attack-downtime www.secnews.physaphae.fr/article.php?IdArticle=8385286 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services quatre jours plus tard, 52 millions de dollars en revenus et en comptage, une cyberattaque contre MGM Resorts International, un empire de jeu de Las Vegas de 14 milliards de dollars avec des spreads d'hôtel célèbre à Hollywood comme le Bellagio, le Cosmopolitan, E Xcalibur, Louxor et le MGM Grand lui-même, a fait tomber la maison par un parfaitExemple de Vishing … a 10 minutes Appel téléphonique.

---

Four days later, $52 million in lost revenues and counting, a cyber attack on MGM Resorts International, a $14 billion Las Vegas gaming empire with Hollywood-famous hotel spreads like the Bellagio, Cosmopolitan, Excalibur, Luxor, and the MGM Grand itself, had the house brought down by a perfect example of vishing…a 10-minute phone call.]]> 2023-09-14T20:03:51+00:00 https://blog.knowbe4.com/no-dice-for-mgm-las-vegas-as-it-battles-fallout-from-ransomware-attack-after-a-10-minute-vishing-scam www.secnews.physaphae.fr/article.php?IdArticle=8382767 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-09-14T19:56:43+00:00 https://blog.knowbe4.com/mgm-suffers-ransomware-attack-that-started-with-a-simple-helpdesk-call www.secnews.physaphae.fr/article.php?IdArticle=8382768 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-08-16T18:00:17+00:00 https://blog.knowbe4.com/ransomware-generative-ai-attacks-surge www.secnews.physaphae.fr/article.php?IdArticle=8370848 False Ransomware,Tool,Threat None 2.0000000000000000 knowbe4 - cybersecurity services 2023-08-02T18:46:03+00:00 https://blog.knowbe4.com/need-cyber-resilience-healthcare www.secnews.physaphae.fr/article.php?IdArticle=8364869 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ransomware continue d'être une menace majeure pour toutes les organisations et, selon le Verizon 2023 Data Breach Investigations Report , est toujours présent dans 24% des violations.

---

Ransomware continues to be a major threat for all organizations and, according to the Verizon 2023 Data Breach Investigations Report, is still present in 24% of breaches. ]]> 2023-07-06T12:00:00+00:00 https://blog.knowbe4.com/updated-ransomware-simulator www.secnews.physaphae.fr/article.php?IdArticle=8352869 False Ransomware,Data Breach,Threat None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-07-05T13:23:22+00:00 https://blog.knowbe4.com/japans-largest-port-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8352481 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #26  |   June 27th, 2023 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text scam last year. "Reports about texts impersonating banks are up nearly tenfold since 2019 with median reported individual losses of $3,000 last year," the report says. These are the top five text scams reported by the FTC: Copycat bank fraud prevention alerts Bogus "gifts" that can cost you Fake package delivery problems Phony job offers Not-really-from-Amazon security alerts "People get a text supposedly from a bank asking them to call a number ASAP about suspicious activity or to reply YES or NO to verify whether a transaction was authorized. If they reply, they\'ll get a call from a phony \'fraud department\' claiming they want to \'help get your money back.\' What they really want to do is make unauthorized transfers. "What\'s more, they may ask for personal information like Social Security numbers, setting people up for possible identity theft." Fake gift card offers took second place, followed by phony package delivery problems. "Scammers understand how our shopping habits have changed and have updated their sleazy tactics accordingly," the FTC says. "People may get a text pretending to be from the U.S. Postal Service, FedEx, or UPS claiming there\'s a problem with a delivery. "The text links to a convincing-looking – but utterly bogus – website that asks for a credit card number to cover a small \'redelivery fee.\'" Scammers also target job seekers with bogus job offers in an attempt to steal their money and personal information. "With workplaces in transition, some scammers are using texts to perpetrate old-school forms of fraud – for example, fake \'mystery shopper\' jobs or bogus money-making offers for driving around with cars wrapped in ads," the report says. "Other texts target people who post their resumes on employment websites. They claim to offer jobs and even send job seekers checks, usually with instructions to send some of the money to a different address for materials, training, or the like. By the time the check bounces, the person\'s money – and the phony \'employer\' – are long gone." Finally, scammers impersonate Amazon and send fake security alerts to trick victims into sending money. "People may get what looks like a message from \'Amazon,\' asking to verify a big-ticket order they didn\'t place," the FTC says. "Concerned ]]> 2023-06-27T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-26-eyes-open-the-ftc-reveals-the-latest-top-five-text-message-scams www.secnews.physaphae.fr/article.php?IdArticle=8349704 False Ransomware,Spam,Malware,Hack,Tool,Threat ChatGPT,ChatGPT,APT 15,APT 28,FedEx 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-06-27T12:54:20+00:00 https://blog.knowbe4.com/singapore-cyber-landscape-2022-report www.secnews.physaphae.fr/article.php?IdArticle=8349705 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #25  |   June 20th, 2023 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches Verizon\'s DBIR always has a lot of information to unpack, so I\'ll continue my review by covering how stolen credentials play a role in attacks. This year\'s Data Breach Investigations Report has nearly 1 million incidents in their data set, making it the most statistically relevant set of report data anywhere. So, what does the report say about the most common threat actions that are involved in data breaches? Overall, the