Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months. “Attackers have developed tools to craft high quality large scale attacks that target the browser,” the researchers write. “Cybercrime tools, such as phish kits (PhaaS) and ransomware-as-a-service kits (RaaS), have simplified the process of launching sophisticated attacks.

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that recently breached Microsoft's email system. This disclosure comes just a week after Microsoft reported a similar intrusion, putting the spotlight back on this notorious hacking group.

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend will persist into 2024. I love it when vendors put out a yearly summary, and do it in the first month of the next year! The data is relevant and helps paint a picture of what the industry should expect in the near future. In Cyberint’s 2023 Ransomware Recap report, we find that ransomware had quite the year.

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.

As the use of Cloud SaaS platforms of generative AI solutions increases, the likelihood of more “GPT” attacks used to gather credentials, payment info and corporate data also increases. In Netskope’s Cloud and Threat Report 2024, they show a massive growth in the use of generative AI solutions – from just above 2% of enterprise users prior to 2023 to over 10% in November of last year. Mainstream AI services ChatGPT, Grammarly, and Google Bard all top the list of those used.

In what appears to be a digital tsunami, Cybernews has reported a colossal data breach has surfaced, unveiling a staggering 26 billion records – a figure that's hard to even fathom. Termed as the Mother of all Breaches (MOAB), this leak is not just another incident in the cybersecurity world, it's a seismic event that dwarfs previous breaches in its sheer magnitude.

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO governments,” according to researchers at Google’s Threat Analysis Group (TAG). “COLDRIVER continues its focus on credential phishing against Ukraine, NATO countries, academic institutions and NGOs,” TAG says.

I am not scared of AI. What I mean is that I do not think AI is going to kill humanity Terminator-style. I think AI is going to be responsible for more cybercrime and more realistic phishing messages, but it is already pretty bad. Social engineering, without AI, is already involved in 70% - 90% of successful cyber attacks.

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles implying that someone has been killed in an accident. The Facebook posts have captions like “I can't believe he is gone,” accompanied by thumbnails of news articles involving car accidents or crime scenes.

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also identified as Nobelium or APT29. Microsoft's disclosure aligns with new U.S. requirements for reporting cybersecurity incidents. The attack was detected on January 12th, 2024, but it appears to have started in November 2023.