Monthly Archives: May 2023

Fighting spear phishing attacks is the single best thing you can do to prevent breaches.

As audio deepfake technology continues to go mainstream as part of the evolution in AI-based tools, new data shows there are plenty of victims and they aren’t prepared for such an attack.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has identified and designated Mikhail Matveev for his role in ransomware attacks back 2021.

50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, organizations receive five “highly personalized spear phishing emails per day.”

CyberheistNews Vol 13 #22  |   May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the … Read More

Brian Krebs wrote: “A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

At KB4-CON 2023, we had a customer panel that I hosted discussing the connection between security and compliance training content when trying to change organizational security culture.

Found this highly amusing article: Legal Twitter is having tremendous fun right now reviewing the latest documents from the case Mata v. Avianca, Inc. (1:22-cv-01461). Here’s a neat summary:

Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the user that they need to renew their subscription.

As the world continues to evolve, so does the nature of warfare. China’s People’s Liberation Army (PLA) is increasingly focused on “Cognitive Warfare,” a term referring to artificial intelligence (AI)-enabled military systems and operational concepts. The PLA’s exploration into this … Read More

Check out the 20 new pieces of training content added in May, alongside the always fresh content update highlights, events and new features.

Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email used in phishing. The smishing problem may be smaller than the … Read More

Egress, a cybersecurity company that provides intelligent email security, recently released their Email Security Risk Report 2023.

New data shows that changes in cybercriminals’ phishing techniques are improving their game, making it easier to make their way into a potential victim user’s inbox.

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk of drive-by attacks.

With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all.

Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.

CyberheistNews Vol 13 #21  |   May 23rd, 2023 [Double Trouble] 78% of Ransomware Victims Face Multiple Extortions in Scary Trend New data sheds light on how likely your organization will succumb to a ransomware attack, whether you can recover … Read More

As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering.

The Insider reported that an apparently AI-generated photo faking an explosion near the Pentagon in D.C. went viral. The Arlington Police Department confirmed that the image and accompanying reports were fake. But when the news was shared by a reputable … Read More