use of stolen credentials is the overwhelming leader in data breaches, being involved in nearly 45% of breaches – this is more than double the second-place spot of "Other" (which includes a number of types of threat actions) and ransomware, which sits at around 20% of data breaches. According to Verizon, stolen credentials were the "most popular entry point for breaches." As an example, in Basic Web Application Attacks, the use of stolen credentials was involved in 86% of attacks. The prevalence of credential use should come as no surprise, given the number of attacks that have focused on harvesting online credentials to provide access to both cloud platforms and on-premises networks alike. And it\'s the social engineering attacks (whether via phish, vish, SMiSh, or web) where these credentials are compromised - something that can be significantly diminished by engaging users in security awareness training to familiarize them with common techniques and examples of attacks, so when they come across an attack set on stealing credentials, the user avoids becoming a victim. Blog post with links:https://blog.knowbe4.com/stolen-credentials-top-breach-threat [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters without ever l]]> 2023-06-20T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-25-fingerprints-all-over-stolen-credentials-are-the-no1-root-cause-of-data-breaches www.secnews.physaphae.fr/article.php?IdArticle=8347292 False Ransomware,Data Breach,Spam,Malware,Hack,Vulnerability,Threat,Cloud ChatGPT,ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-06-15T19:20:15+00:00 https://blog.knowbe4.com/uk-attacker-ransomware-arrest www.secnews.physaphae.fr/article.php?IdArticle=8345858 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-06-13T13:56:50+00:00 https://blog.knowbe4.com/85-organizations-experienced-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8344823 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-06-07T17:27:13+00:00 https://blog.knowbe4.com/email-attack-vector-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8343070 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #23  |   June 6th, 2023 [Wake-Up Call] It\'s Time to Focus More on Preventing Spear Phishing Fighting spear phishing attacks is the single best thing you can do to prevent breaches. Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that all hackers and malware compromise devices and networks. No other initial root cause comes close (unpatched software and firmware is a distant second being involved in about 33% of attacks). A new, HUGE, very important, fact has been gleaned by Barracuda Networks which should impact the way that EVERYONE does security awareness training. Everyone needs to know about this fact and react accordingly. This is that fact: "...spear phishing attacks that use personalized messages... make up only 0.1% of all email-based attacks according to Barracuda\'s data but are responsible for 66% of all breaches." Let that sink in for a moment. What exactly is spear phishing? Spear phishing is when a social engineering attacker uses personal or confidential information they have learned about a potential victim or organization in order to more readily fool the victim into performing a harmful action. Within that definition, spear phishing can be accomplished in thousands of different ways, ranging from basic attacks to more advanced, longer-range attacks. [CONTINUED] at KnowBe4 blog:https://blog.knowbe4.com/wake-up-call-its-time-to-focus-more-on-preventing-spear-phishing [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. NEW! Executive Reports - Can create, tailor and deliver advanced executive-level reports NEW! KnowBe4 ]]> 2023-06-06T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-23-wake-up-call-its-time-to-focus-more-on-preventing-spear-phishing www.secnews.physaphae.fr/article.php?IdArticle=8342545 False Ransomware,Malware,Hack,Tool,Threat None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #22  |   May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all. When you want tires, where do you go? Right – to the tire store. Shoes? Yup – shoe store. The most money you can scam from a single attack? That\'s right – the financial services industry, at least according to cybersecurity vendor Armorblox\'s 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks. When breaking down the specific types of financial fraud, it doesn\'t get any better for the financial industry: 51% of invoice fraud attacks targeted the financial services industry 42% were payroll fraud attacks 63% were payment fraud To make matters worse, nearly one-quarter (22%) of financial fraud attacks successfully bypassed native email security controls, according to Armorblox. That means one in five email-based attacks made it all the way to the Inbox. The next layer in your defense should be a user that\'s properly educated using security awareness training to easily identify financial fraud and other phishing-based threats, stopping them before they do actual damage. Blog post with links:https://blog.knowbe4.com/financial-fraud-phishing [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. ]]> 2023-05-31T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-22-eye-on-fraud-a-closer-look-at-the-massive-72-percent-spike-in-financial-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8340859 False Ransomware,Malware,Hack,Tool,Threat,Conference ChatGPT,ChatGPT,Uber,Guam 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #21  |   May 23rd, 2023 [Double Trouble] 78% of Ransomware Victims Face Multiple Extortions in Scary Trend New data sheds light on how likely your organization will succumb to a ransomware attack, whether you can recover your data, and what\'s inhibiting a proper security posture. You have a solid grasp on what your organization\'s cybersecurity stance does and does not include. But is it enough to stop today\'s ransomware