How To Block North Korean Infiltrators

I do not typically ask you to alter your plans, however please take an hour right now for a crucial on-demand “Lunch & Study.”

We simply hosted a brand new webinar on our North Korean faux IT employee expertise. The content material was rated with 4.9 out of 5, making it our highest-rated webinar so far! It had robust attendance and distinctive engagement. We obtained 120+ questions.

Watch this unique, no-holds-barred dialog with the crew who lived by means of it. Perry Carpenter, our Chief Human Danger Administration Strategist, sits down with Brian Jack, Chief Info Safety Officer, and Ani Banerjee, Chief Human Sources Officer, to talk about how we noticed the purple flags and stopped it earlier than any harm was executed.

Throughout this on-demand webinar, you get the within scoop on:

• The methods and instruments utilized by these covert operatives to sneak by means of the cracks
• How we found one thing was unsuitable, and the way we rapidly stepped in to cease it
• How one can spot faux IT staff in your hiring course of and office
• Sensible recommendation for fortifying your group implementing strong screening processes and safety protocols to safeguard in opposition to infiltration

Achieve unique insights and actionable methods to guard your org from these subtle threats. Do not miss this chance to remain forward within the cybersecurity menace panorama.

Register and watch this on-demand webinar as quickly as you possibly can. Please copy and paste this message and ship it to mates that must know. They’ll thanks!
https://data.knowbe4.com/code-red-webinar

Are you able to assist me along with your enter? I might love your ideas about AI in InfoSec.

It is a tremendous brief survey that asks about any AI instruments you employ or would really like, how you’re feeling about AI effectiveness, the way it could change your headcount, and the way assured you might be in addressing AI-related safety dangers.

A very powerful factor I am dying to listen to about is your largest considerations about AI in cybersecurity in your individual phrases.

And if you want to be entered into the drawing to win certainly one of 5 $500 Amazon reward playing cards, you possibly can depart your electronic mail tackle.

Please take this survey. Thanks a lot upfront!
https://www.surveymonkey.com/r/KB4-AI-Suggestions

Evaluation of a brand new phishing assault demonstrates how attackers could take an extended path to achieve their malicious targets whereas staying “below the radar” of safety merchandise.

It will be easy to create a phishing assault that sends its victims a brand-impersonated electronic mail with a hyperlink to a faux webpage asking for credentials, private particulars or bank card info.

However lots of right now’s safety merchandise will detect the impersonation instantly. So, in case you’re a cybercriminal creating a crafty phishing rip-off, it is advisable discover methods to keep away from being detected – even when it means including a couple of pointless steps.

And that is precisely what we discover in safety vendor Notion Level’s newest evaluation of a phishing assault that makes use of Microsoft Workplace Kinds as an intermediate step of their phishing rip-off. Based on the evaluation, the phishing electronic mail impersonates a well known model (reminiscent of Microsoft 365 under) with step one being the click of a hyperlink throughout the electronic mail that factors to an Workplace type.

Weblog submit with instance screenshots and hyperlinks:
https://weblog.knowbe4.com/phishing-attack-takes-a-two-step-approach-to-leverage-legitimate-sites-and-evade-detection

We’re excited for our first Human Danger Summit since Egress joined the KnowBe4 crew. On the Summit, we’ll showcase why Egress and KnowBe4 are the right match.

Be part of us as we welcome Stu Sjouwerman, CEO of KnowBe4, alongside Tony Pepper, CEO of Egress, and different main business consultants to debate managing human danger, adaptive cloud electronic mail safety and the way forward for cybersecurity.

Occasion: Human Danger Summit
Date: Thursday, October seventeenth, 2024
Time: 15:00 BST | 10:00 EST
Location: On-line (Digital Occasion)

Achieve unique insights into:

• The evolving panorama of cyber threats and cutting-edge defenses
• Modern methods for customized human danger administration
• In-depth evaluation of superior persistent threats and mitigation techniques
• Methods for driving behavioral change to strengthen safety protocols

And final, however actually not least, James Sheldrake, Head of Innovation at Egress, will current an unique product demo showcasing how Egress and KnowBe4’s bi-directional integration personalizes electronic mail safety and coaching.

Save My Spot:
https://occasions.egress.com/VLO50?RefId=kb4cyberheistnews

Researchers at Bitdefender warn that regulation corporations are high-value targets for ransomware gangs and different prison menace actors. Attackers regularly use phishing to achieve preliminary entry to a corporation’s networks.

“Phishing is among the commonest assaults within the authorized discipline,” the researchers write. “Cybercriminals pose as reliable entities, tricking workers into divulging delicate info or clicking malicious hyperlinks.

