‍Educational institutions are among the top targets for hackers and cybercriminals. Education is among the sectors that experience the most cyber attacks, including healthcare, finance, and retail. According to Check Point’s Mid-Year Report for 2022, the education sector had 44% more cyber attacks than the year earlier. An average of about 2300 attacks against educational organizations were reported weekly.

Most social engineering scams search out their potential victims, often sending emails to known email addresses, sending chat messages to them or calling known phone numbers. The attackers take an active role in seeking out and making contact with their victims.

As organizations continue to digitize and passwords proliferate across systems, applications, and even assets, identity and access management (IAM) has become a pillar of cybersecurity. One component of IAM has, in particular, become ubiquitous with access security: multi-factor authentication (MFA). MFA is an access control technique that adds a layer of security to user logins and access by making the user verify their identity.

In recent weeks, the Cyberint research team has observed an alarming emerging trend – an ongoing and successful hacking campaign is targeting LinkedIn accounts, all following a consistent method. This campaign is currently affecting individuals worldwide, resulting in a significant number of victims losing access to their accounts. Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts.

On March 15th, 2023, a new feature released from Microsoft enabled organizations with a paid subscription to Microsoft 365 for business, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, to add company branding to their Microsoft 365 sign-in page via Azure Active Directory. This update is often recommended to improve both user experience and security by providing assurance the individual is logging in via the legitimate page for their company.

In today's world, cybercriminals are learning to harness the power of AI. Cybersecurity professionals must be prepared for the current threats of zero days, insider threats, and supply chain, but now add in Artificial Intelligence (AI), specifically Generative AI. AI can revolutionize industries, but cybersecurity leaders and practitioners should be mindful of its capabilities and ensure it is used effectively.

Most organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social engineering attack. “72% of organizations still use phishable MFA factors for their customer-facing applications,” the researchers write. “The cost and risk of lost or stolen data, business, and funds from compromised accounts is motivating organizations to make MFA mandatory for their customers.

Your business is at high risk if you have no security measures. A cyber attack can cause devastating financial damage to your business, including legal liabilities. Cyberattacks can result in lasting adverse repercussions on the reputation of your network security, as clients and customers can lose faith in your business if their personal data gets leaked.

Researchers at SafeBreach Labs have recently discovered several novel attack methods which can circumvent common security controls and execute some jaw-dropping malicious actions including: SafeBreach threat researchers have successfully executed and verified each of these attack methods, however none have been used in the wild at this point.