attacks? CyberEdge\'s 2023 Cyberthreat Defense Report provides some insight into just how prominent ransomware attacks are and what\'s keeping orgs from stopping them. According to the report, in 2023: 7% of organizations were victims of a ransomware attack 7% of those paid a ransom 73% were able to recover data Only 21.6% experienced solely the encryption of data and no other form of extortion It\'s this last data point that interests me. Nearly 78% of victim organizations experienced one or more additional forms of extortion. CyberEdge mentions threatening to publicly release data, notifying customers or media, and committing a DDoS attack as examples of additional threats mentioned by respondents. IT decision makers were asked to rate on a scale of 1-5 (5 being the highest) what were the top inhibitors of establishing and maintaining an adequate defense. The top inhibitor (with an average rank of 3.66) was a lack of skilled personnel – we\'ve long known the cybersecurity industry is lacking a proper pool of qualified talent. In second place, with an average ranking of 3.63, is low security awareness among employees – something only addressed by creating a strong security culture with new-school security awareness training at the center of it all. Blog post with links:https://blog.knowbe4.com/ransomware-victim-threats [Free Tool] Who Will Fall Victim to QR Code Phishing Attacks? Bad actors have a new way to launch phishing attacks to your users: weaponized QR codes. QR code phishing is especially dangerous because there is no URL to check and messages bypass traditional email filters. With the increased popularity of QR codes, users are more at ]]> 2023-05-23T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-21-double-trouble-78-percent-of-ransomware-victims-face-multiple-extortions-in-scary-trend www.secnews.physaphae.fr/article.php?IdArticle=8338709 False Ransomware,Hack,Tool,Vulnerability,Threat,Prediction ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #20  |   May 16th, 2023 [Foot in the Door] The Q1 2023\'s Top-Clicked Phishing Scams | INFOGRAPHIC KnowBe4\'s latest reports on top-clicked phishing email subjects have been released for Q1 2023. We analyze "in the wild" attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, top attack vector types, and holiday email phishing subjects. IT and Online Services Emails Drive Dangerous Attack Trend This last quarter\'s results reflect the shift to IT and online service notifications such as laptop refresh or account suspension notifications that can affect your end users\' daily work. Cybercriminals are constantly increasing the damage they cause to organizations by luring unsuspecting employees into clicking on malicious links or downloading fake attachments that seem realistic. Emails that are disguised as coming from an internal source, such as the IT department, are especially dangerous because they appear to come from a trusted place where an employee would not necessarily question it or be as skeptical. Building up your organization\'s human firewall by fostering a strong security culture is essential to outsmart bad actors. The report covers the following: Common "In-The-Wild" Emails for Q1 2023 Top Phishing Email Subjects Globally Top 5 Attack Vector Types Top 10 Holiday Phishing Email Subjects in Q1 2023 This post has a full PDF infographic you can download and share with your users:https://blog.knowbe4.com/q1-2023-top-clicked-phishing [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters without ever leaving the PhishER console. Join us TOMORROW, Wednesday, May 17, @ 2:00 PM (ET) for a l]]> 2023-05-16T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-20-foot-in-the-door-the-q1-2023s-top-clicked-phishing-scams-infographic www.secnews.physaphae.fr/article.php?IdArticle=8336951 False Ransomware,Spam,Malware,Hack,Tool,Threat None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-05-15T12:09:55+00:00 https://blog.knowbe4.com/ransomware-gangs-big-game-hunting www.secnews.physaphae.fr/article.php?IdArticle=8336594 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #19  |   May 9th, 2023 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages. "Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message," Trend Micro warns. "The attack campaign has been operational since February 2023 and has a large impact area." The message displayed reads, "UPDATE EXCEPTION. An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update." A link is provided at the bottom of the bogus error message that takes the user to what\'s misrepresented as a link that will support a Chrome manual update. In fact the link will download a ZIP file that contains an EXE file. The payload is a cryptojacking Monero miner. A cryptojacker is bad enough since it will drain power and degrade device performance. This one also carries the potential for compromising sensitive information, particularly credentials, and serving as staging for further attacks. This campaign may be more effective for its routine, innocent look. There are no spectacular threats, no promises of instant wealth, just a notice about a failed update. Users can become desensitized to the potential risks bogus messages concerning IT issues carry with them. Informed users are the last line of defense against attacks like these. New school security awareness training can help any organization sustain that line of defense and create a strong security culture. Blog post with links:https://blog.knowbe4.com/fake-chrome-update-error-messages A Master Class on IT Security: Roger A. Grimes Teaches You Phishing Mitigation Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they\'re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Join Roger A. Grimes, KnowBe4\'s Data-Driven Defense Evangelist, ]]> 2023-05-09T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-19-watch-your-back-new-fake-chrome-update-error-attack-targets-your-users