KnowBe4

MARCH 25, 2024

Cybercriminals are catching up to all the digital transformation done over the last decade, as new data shows increased expertise in leveraging and.

Digital transformation 114

Digital transformation Cloud Security awareness Ransomware 114

KnowBe4

NOVEMBER 20, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities.

Cybersecurity 91

Cybersecurity Security Security awareness Phishing 91

KnowBe4

FEBRUARY 2, 2023

A business email compromise (BEC) gang has launched more than 350 attacks against organizations in the US, according to researchers at Abnormal Security. The threat actor, which Abnormal Security tracks as “Firebrick Ostrich,” conducts open-source reconnaissance on their targets in order to construct their scam.

Security 78

Security Security awareness 78

The Last Watchdog

AUGUST 31, 2023

About Hornetsecurity: Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. For more information, visit www.hornetsecurity.com.

Cybersecurity 100

Cybersecurity Risk Education Security awareness 100

Security Affairs

JULY 1, 2023

The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. The ransomware group claims to have stolen a huge amount of sensitive information from the company and threatens to publish it in the case of payment refusal. continues the statement.

Manufacturing 81

Manufacturing Ransomware Security awareness Cybersecurity 81

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Security awareness 104

Security awareness Manufacturing Ransomware Cybersecurity 104

KnowBe4

JULY 7, 2023

Apparently expanding efforts outside of Southeast Asian countries, this threat group’s known malware has shown up in a European healthcare facility, raising concerns for USB-based attacks.

Security awareness 84

Security awareness Cybersecurity Security 84

Security Affairs

DECEMBER 21, 2020

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. ” The KISMET exploit chain doesn’t work against iOS 14 and above because the new mobile iOS implements additional security protections.

Government 129

Government Security awareness Sales Education 129

The Last Watchdog

JUNE 22, 2023

Email impersonation threats are proving to be the most difficult to block as social engineering helps cybercriminals successfully deceive both end users and the security tools designed to protect them. 36 percent of email display names are altered to a more granular level and pose as specific individuals.

Phishing 100

Phishing Security awareness Cybersecurity Security 100

IBM Big Data Hub

AUGUST 9, 2023

Since 2019, the number of phishing attacks has grown by 150% percent per year— with the Anti-Phishing Working Group (APWG) reporting an all-time high for phishing in 2022 , logging more than 4.7 Phishing tests are usually part of broader security awareness training led by IT departments or security teams.

Phishing 74

Phishing Security awareness Analytics Cybersecurity 74

Security Affairs

FEBRUARY 28, 2024

VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense.

Security 118

Security Phishing Communications Financial Services 118

Security Affairs

APRIL 6, 2020

Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. Experts observed Coronavirus-themed attacks launched by the group since March. Sangfor plans to release a security patched within tomorrow.

Government 127

Government Security awareness Security Risk 127

KnowBe4

OCTOBER 2, 2023

ESET researchers uncovered the attack and attributed it to the Lazarus group, particularly a campaign dubbed Operation DreamJob. This campaign by the Lazarus group was aimed at defense and aerospace companies with the goal of carrying out cyberespionage.

IT 110

IT Security awareness Cybersecurity Security 110

Thales Cloud Protection & Licensing

DECEMBER 13, 2023

Sanctions can be leveled against criminal organizations, individuals, or groups from certain countries in an effort to curb ransomware attacks. However, there are numerous factors that complicate circumstances and hinder the ability of sanctions to have a substantial impact on the ransomware threat landscape.

Ransomware 77

Ransomware Encryption Security awareness Cybersecurity 77

Dark Reading

MAY 8, 2018

Lack of security talent, low security awareness among employees, and too much data to analyze tops the list of cyberthreats in the 2018 Cyberthreat Defense Threat Report from CyberEdge group.

Security awareness 55

Security awareness Security 55

KnowBe4

DECEMBER 6, 2022

Live Demo] Ridiculously Easy Security Awareness Training and Phishing. Old-school awareness training does not hack it anymore. Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET) , for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.

Security awareness 88

Security awareness Phishing Risk Insurance 88

OpenText Information Management

JUNE 7, 2024

Ensures compliance with a broad spectrum of regulatory requirements, including user and group access, to enhance overall data security and governance. Applies the ‘least privilege principle’ and provides ongoing security awareness training. Ensures comprehensive governance through regular assessments and certifications.

Cybersecurity 62

Cybersecurity Risk Data breaches Analytics 62

Thales Cloud Protection & Licensing

OCTOBER 24, 2019

In the spirit of National Cyber Security Awareness Month (NCSAM), my colleague Ashvin Kamaraju wrote about how organizations can use fundamental controls to secure their information technology. Effective digital security doesn’t end at “Secure IT,” however. Building a Robust Security Culture.

Security awareness 83

Security awareness IT Security Passwords 83

Security Affairs

MARCH 19, 2022

“AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. .” Focus on cyber security awareness and training.

Ransomware 97

Ransomware Passwords Encryption Financial Services 97

KnowBe4

MARCH 28, 2023

Security awareness training still has a place to play here." New-school security awareness training with simulated phishing tests enables your employees to recognize increasingly sophisticated phishing attacks and builds a strong security culture. We must ask: 'Is the email expected? Is the from address legit?