“Phishing assaults use social engineering to prey on belief and a way of urgency. For instance, an attacker can impersonate a senior accomplice and electronic mail an affiliate requesting delicate consumer recordsdata or checking account info. If the affiliate is tricked, the cybercriminal good points entry to confidential information.”

Phishing additionally typically precedes ransomware assaults, granting menace actors a foothold from which they’ll exfiltrate information and deploy their malware.

“Ransomware assaults have been on the rise, with authorized corporations regularly focused,” the researchers write. “In these assaults, cybercriminals encrypt a agency’s information and demand a ransom in change for its launch, however an information breach typically accompanies these assaults.

“Ransomware can also be one of many few cyberattacks that may shut down an organization if it goes on lengthy sufficient, if the info stolen by criminals finally ends up on-line, or even when the agency merely has no backup system. In some conditions, hackers have used the stolen information from authorized instances and tried to extort folks concerned, reminiscent of witnesses.”

Bitdefender says organizations ought to implement the next finest practices to defend themselves in opposition to these assaults.

[CONTINUED] Weblog submit with hyperlinks:
https://weblog.knowbe4.com/legal-firms-increasingly-targeted-by-phishing-attacks

Are your user-reported emails overwhelming your IT crew? Uncover how HealthOne Alliance revolutionized the group’s response to cyber threats with PhishER. PhishER did the heavy lifting and robotically categorized emails as spam or clear, permitting HealthOne Alliance to concentrate on actual threats sooner.

PhishER’s suite of options, together with PhishRIP, PhishFlip and PhishER Blocklist present a complete method for managing your user-reported messages. By centralizing operations, HealthOne Alliance was capable of effectively take away threats, convert actual phishing makes an attempt into coaching alternatives and create block entries — all inside one platform.

The outcomes:

• Faster response instances to potential threats, lowering danger throughout the group
• Elevated crew productiveness, permitting them to concentrate on different safety initiatives
• Quicker return of reliable emails to customers

Learn the Buyer Story to be taught extra:
https://www.knowbe4.com/hubfs/KnowBe4_PhishER_Customer_Story_Healthcare_EN-US.pdf

I get information from all kinds of sources, certainly one of them known as The Info which experiences on excessive tech. They only despatched me information that OnlyFans income jumped 20% to about $1.31 billion for the fiscal 12 months ending November 2023, in comparison with the earlier 12 months, in response to a U.Ok. submitting from the grownup content material web site’s dad or mum firm, Fenix Worldwide on Friday.

“Whereas different creator economic system startups have struggled since pandemic lockdowns eased, OnlyFans has continued to submit robust monetary outcomes displaying robust demand for the service. “OnlyFans had a robust 12 months in 2023. We’ve cemented our place as a number one digital leisure firm and a UK tech success story,” CEO Keily Blair stated in a press release.

“The overall variety of creator accounts jumped by 29% to about 4.1 million, whereas fan accounts rose 28% to 305 million, the submitting stated. Gross funds for chats, photographs and movies totaled $6.6 billion final 12 months, up by $1 billion year-over-year.”

I had no concept that OnlyFans was this large. Cash and intercourse are the 2 areas most liable to social engineering assaults. Think about a phishing assault that mixes the 2 and threatens to close down their Fan account. Yikes. Practice these customers!

Let’s keep protected on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [BUDGET AMMO] I used to be interviewed on the WSJ Podcast: “Your New Rent Could Be a North Korean Spy”:
https://www.wsj.com/podcasts/the-journal/your-new-hire-may-be-a-north-korean-spy/c39039df-e15c-4308-983d-6a0c54e523b4?mod=audiocenter_podcasts

PPS: Epic AI Fails And What We Can Study From Them:
https://www.securityweek.com/epic-ai-fails-and-what-we-can-learn-from-them/

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-38-code-red-a-must-see-new-webinar-how-to-block-north-korean-infiltrators

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are utilizing refresh entries in HTTP response headers to robotically redirect customers to phishing pages with out consumer interplay.

“Unit 42 researchers noticed many large-scale phishing campaigns in 2024 that used a refresh entry within the HTTP response header,” the researchers write.

“From Could-July we detected round 2,000 malicious URLs every day related to campaigns of this sort. In contrast to different phishing webpage distribution habits by means of HTML content material, these assaults use the response header despatched by a server, which happens earlier than the processing of the HTML content material.

“Malicious hyperlinks direct the browser to robotically refresh or reload a webpage instantly, with out requiring consumer interplay.”

Many of those phishing assaults are focusing on workers at firms within the enterprise and economic system sector, in addition to authorities entities and academic organizations.