www.secnews.physaphae.fr/article.php?IdArticle=8334782 False Ransomware,Data Breach,Spam,Malware,Tool,Threat,Prediction ChatGPT,ChatGPT,NotPetya,NotPetya,APT 28 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-05-09T12:00:00+00:00 https://blog.knowbe4.com/dallas-police-department-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8334758 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #18  |   May 2nd, 2023 [Eye on AI] Does ChatGPT Have Cybersecurity Tells? Poker players and other human lie detectors look for "tells," that is, a sign by which someone might unwittingly or involuntarily reveal what they know, or what they intend to do. A cardplayer yawns when they\'re about to bluff, for example, or someone\'s pupils dilate when they\'ve successfully drawn a winning card. It seems that artificial intelligence (AI) has its tells as well, at least for now, and some of them have become so obvious and so well known that they\'ve become internet memes. "ChatGPT and GPT-4 are already flooding the internet with AI-generated content in places famous for hastily written inauthentic content: Amazon user reviews and Twitter," Vice\'s Motherboard observes, and there are some ways of interacting with the AI that lead it into betraying itself for what it is. "When you ask ChatGPT to do something it\'s not supposed to do, it returns several common phrases. When I asked ChatGPT to tell me a dark joke, it apologized: \'As an AI language model, I cannot generate inappropriate or offensive content,\' it said. Those two phrases, \'as an AI language model\' and \'I cannot generate inappropriate content,\' recur so frequently in ChatGPT generated content that they\'ve become memes." That happy state of easy detection, however, is unlikely to endure. As Motherboard points out, these tells are a feature of "lazily executed" AI. With a little more care and attention, they\'ll grow more persuasive. One risk of the AI language models is that they can be adapted to perform social engineering at scale. In the near term, new-school security awareness training can help alert your people to the tells of automated scamming. And in the longer term, that training will adapt and keep pace with the threat as it evolves. Blog post with links:https://blog.knowbe4.com/chatgpt-cybersecurity-tells [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, May 3, @ 2:00 PM (ET), for a live demonstration of how KnowBe4]]> 2023-05-02T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-18-eye-on-ai-does-chatgpt-have-cybersecurity-tells www.secnews.physaphae.fr/article.php?IdArticle=8332823 False Ransomware,Malware,Hack,Threat ChatGPT,ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-04-20T12:22:15+00:00 https://blog.knowbe4.com/cyber-insurance-hit-by-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8329651 False Ransomware None 4.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #15  |   April 11th, 2023 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams The Federal Trade Commission is alerting consumers about a next-level, more sophisticated family emergency scam that uses AI which imitates the voice of a "family member in distress." They started out with: "You get a call. There\'s a panicked voice on the line. It\'s your grandson. He says he\'s in deep trouble - he wrecked the car and landed in jail. But you can help by sending money. You take a deep breath and think. You\'ve heard about grandparent scams. But darn, it sounds just like him. How could it be a scam? Voice cloning, that\'s how." "Don\'t Trust The Voice" The FTC explains: "Artificial intelligence is no longer a far-fetched idea out of a sci-fi movie. We\'re living with it, here and now. A scammer could use AI to clone the voice of your loved one. All he needs is a short audio clip of your family member\'s voice - which he could get from content posted online - and a voice-cloning program. When the scammer calls you, he\'ll sound just like your loved one. "So how can you tell if a family member is in trouble or if it\'s a scammer using a cloned voice? Don\'t trust the voice. Call the person who supposedly contacted you and verify the story. Use a phone number you know is theirs. If you can\'t reach your loved one, try to get in touch with them through another family member or their friends." Full text of the alert is at the FTC website. Share with friends, family and co-workers:https://blog.knowbe4.com/the-new-face-of-fraud-ftc-sheds-light-on-ai-enhanced-family-emergency-scams A Master Class on IT Security: Roger A. Grimes Teaches Ransomware Mitigation Cybercriminals have become thoughtful about ransomware attacks; taking time to maximize your organization\'s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4. With 30+ years of experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making]]> 2023-04-11T13:16:54+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-15-the-new-face-of-fraud-ftc-sheds-light-on-ai-enhanced-family-emergency-scams www.secnews.physaphae.fr/article.php?IdArticle=8326650 False Ransomware,Data Breach,Spam,Malware,Hack,Tool,Threat ChatGPT,ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-04-11T12:20:01+00:00 https://blog.knowbe4.com/top-takeaways-you-could-be-missing-out-on-my-upcoming-ransomware-master-class www.secnews.physaphae.fr/article.php?IdArticle=8326633 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-04-04T13:50:02+00:00 https://blog.knowbe4.com/phony-ransomware-scareware www.secnews.physaphae.fr/article.php?IdArticle=8324686 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #14  |   April 4th, 2023 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam. It\'s not every day you hear about a purely social engineering-based scam taking place that is looking to run away with tens of millions of dollars. But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes. This attack begins with a case of VEC – where a domain is impersonated. In the case of this attack, the