Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2023

Top Four Security Tips for Cyber Safety on National Computer Security Day

To celebrate National Computer Security Day, which is recognized on November 30 every year, KnowBe4 encourages all IT and security professionals to train their workforce how to stay safe from cybersecurity threats as the organization’s last line of defense. It is also crucial to focus on building a strong security culture by educating employees about today’s cyber threat landscape and how they can play a role in protecting the organization.

Criminals Are Cautious About Adopting Malicious Generative AI Tools

Researchers at Sophos have found that the criminal market for malicious generative AI tools is still disorganized and contentious. While there are obvious ways to abuse generative AI, such as crafting phishing emails or writing malware, criminal versions of these tools are still unreliable. The researchers found numerous malicious generative AI tools on the market, including WormGPT, FraudGPT, XXXGPT, Evil-GPT, WolfGPT, BlackHatGPT, DarkGPT, HackBot, PentesterGPT, PrivateGPT.

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach. Normally when there’s a press release from an organization hit by a data breach, there are at least a few details that let customers know the company has a handle on what transpired, that the breach has been mitigated, and what customers impacted should do to protect themselves.

Users Fall for Smishing Attacks 6-10 Times More Than Email-Based Attacks

With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social engineering tactics. We consume so much content from people you don’t personally know that it’s not part of your everyday process to stop and be critical of what’s being presented to you. And that’s exactly what cybercriminals are taking advantage of.

Who Knew Neanderthals were so High-Tech?

Researchers at ESET describe various types of scams launched by users of Telekopye, a telegram bot that assists in crafting social engineering attacks. The scammers call their victims “mammoths,” so ESET has dubbed the scammers “Neanderthals.” The first type of scam is simply financial data theft via phishing sites.

My Top 7 Cybersecurity Reflections for 2024

The digital landscape is evolving at an exponential rate, and with it, the cybersecurity challenges we face. As we approach 2024, I've reflected on the insights gleaned from recent discussions I was privileged to partake in, such as the World Economic Forum's annual cybersecurity conference, ThreatCon and conversations with industry leaders, academics, and government representatives. Here are my top seven takeaways for 2024.

Huntress Finds Business Email Compromise (BEC) Increases In Q3, 2024

Huntress has released a report finding that business email compromise (BEC) attacks have risen in the third quarter of 2023. “64% of identity-focused incidents in Q3 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC),” the researchers write. “Another 24% of identity-focused incidents involved logins from unusual or suspicious locations.

Initial Access Broker Activity Doubles in One Year's Time

New data sheds light on just how active the Initial Access Broker (IAB) business is, and the growth uncovered doesn’t bode well for potential victim organizations. There’s plenty of fodder in tech news about the use of IABs and their role in cyber attacks. But rarely do we get to see a more comprehensive analysis of just how much growth in both the number of brokers and posts of credentials for sale.

Phishing Attacks Expected to More Than Double During the Black Friday and Cyber Monday Shopping Week

Another day, another warning about holiday scams! Lookout Inc., a data-centric cloud security company, is warning employees and businesses that phishing attacks are expected to more than double this week, based on historical data. With more corporate data residing in the cloud and a massive amount of employees still working remotely, mobile has become the endpoint of choice for the modern workforce.

Digital Skimming Increases by 50%, Just in Time for the Holiday Season

Security researchers identify growth in the use of an ongoing cyberskimming campaign that involves compromising legitimate website checkout code. We’ve all seen a video that shows someone fidgeting with a credit card terminal only to pull off a very realistic molded cover that looks identical to the actual device beneath it complete with its own circuitry to read and store credit card swipes. Now take that very same idea and put it into the digital world.

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber weaknesses. Not every report needs to have stats on the state of how bad things are. In fact, it’s quite refreshing for a report to simply state what kinds of attacks are transpiring and what the reader can do to mitigate such threats.

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities. The group, believed to be unusual both for the relative youth of its members and their native proficiency in English, was responsible for this summer’s compromises of MGM Resorts and Caesars Entertainment. It also excels at social engineering.

With Expected Increases of Holiday Sales Comes Similar Expectations of More Cyber Scams

If increases in cyberattacks this year are any indication of what to expect in the next six weeks of holiday shopping, we should expect a massive uptick in holiday-related scams. The expectation by the National Retail Foundation for this year’s holiday shopping is that we will see 4% more spending than last year. This is a slight year over year decrease (as last year saw a 5.4% increase over 2021), but still indicates increases in spending.

QR Code Phishing Attacks Surging

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control. It’s usually bad when we compare one month or quarter to another and see an increase. But when it’s a single month compared to more than half a year, you know it’s REALLY bad. And that’s what we find in security vendor ReliaQuest’s latest blog covering how Quishing is being used.

KnowBe4 Integrates With Cisco Duo To Streamline Secure Sign Ins

Social engineering remains one of the top attack vectors that cybercriminals use to execute malicious acts. KnowBe4’s security awareness training and simulated phishing platform allows workforces to make smarter decisions, strengthen an organization’s security culture and human risk by protecting their organization from phishing, social engineering and ransomware.

BlackCat Ransomware's New SEC Reporting Tactic: Turn Regulations Against Victims

Man Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC's new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in ransomware strategies.