Phishing 84

Phishing Security awareness Insurance Cybersecurity 84

DLA Piper Privacy Matters

APRIL 9, 2020

how hackers maximise their penetration across the victim’s network to inflict maximum damage. the do’s and don’t’s when conducting breach response and an internal investigation. the thorny question: should I pay the ransom?

Ransomware 52

Ransomware Security awareness Insurance Passwords 52

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. .” “But they are learning how to maximize the gains from their activities.

Phishing 360

Phishing Authentication Access Security 360

Krebs on Security

DECEMBER 18, 2018

Yet, considering how much marketing (think consumer/customer data) and human resources (think employee personal/financial data) are impacted by your average data breach, it’s somewhat remarkable that more companies don’t list their chief security personnel among their top ranks. Source: Accenture.

Security 226

Security Marketing Cybersecurity Data breaches 226

Security Affairs

FEBRUARY 3, 2020

Exploitation of staff is a key area” “ Organised crime groups are planting ‘sleepers’ in cleaning companies that a procurement team may look at bidding for. ” Shelton Newsham, who manages the Yorkshire and Humber Regional Cyber Crime Team, told an audience at the SINET security event. There’s no way of auditing their vetting.

Security awareness 74

Security awareness Access Privacy Security 74

IT Governance

MARCH 15, 2019

Earlier this month we caught up with Geraint Williams, CISO for GRC International Group plc, to find out more about information security and how he raises awareness within the workplace.

Education 74

Education Security awareness Information Security Risk 74

eSecurity Planet

AUGUST 23, 2023

Spear phishing is a more targeted and effective phishing technique that attempts to exploit specific individuals or groups within an organization. Individuals and organizations should prioritize security awareness training, implement email security measures, and encourage vigilance when dealing with unusual or urgent requests.

Phishing 98

Phishing Authentication Security awareness Passwords 98

KnowBe4

APRIL 4, 2023

Security solutions will help stop most attacks, but for those that make it past scanners, your users need to play a role in spotting and stopping BEC, VEC and phishing attacks themselves – something taught through security awareness training combined with frequent simulated phishing and other social engineering tests.

Phishing 82

Phishing Security awareness Cybersecurity Education 82

eSecurity Planet

SEPTEMBER 17, 2021

You can see it as a framework used by security teams for test purposes and threat groups. What makes this attack impressive is not the port to Linux, even if it’s undeniably rare and noticeable, but more the use of the malware in actual attacks on multiple targets, including security-aware organizations.

Communications 119

Communications Security awareness Encryption Access 119

eSecurity Planet

JULY 18, 2023

Microsoft has hardened security following a Chinese hack of U.S. Even as the threat has passed, Microsoft officials are still analyzing how a Chinese threat group was able to access U.S. Chinese hacker group Storm-0558 breached an undisclosed number of email accounts belonging to 25 organizations, including U.S.

Authentication 98

Authentication Access Phishing Government 98

eSecurity Planet

FEBRUARY 2, 2022

For example, hacktivists could launch an attack on a specific data center’s HVAC system in retaliation for some actions by a person or group connected to the facility. State-sponsored groups could disrupt power to critical data center components and cause a shutdown of the site, they wrote.

Passwords 120

Passwords Marketing Risk Cybersecurity 120

eSecurity Planet

AUGUST 9, 2021

A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers ad security and quality solutions to online and mobile advertisers. An Attack by a Criminal Ring.

IoT 145

IoT Cloud Mining Marketing 145

The Last Watchdog

FEBRUARY 3, 2021

26 posting confirming that the compromise was at the hands of the same nation-state threat group behind the SolarWinds hack and subsequent attacks on various technology companies and federal government agencies. Meanwhile, Mimecast followed its Jan. 12 disclosure of a digital certificate compromise with a Jan.

Phishing 252

Phishing Access Passwords Authentication 252

KnowBe4

MARCH 10, 2023

A look back at the last year of attacks on Ukraine by Google’s Threat Analysis Group (TAG) provides insight into attacks on NATO countries to gain a cyberspace advantage.

Security awareness 67

Security awareness Phishing Security 67

eSecurity Planet

JANUARY 5, 2023

There’s even been growing evidence that data destruction could replace ransomware , as ransomware groups seek leverage to force victims to pay. It becomes increasingly likely that malware developed by nation-state actors could be picked up and reused by criminal groups and spread through the CaaS model.

Security 145

Security Ransomware Cybersecurity Privacy 145

The Last Watchdog

NOVEMBER 27, 2018

This is a platform for security awareness training and simulated phishing tests focusing on the problem of social-engineering. A phishing simulation is carried out across the organization for all employees or a targeted group. Employees can account for any suspicious emails, through an easy report feature, Knowbe4.

Phishing 113

Phishing Education Ransomware Security awareness 113

KnowBe4

JUNE 13, 2023

Security awareness training is key in helping to reduce the likelihood users will fall for social engineering scams – whether in email, on the web, in a text, etc. In essence, security awareness training is your countermeasure to the "Human Element." Otherwise, you may just become part of the statistics in the report.

Phishing 74

Phishing Passwords Data breaches Security awareness 74

The Last Watchdog

JUNE 21, 2020

It is kind of an affiliate model where different cybercriminals groups execute the distribution part and share their earnings with ransomware authors. The plummeting price of Bitcoin in 2018, combined with the growth of users’ overall security awareness and better protection practices, caused ransomware operators to rethink their strategies.

Ransomware 243

Ransomware Encryption Privacy Security awareness 243