impersonated vendor\'s domain (which had a .com top level domain) was replaced with a matching .cam domain (.cam domains are supposedly used for photography enthusiasts, but there\'s the now-obvious problem with it looking very much like .com to the cursory glance). The email attaches a legitimate-looking payoff letter complete with loan details. According to Abnormal Security, nearly every aspect of the request looked legitimate. The telltale signs primarily revolved around the use of the lookalike domain, but there were other grammatical mistakes (that can easily be addressed by using an online grammar service or ChatGPT). This attack was identified well before it caused any damage, but the social engineering tactics leveraged were nearly enough to make this attack successful. Security solutions will help stop most attacks, but for those that make it past scanners, your users need to play a role in spotting and stopping BEC, VEC and phishing attacks themselves – something taught through security awareness training combined with frequent simulated phishing and other social engineering tests. Blog post with screenshots and links:https://blog.knowbe4.com/36-mil-vendor-email-compromise-attack [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, April 5, @ 2:00 PM (ET), for a live demo of how KnowBe4 i]]> 2023-04-04T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-14-eyes-on-the-price-how-crafty-cons-attempted-a-36-million-vendor-email-heist www.secnews.physaphae.fr/article.php?IdArticle=8324667 False Ransomware,Malware,Hack,Threat ChatGPT,ChatGPT,APT 43 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #13  |   March 28th, 2023 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO. "A leader tasked with cybersecurity can get ahead of the game by understanding where we are in the story of machine learning (ML) as a hacking tool," Tyson writes. "At present, the most important area of relevance around AI for cybersecurity is content generation. "This is where machine learning is making its greatest strides and it dovetails nicely for hackers with vectors such as phishing and malicious chatbots. The capacity to craft compelling, well-formed text is in the hands of anyone with access to ChatGPT, and that\'s basically anyone with an internet connection." Tyson quotes Conal Gallagher, CIO and CISO at Flexera, as saying that since attackers can now write grammatically correct phishing emails, users will need to pay attention to the circumstances of the emails. "Looking for bad grammar and incorrect spelling is a thing of the past - even pre-ChatGPT phishing emails have been getting more sophisticated," Gallagher said. "We must ask: \'Is the email expected? Is the from address legit? Is the email enticing you to click on a link?\' Security awareness training still has a place to play here." Tyson explains that technical defenses have become very effective, so attackers focus on targeting humans to bypass these measures. "Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. "This is where we can install a tripwire in our mindsets: we should be hyper aware of what it is we are acting upon when we act upon it. "Not until an employee sends a reply, runs an attachment, or fills in a form is sensitive information at risk. The first ring of defense in our mentality should be: \'Is the content I\'m looking at legit, not just based on its internal aspects, but given the entire context?\' The second ring of defense in our mentality then has to be, \'Wait! I\'m being asked to do something here.\'" New-school security awareness training with simulated phishing tests enables your employees to recognize increasingly sophisticated phishing attacks and builds a strong security culture. Remember: Culture eats strategy for breakfast and is always top-down. Blog post with links:https://blog.knowbe4.com/identifying-ai-enabled-phishing ]]> 2023-03-28T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-13-eye-opener-how-to-outsmart-sneaky-ai-based-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8322503 False Ransomware,Malware,Hack,Tool,Threat,Guideline ChatGPT,ChatGPT 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-03-24T12:15:00+00:00 https://blog.knowbe4.com/ransomware-data-theft-extortion-goes-up www.secnews.physaphae.fr/article.php?IdArticle=8321226 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #11  |   March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes. I'm giving you a short extract of the story and the link to the whole article is below. "Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service. "In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential info, client data, source code, or regulated information to the LLM. "In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance company. "And as more employees use ChatGPT and other AI-based services as productivity tools, the risk will grow, says Howard Ting, CEO of Cyberhaven. "'There was this big migration of data from on-prem to cloud, and the next big shift is going to be the migration of data into these generative apps," he says. "And how that plays out [remains to be seen] - I think, we're in pregame; we're not even in the first inning.'" Your employees need to be stepped through new-school security awareness training so that they understand the risks of doing things like this. Blog post with links:https://blog.knowbe4.com/employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blockl]]> 2023-03-14T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-11-heads-up-employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears www.secnews.physaphae.fr/article.php?IdArticle=8318404 False Ransomware,Data Breach,Spam,Malware,Threat,Guideline,Medical ChatGPT,ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-02-23T16:28:04+00:00 https://blog.knowbe4.com/ransomware-extortion-attacks-reach-critical-mass www.secnews.physaphae.fr/article.php?IdArticle=8312892 