“Attackers predominantly distribute the malicious URLs within the phishing campaigns through emails,” Unit 42 says. “These emails persistently embrace recipients’ electronic mail addresses and show spoofed webmail login pages based mostly on the recipients’ electronic mail area pre-filled with the customers’ info.

“They largely goal folks within the world monetary sector, well-known web portals, and authorities domains. For the reason that authentic and touchdown URLs are sometimes discovered below reliable or compromised domains, it’s tough to identify malicious indicators inside a URL string.”

Unit 42 provides that attackers are additionally utilizing URL parameters to pre-fill login varieties with victims’ electronic mail addresses, rising the phishing assault’s look of legitimacy.

“Many attackers additionally make use of deep linking to dynamically generate content material that seems tailor-made to the person goal,” the researchers write. “Through the use of parameters within the URL, they pre-fill sections of a type, enhancing the credibility of the phishing try.

“This customized method will increase the probability that the attacker will deceive the sufferer. Attackers have exploited this mechanism as a result of it permits them to load phishing content material with minimal effort whereas concealing the malicious content material.”

KnowBe4 empowers your workforce to make smarter safety selections every single day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/attackers-use-technique-to-automatically-redirect-victims-to-phishing-pages

Researchers from Google have revealed a report on state-sponsored cyber threats focusing on Mexico, discovering that almost all of those assaults comes from China, Russia and North Korea.

“Because the twelfth largest economic system on the planet, Mexico attracts consideration from cyber espionage actors from a number of nations, with focusing on patterns mirroring broader priorities and focus areas that we see elsewhere,” the researchers write.

“Since 2020, cyber espionage teams from greater than 10 nations have focused customers in Mexico; nonetheless, greater than 77% of government-backed phishing exercise is concentrated amongst teams from the Folks’s Republic of China (PRC), North Korea, and Russia.”

North Korea accounts for a good portion of state-sponsored social engineering assaults in opposition to Mexico. Pyongyang’s cyber actors are notable for mixing cyber espionage with financially motivated assaults with the intention to fund their closely sanctioned regime.

“Since 2020, North Korean cyber actors have accounted for roughly 18% of government-backed phishing exercise focusing on Mexico,” the researchers write. “Just like their focusing on pursuits in different areas, cryptocurrency and monetary know-how corporations have been a selected focus.

“One of many rising tendencies we’re witnessing globally from North Korea is the insider menace posed by North Korean nationals gaining employment surreptitiously at firms to conduct work in numerous IT roles.

“We word the potential for this menace to current a future danger to Mexican enterprises given historic exercise by North Korean menace actors in Mexico and the challenges related to the expansive downside of North Korean actors trying to achieve employment in different nations.”

Google can also be monitoring seven cyberespionage teams tied to China, accounting for a couple of third of state-sponsored menace exercise focusing on Mexico.

“This quantity of PRC cyber espionage is just like exercise in different areas the place Chinese language authorities funding has been targeted, reminiscent of nations inside China’s Belt and Street Initiative,” the researchers write. “Along with exercise focusing on Gmail customers, PRC-backed teams have focused Mexican authorities companies, increased training establishments, and information organizations.”

Google has the story:
https://cloud.google.com/weblog/subjects/threat-intelligence/cyber-threats-targeting-mexico

“I wish to thank Marc very a lot for serving to me clear up technical issues within the implementation right here. Marc’s data and dedication are invaluable and because of him we can full the implementation. I’ve over 20 years of expertise within the business, and I need to say with confidence that Marc is among the finest engineers I’ve ever labored with.

I’m conscious that we have now benefited out of your nice kindness in utilizing Marc’s assist, however because of this the consumer is glad and I really feel taken care of regardless of quite a few issues.

This consumer may be very creating, and I feel that within the close to future he might want to develop his merchandise. Please keep in mind that each new order that seems sooner or later is because of Marc’s assist! @Marc – As soon as once more, thanks very a lot in your help. You’re the finest!”

– Ok.Ok., CEO

“Hello Stu, I simply needed to supply some suggestions on our account supervisor, Chee P. He has gone above and past all my expectations. He has an unimaginable expertise for the product, security measures and enhancements and shows enthusiasm that many account managers do not possess.

I discovered he’s simply approachable, accommodating on informing us with extra data that we initially require, and personable. The place we lack in our response instances (significantly when it got here to resume), Chee saved us knowledgeable. Our apologies for any delays that this will have prompted.

General, from my facet, the product and Chee, have confirmed extraordinarily invaluable. You may not have a extra trusted and devoted crew member! Sustain the good work. And an enormous thanks to Chee. Put merely, he’s superb!”

– W.C., EU Supervisor / Managed Companies Advisor