Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Endpoint visibility is fundamental to many of the processes that underpin effective endpoint security: data collection, monitoring, alerting (including alert analysis), and comprehensive threat detection and response. Trouble is, the number, types, locations, and use cases of endpoints are constantly in flux, due to user comings and goings, role changes, broad use of virtual instances and cloud-based workloads, Internet of Things (IoT) proliferation, hybrid work, and numerous other factors.

Cybercriminals are increasingly abusing AI-assisted website generators to quickly craft convincing phishing sites, according to researchers at Palo Alto Networks’ Unit 42. In many cases, even when these services have safeguards in place to prevent abuse, criminals are able to bypass these measures in order to create phishing pages. Unit 42 tested a popular website generator to see how easy it was to spin up a spoofed website.

Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are Evolving to Steal Financial Data”. As discussed in our previous blog, the human element is a critical part of the fake survey scam. However, the campaign's success is largely due to its advanced technical infrastructure.

You've probably seen them: enticing online offers for free products from brands you trust, like a Yeti beach chair from Costco or an emergency car kit from AAA. All you have to do is fill out a quick survey and pay a small "shipping fee" of a couple of dollars. But what seems like a harmless transaction is actually a sophisticated scam with a high price tag. The KnowBe4 Threat Lab team has been tracking a phishing campaign where scammers use these fake surveys to steal financial data.

In today’s fast-moving digital economy, growth depends on strong, trusted relationships with vendors, suppliers, and partners. These third parties are often essential to modern business operations; however, they also open the door to a range of risks, from regulatory fines to operational slowdowns. Many organizations have already felt the impact of these risks becoming reality firsthand.

Trustwave, A LevelBlue Company’s Managed Detection and Response solution (MDR), has three elements that cannot be found at any other MDR provider. Together this triumvirate forms a powerful defense against the highly sophisticated cyber threats all organizations, from large to small, now face.

There are two enormous cybersecurity events each year in the United States: RSA Conference and the week in Vegas that is so full of conferences, summits, and ancillary events that it’s simply known as “Hacker Summer Camp.” From Security BSides Las Vegas to Black Hat and DEF CON, it takes the fortitude of a camel to survive the desert heat and the late nights.