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #07  |   February 14th, 2023 [Scam of the Week] The Turkey-Syria Earthquake Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria. Less than 24 hours after two massive earthquakes claimed the lives of tens of thousands of people, cybercrooks are already piggybacking on the horrible humanitarian crisis. You need to alert your employees, friends and family... again. Just one example are scammers that pose as representatives from a Ukrainian charity foundation that seeks money to help those affected by the natural disasters that struck in the early hours of Monday. There are going to be a raft of scams varying from blood drives to pleas for charitable contributions for victims and their families. Unfortunately, this type of scam is the worst kind of phishbait, and it is a very good idea to inoculate people before they get suckered into falling for a scam like this. I suggest you send the following short alert to as many people as you can. As usual, feel free to edit: [ALERT] "Lowlife internet scum is trying to benefit from the Turkey-Syria earthquake. The first phishing campaigns have already been sent and more will be coming that try to trick you into clicking on a variety of links about blood drives, charitable donations, or "exclusive" videos. "Don't let them shock you into clicking on anything, or open possibly dangerous attachments you did not ask for! Anything you receive about this recent earthquake, be very suspicious. With this topic, think three times before you click. It is very possible that it is a scam, even though it might look legit or was forwarded to you by a friend -- be especially careful when it seems to come from someone you know through email, a text or social media postings because their account may be hacked. "In case you want to donate to charity, go to your usual charity by typing their name in the address bar of your browser and do not click on a link in any email. Remember, these precautions are just as important at the house as in the office, so tell your friends and family." It is unfortunate that we continue to have to warn against the bad actors on the internet that use these tragedies for their own benefit. For KnowBe4 customers, we have a few templates with this topic in the Current Events. It's a good idea to send one to your users this week. Blog post with links:https://blog.knowbe4.com/scam-of-the-week-the-turkey-syria-earthquake ]]> 2023-02-14T14:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-07-scam-of-the-week-the-turkey-syria-earthquake www.secnews.physaphae.fr/article.php?IdArticle=8310010 False Ransomware,Spam,Threat,Guideline ChatGPT 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-01-31T20:04:22+00:00 https://blog.knowbe4.com/ransomware-targets-getting-larger-fewer-victims-paying-ransom www.secnews.physaphae.fr/article.php?IdArticle=8305977 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-01-20T12:03:01+00:00 https://blog.knowbe4.com/eye-popper-ransomware-victims-refused-to-pay-last-year www.secnews.physaphae.fr/article.php?IdArticle=8302787 False Ransomware None 1.00000000000000000000 knowbe4 - cybersecurity services ]]> 2023-01-06T13:51:44+00:00 https://blog.knowbe4.com/ransomware-and-fraudulent-funds-transfer-are-the-two-main-drivers-of-cyber-loss www.secnews.physaphae.fr/article.php?IdArticle=8298538 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-01-05T13:32:40+00:00 https://blog.knowbe4.com/these-grim-figures-show-that-the-ransomware-problem-isnt-going-away www.secnews.physaphae.fr/article.php?IdArticle=8298186 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2022-12-28T12:15:35+00:00 https://blog.knowbe4.com/eye-opener-insurance-policy-doesnt-cover-ransomware-attack-ohio-supreme-court-says www.secnews.physaphae.fr/article.php?IdArticle=8295523 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2022-12-16T13:15:38+00:00 https://blog.knowbe4.com/hospitals-warned-of-royal-ransomware-attacks-by-u.s.-department-of-health www.secnews.physaphae.fr/article.php?IdArticle=8291976 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 12 #49  |   December 6th, 2022 [Keep An Eye Out] Beware of New Holiday Gift Card Scams By Roger A. Grimes Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something. The gift card market is estimated in the many hundreds of BILLIONS of dollars. Who doesn't like to get a free gift card? Unfortunately, scammers often use gift cards as a way to steal value from their victims. There are dozens of ways gift cards can be used by scammers to steal money. Roger covers these three scams in a short [VIDEO] and in detail on the KnowBe4 blog: You Need to Pay a Bill Using Gift Cards Maliciously Modified Gift Cards in Stores Phish You for Information to Supposedly Get a Gift Card Blog post with 2:13 [VIDEO] and links you can share with your users and family:https://blog.knowbe4.com/beware-of-holiday-gift-card-scams [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. NEW! KnowBe4 Mobile Learner App - Users Can Now Train Anytime, Anywhere! NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers NEW! AI-Driven phishing and training recommendations for your end users Did You Know? You can upload your own training video and SCORM modules into your account for home workers Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes Find out how 50,000+ organizations have mobilized their end-users as their human firewall. Date/Time: TOMORROW, Wednesday, December 7 @ 2:00 PM (ET) Save My Spot!https://event.on24.com/wcc/r/3947028/0273119CCBF116DBE42DF81F151FF99F?partnerref=CHN3 ]]> 2022-12-06T14:30:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-49-keep-an-eye-out-beware-of-new-holiday-gift-card-scams www.secnews.physaphae.fr/article.php?IdArticle=8288279 False Ransomware,Data Breach,Spam,Hack,Tool,Guideline None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2022-12-02T17:36:35+00:00 