Monthly Archives: April 2023

Earlier this month, state employees in the US state of New Jersey began receiving emails that falsely represented themselves as originating with the state’s attorney general.

[BUDGET AMMO] James Rundle at the The Wall Street Journal today published a very interesting article about the long-term costs of cyber attacks and the fact that cyber insurers are getting more and more worried that their models do not … Read More

CyberheistNews Vol 13 #16  |   April 18th, 2023 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz Curiosity leads people to suspend their better judgment as a new campaign of credential theft exploits a person’s excitement about the … Read More

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.

National Westminster Bank, the London-based bank familiarly known as NatWest, has warned its customers to be on the alert for emails pretending to be from NatWest, but which in fact are from scammers trying to bubble the unwary out of … Read More

The Indian Railway Catering and Tourism Corporation (IRCTC), described as “a popular platform used by a significant number of Indians for booking train tickets,” has cautioned users about a malicious Android application that’s being used to commit fraud against railway … Read More

Remember The Sims? Well Stanford created a small virtual world with 25 ChatGPT-powered “people”. The simulation ran for 2 days and showed that AI-powered bots can interact in a very human-like way.

Companies target sextortion victims, Google Play malware is hawked on dark marketplaces and zero-click spyware infects iPhones. Here are the latest threats and advisories for the week of April 14, 2023.   By John Weiler  Threat Advisories and Alerts  Predatory Companies … Read More

A method used in domain impersonation attacks, combosquatting aids the threat actor by using a modified domain name to further increase the credibility of an attack.

The use of Large Language Models (LLMs) is the fine tuning AI engines like ChatGPT need to focus the scam email output to only effective content that results in a wave of new email scams.

Affinity phishing scams are ones in which criminals cultivate trust in their prospective victims by trading on common background, either real or feigned. Thus a fraudster might claim a common religion, a shared military background, membership in a profession, or … Read More

We are less than 200 days away from the 2023 (ISC)² Security Congress conference. Our team is hard at work reviewing the presentations many of you submitted for breakout sessions this year. This year’s event will feature more than 100 … Read More

With all the overwrought hype with ChatGPT and AI…much of it earned…you could be forgiven for thinking that only the bad actors are going to be using these advanced technologies and the rest of us are at their mercy.

Anticipation leads people to suspend their better judgment as a new campaign of credential theft exploits a person’s excitement about the newest AI systems not yet available to the general public. On Tuesday morning, April 11th, Veriti explained that several … Read More

Apple plugs security holes for Easter as cops bring Genesis to an end. The UK fines TikTok over underage data use. DDoS attacks surge and cybersecurity professionals keep quiet over breaches.  By Joe Fay  Apple Rolls Out Fixes for Zero … Read More

There is no doubt that ransomware is one of the top cybersecurity challenges of our lifetime. Survey after survey has revealed senior management and IT employees from the top on down, list a successful ransomware attack as their number one … Read More

CyberheistNews Vol 13 #15  |   April 11th, 2023 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams The Federal Trade Commission is alerting consumers about a next-level, more sophisticated family emergency scam that uses AI … Read More

By Chinatu Uzuegbu, CISSP, CEO/Managing Cyber Security Consultant at RoseTech CyberCrime Solutions Ltd.  We kicked off the Identity and Access Management Processes from the Top-Level Management approach. The Identity and Access Management Security Steering Committee is a group of C-Suites … Read More

4/11/2023 – Gizmodo just dropped this eye-roll inducing news. The disgraced crypto exchange had no dedicated cybersecurity staff and “protected” users assets with minimal safeguards, according to new bankruptcy filings.

The human factor is involved in 82% of data breaches, according to the 2022 Verizon Data Breach Investigations Report. Cybercriminals use social engineering techniques like phishing, spear phishing and impersonation to manipulate your employees in attempts to hack into your … Read More