It's Official: Scams Via Email and Text are Inescapable as Nearly Every American Receives Fake Messages Daily

New findings show that the overwhelming majority of people have to sort through scam messages and texts. According to McAfee’s Global Scam Message Study, more than 80% of Americans say it’s more difficult than ever to spot a text, email or social media message that’s a scam. The proliferation of such messages sent via email and SMS is giving the average person a real sense that even they could become a victim if they’re not careful.

AI-Manipulated Media Through Deepfakes and Voice Clones: Their Potential for Deception

Researchers at Pindrop have published a report looking at consumer interactions with AI-generated deepfakes and voice clones. “Consumers are most likely to encounter deepfakes and voice clones on social media,” the researchers write. “The top four responses for both categories were YouTube, TikTok, Instagram, and Facebook. You will note the bias toward video on these platforms as YouTube and TikTok encounters were materially higher.

PhishER Plus - Global Blocklist Functionality

PhishER Plus was developed to help you supercharge your organization’s email security defenses and is an additional final layer after your existing SEG and other cybersecurity layers fail. See what the Global Blocklist capability can do - Blocklist entries of validated threats crowdsourced from 10+ million trained users are leveraged to automatically block matching new incoming messages from reaching your users’ inboxes. This continually updated threat feed is managed by KnowBe4 and syncs with your Microsoft 365 mail server.

What Does the Latest SEC Charges Against Solarwinds' CISO Means for CISOs Everywhere?

In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) moving forward. As a CISO, it’s my job to ensure that KnowBe4's information systems and data, including our customer’s data, remain protected from any and all cyber attacks. The state of any organization’s cybersecurity rests with the CISO (if they have one).

[HEADS UP] FBI Warns About Callback Phishing

In a recent official advisory, the FBI warned about the threat of callback phishing (among other threats). Below is the relevant excerpt. If you are not familiar with callback phishing, it is usually a phishing email that arrives into a user’s email inbox, containing some sort of usual phishing message requiring the user’s urgent response. But unlike traditional email phishing, it does not contain a URL linked to a malicious site or content.

KnowBe4 Wins Multiple 2023 Best Of Awards From TrustRadius

KnowBe4 is proud to be recognized by TrustRadius for our Security Awareness Training and PhishER platforms in three categories for Best Value for Price, Best Relationship and Best Feature Set. The Best of Awards highlight products providing customers with outstanding ROI, customer satisfaction, performance, reviews, and more. To win a Best of Award, each organization had to receive 10 TrustRadius reviews between January 1 and September 30, 2023.

"Skillful Social Engineering of the IT Support Desk" One of the Most Common Tactics in Ransomware Attacks

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks. Every quarter, I’ve been covering the Quarterly Ransomware Reports from ransomware response company Coveware. In their latest report covering Q3 of this year, we get a greater sense of what trends their security researchers are seeing from the data: This last one is interesting.

New Phishing Campaign Abusing .top Domains

A phishing campaign is exploiting a large number of.top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation first uncovered by security researcher Dancho Danchev. “Our DNS deep dive into the phishing campaign led to the discovery of 5,245 unreported potentially connected threat artifacts, a majority of which were.top domains,” the researchers write.

New State of Phishing Report 2023: An Alarming Surge in Phishing Threats

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for 2023." This report sheds light on the alarming surge in phishing threats across email, web, and mobile channels. We will delve into the key findings and insights from the report, highlighting the growing influence of generative AI tools in cybercriminal activities. The Phishing Landscape: A Disturbing Uptick.

Spear Phishing Becomes Most Common Attack Technique in Q3 2023

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest. “In Q2 2023, spear phishing-related techniques represented the three most observed methods of attack,” the researchers write. “This remained true in Q3 2023, accounting for a total of almost 65% of all true-positive incidents.

Healthcare Sector Experiencing Increases in Ransomware, Ransoms and Downtime

An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target. In the last seven years, there have been 539 confirmed ransomware attacks on U.S. hospitals, costing a total of around $77 billion. Consumer tech comparison website Comparitech performed an analysis of these attacks to show the trends – with both positive and negative results.

IT Admins Continue to Use Weak Passwords

In an analysis of web pages identified as admin portals, some incredibly weak passwords were identified – and some of them are going to really surprise you. We all know the general drill with admin passwords – make them complex and long. Simple right? But a new analysis of admin passwords shows that IT admins seem to not be vigilant around good password hygiene.

Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing social engineering attacks, according to Eric Geller at the Messenger. “One of AI’s biggest advantages is that it can write complete and coherent English sentences,” Geller writes. “Most hackers aren’t native English speakers, so their messages often contain awkward phrasing, grammatical errors and strange punctuation.

Investigate User-Reported Emails with Ease Through the Powerful Combination of CrowdStrike Falcon Sandbox and KnowBe4 PhishER Plus

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.

Small Businesses are Experiencing More Cyber Attacks

As large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts. If I was to tell you that cyber attacks typically focus on larger businesses, you’d likely agree. After all, it just makes sense that the smaller the business, the likelihood that a cybercriminal’s earnings would be smaller. But, according to U.K.