https://blog.knowbe4.com/ransomware-attacks-on-holidays-weekends-increase www.secnews.physaphae.fr/article.php?IdArticle=8286741 False Ransomware None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2022-11-21T18:33:41+00:00 https://blog.knowbe4.com/10-million-health-records-leaked-after-refusing-to-pay-ransom www.secnews.physaphae.fr/article.php?IdArticle=8151363 False Ransomware None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2022-11-09T11:54:55+00:00 https://blog.knowbe4.com/eyes-out-this-scary-strain-of-sleeper-ransomware-is-really-a-data-wiper-in-disguise www.secnews.physaphae.fr/article.php?IdArticle=7904361 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-10-12T16:00:00+00:00 https://blog.knowbe4.com/encrypted-files-are-the-overwhelming-way-organizations-detect-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=7415017 False Ransomware None None knowbe4 - cybersecurity services New analysis highlights just how prevalent ransomware attacks are today, how material the impacts are, whether organizations get their data back, and exactly how these attacks start.]]> 2022-10-04T13:14:56+00:00 https://blog.knowbe4.com/one-fourth-of-organizations-have-been-ransomware-victims www.secnews.physaphae.fr/article.php?IdArticle=7295804 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-08-16T13:34:25+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-33-eye-opener-recent-cisco-hack-by-ransomware-group-started-because-of-a-phishing-attack www.secnews.physaphae.fr/article.php?IdArticle=6353337 True Ransomware,Hack None None knowbe4 - cybersecurity services ]]> 2022-08-11T13:28:56+00:00 https://blog.knowbe4.com/solidbit-ransomware-targets-league-of-legends-players www.secnews.physaphae.fr/article.php?IdArticle=6250702 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-08-11T12:59:06+00:00 https://blog.knowbe4.com/recent-cisco-hack-by-ransomware-group-started-because-of-a-phishing-attack www.secnews.physaphae.fr/article.php?IdArticle=6249900 False Ransomware,Hack None None knowbe4 - cybersecurity services ]]> 2022-08-02T13:07:39+00:00 https://blog.knowbe4.com/cyber-insurance-expected-to-continue-to-rise-as-sophistication-and-cost-of-ransomware-attacks-increase www.secnews.physaphae.fr/article.php?IdArticle=6090333 False Ransomware None None knowbe4 - cybersecurity services Do you know your organizations true security risk and where to prioritize your resources? A new report from Palo Alto Networks sheds some light on these questions and shows multiple insights on incident response work from security teams. ]]> 2022-07-27T12:49:48+00:00 https://blog.knowbe4.com/new-report-reveals-that-ransomware-and-business-email-compromise-attacks-cause-nearly-70-of-cyber-incidents www.secnews.physaphae.fr/article.php?IdArticle=5969095 False Ransomware None None knowbe4 - cybersecurity services The Colonial Pipeline ransomware attack of 2021 put infrastructure operators on notice that they were directly in the crosshairs of big ransomware gangs. The reaction of law enforcement seems, however, to have also put the gangs on notice that their ability to operate with impunity isn't what it used to be. The big criminal operations seem to be breaking up. That's not because they've gone straight. It's because they've realized that they're more vulnerable than they used to be.]]> 2022-07-25T13:12:21+00:00 https://blog.knowbe4.com/ransomware-groups-get-smaller-and-more-social www.secnews.physaphae.fr/article.php?IdArticle=5940095 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-07-19T12:16:00+00:00 https://blog.knowbe4.com/copyright-claim-email-is-a-lockbit-ransomware-phishing-attack-in-disguise www.secnews.physaphae.fr/article.php?IdArticle=5825116 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-07-06T13:06:58+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-27-new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network www.secnews.physaphae.fr/article.php?IdArticle=5578905 True Ransomware,Hack None None knowbe4 - cybersecurity services ]]> 2022-07-06T12:03:07+00:00 https://blog.knowbe4.com/phishing-emails-top-the-list-as-the-initial-attack-vector-for-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=5577744 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-07-01T10:47:10+00:00 https://blog.knowbe4.com/new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network www.secnews.physaphae.fr/article.php?IdArticle=5489139 False Ransomware,Hack None None knowbe4 - cybersecurity services ]]> 2022-06-20T14:10:51+00:00 https://blog.knowbe4.com/less-than-40-of-asia-pacific-organizations-are-confident-to-stop-cyber-threats-as-83-experience-at-least-one-ransomware-attack-a-year www.secnews.physaphae.fr/article.php?IdArticle=5299121 False Ransomware,Threat None None knowbe4 - cybersecurity services Researchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims' names after the initial attack, giving the victims a chance to pay up before the attack is publicized. This puts an additional layer of pressure on the victim to pay quickly, because it may allow them to avoid the reputational damage that's among the biggest threats a victim faces. If the victim refuses to pay, the attackers can then publish their name and threaten to release the stolen data.]]> 2022-06-09T16:02:12+00:00 https://blog.knowbe4.com/approaching-ransomware-victims-privately www.secnews.physaphae.fr/article.php?IdArticle=5058805 False Ransomware,Threat None None knowbe4 - cybersecurity services ]]> 2022-06-07T13:11:51+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-23-heads-up-our-global-ransomware-damage-will-be-more-than-265-billion-by-2031 www.secnews.physaphae.fr/article.php?IdArticle=5021970 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-06-01T22:08:53+00:00 https://blog.knowbe4.com/ransomware-business-explained-as-a-simple-funnel www.secnews.physaphae.fr/article.php?IdArticle=4924324 False Ransomware None None knowbe4 - cybersecurity services ]]> 2022-06-01T12:59:33+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-22-heads-up-the-new-verizon-2022-data-breach-investigation-report-shows-sharp-rise-in-ransomware www.secnews.physaphae.fr/article.php?IdArticle=4918859 False Ransomware,Data Breach None None knowbe4 - cybersecurity services ]]> 2022-05-25T16:30:10+00:00 https://blog.knowbe4.com/ransomware-involved-in-25-percent-of-data-breaches www.secnews.physaphae.fr/article.php?IdArticle=4805465 False Ransomware None None knowbe4 - cybersecurity services A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far.]]> 2022-05-13T12:04:41+00:00 https://blog.knowbe4.com/u.s.-ransomware-attacks-doubled-in-the-last-year www.secnews.physaphae.fr/article.php?IdArticle=4590688 False Ransomware None None knowbe4 - cybersecurity services As detection times are reducing across the board, threat groups are improving their craft and are prioritizing speed as the key ingredient in ransomware attacks.]]> 2022-05-04T13:28:52+00:00 https://blog.knowbe4.com/fin12-ransomware-attacks-two-days-after-initial-access www.secnews.physaphae.fr/article.php?IdArticle=4543187 False Ransomware,Threat None None knowbe4 - cybersecurity services With ransomware attacks on the increase, new data shows a material portion of small and medium business organizations are completely ill-equipped to address an attack.]]> 2022-04-28T22:05:02+00:00 https://blog.knowbe4.com/75-of-smbs-would-only-survive-seven-days-or-less-from-a-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=4519095 False Ransomware None None knowbe4 - cybersecurity services As the number of ransomware attacks has increased 24% over the previous year, security researchers estimate the total associated attack costs to be just over 7 times higher.]]> 2022-04-28T19:25:08+00:00 https://blog.knowbe4.com/eye-opener-the-ransom-payment-is-only-15-of-the-total-cost-of-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4518689 False Ransomware None None knowbe4 - cybersecurity services As ransomware costs increase, along with the effectiveness and use of extortions, smaller businesses are paying the price, according to new data from Webroot.]]> 2022-04-13T20:44:27+00:00 https://blog.knowbe4.com/smbs-account-for-half-of-ransomware-victim-organizations www.secnews.physaphae.fr/article.php?IdArticle=4443521 False Ransomware None None knowbe4 - cybersecurity services Skyrocketing attack rates, double and triple extortion, increasing ransom demands… cybercriminals are inflicting pain in every way imaginable when it comes to today's ransomware attacks. And you need to be prepared to protect your network, NOW.]]> 2022-04-08T12:30:51+00:00 https://blog.knowbe4.com/ransomware-hostage-rescue-checklist-webinar www.secnews.physaphae.fr/article.php?IdArticle=4417060 False Ransomware None None knowbe4 - cybersecurity services [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online   Email not displaying? | CyberheistNews Vol 12 #13  |   Mar. 29th., 2022 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, and how the tech still needs to improve. While much of the headlines today around the Russian invasion of Ukraine focus on the war on the ground and in the air, a cyberwar is being waged behind the scenes. It began with wiper ransomware attacks on Ukrainian businesses and government agencies and has culminated so far with a newly released deepfake video of Ukrainian president Zelenskyy asking his troops to lay down their weapons and surrender. ]]> 2022-03-29T13:59:07+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-13-heads-up-published-zelenskyy-deepfake-video-demonstrates-the-modern-war-online www.secnews.physaphae.fr/article.php?IdArticle=4359897 True Ransomware None None knowbe4 - cybersecurity services Google's Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang. EXOTIC LILY uses phishing attacks to gain access to organizations' networks, then sells this access to other gangs for further exploitation.]]> 2022-03-24T14:20:53+00:00 https://blog.knowbe4.com/initial-access-broker-group-relies-on-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=4335000 False Ransomware,Threat None None knowbe4 - cybersecurity services There is a new ransomware-as-a-service (RaaS) strain called LokiLocker, researchers at Blackberry warn. The malware uses rare code obfuscation and includes a file wiper component that attackers can deploy if their victims don't pay. "It shouldn't be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. ]]> 2022-03-17T12:43:59+00:00 https://blog.knowbe4.com/heads-up-new-evil-ransomware-feature-disk-wiper-if-you-dont-pay www.secnews.physaphae.fr/article.php?IdArticle=4298335 False Ransomware,Malware None None knowbe4 - cybersecurity services New data puts the spotlight on how most organizations unable to completely recover their data after a ransomware attack, making the case for better data protection for improved incident response.]]> 2022-03-16T14:25:21+00:00 https://blog.knowbe4.com/three-fourths-of-organizations-experienced-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=4292194 False Ransomware None None knowbe4 - cybersecurity services [Heads Up] FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs   Email not displaying? | CyberheistNews Vol 12 #11 |   Mar. 15th., 2022 [Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors. ]]> 2022-03-15T13:41:15+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-11-heads-up-fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs www.secnews.physaphae.fr/article.php?IdArticle=4284892 True Ransomware None None knowbe4 - cybersecurity services The cybercrime market has skyrocketed in a frightening way. With threats such as ransomware to Business Email Compromise (BEC), the stakes are higher than ever for organizations across all industries.]]> 2022-03-15T12:43:58+00:00 https://blog.knowbe4.com/cybercrime-as-a-service-evolution-how-to-fight-back www.secnews.physaphae.fr/article.php?IdArticle=4284272 False Ransomware None None