CyberheistNews Vol 14 #42 [Heads Up] Majority of U.S. Execs Now Rank Cyber Threats as #1 Danger

[Heads Up] Majority of U.S. Execs Now Rank Cyber Threats as #1 Danger

A whopping 75% U.S. executives ranked cyberattacks as their prime enterprise threat, in a September examine from PricewaterhouseCoopers. That is forward of margin strain affecting earnings (70%), geopolitical tensions (68%) and AI authorized and reputational dangers (63%).

PwC’s newest Pulse Survey reveals that executives see financial, political and regulatory dangers irrespective of who wins the 2024 U.S. presidential election:

• Cyber Threats: Cyber threats are the highest enterprise threat for 75% of executives
• Recession Dangers: 61% of executives see recession dangers within the subsequent six months because of geopolitical tensions, labor market issues, and excessive prices
• Regulation Considerations: Most executives anticipate a divided authorities in 2025, elevated government orders, and extra regulation and litigation
• Protectionism: 71% consider commerce and tax insurance policies will harm U.S. competitiveness, with issues differing by potential presidential outcomes
• Authorities Impression: State governments and federal regulators have extra affect on enterprise than the presidential election, rating above Congress and the president

Relying on who you ask, between 70% and 90% of cyber threat has human error as the foundation trigger. That is why Human Danger Administration (HRM) is so necessary.

And right here is the subsequent main advance in HRM. We’re thrilled to announce the second model of our threat rating structure. It’s so far superior we’ve renamed — promoted actually — our preliminary “Digital Danger Officer” to SmartRisk Agent™. It delivers a game-changing replace to your threat evaluation capabilities and supplies you extra detailed and actionable insights.

SmartRisk Agent is an built-in, rule-based engine purpose-built for human threat administration. This highly effective enhancement provides you a extra complete and correct strategy to evaluating person threat on your org, empowering you with unprecedented visibility and actionable insights.

This agent works intently along with all the opposite KnowBe4 AI Protection Brokers. 4 are launched as previews for the KnowBe4 group, 4 extra are being labored on as we communicate, and lots of extra to return sooner or later platform, all built-in with one another and highly effective modules just like the Egress e-mail safety suite.

Key Options:

• Enhanced Danger Scoring algorithm that considers a wider vary of threat from throughout KnowBe4’s merchandise: KnowBe4 Phishing and Coaching, PAB, SecurityCoach, PasswordIQ, and EEC Professional
• Suggestions tailor-made to the safety kind with the best threat space by way of focused coaching with ModStore content material
• Danger Development Monitoring that tracks adjustments in threat scores over time
• Danger Rating Distribution Graph that reveals insights into central tendency, unfold and outliers
• Detailed Safety Varieties desk with breakdowns and developments for identified components and factors
• Identification of the Riskiest customers and staff partitioned into components

Danger Rating v2 is out there on the Stories tab and underneath our Govt Stories subtab. For extra particulars, please seek advice from our complete information base article SmartRisk Agent and Danger Rating v2 Information accessible right here:
https://weblog.knowbe4.com/meet-smartrisk-agent-unlock-your-new-human-risk-management

Right here is the manager abstract of the PwC survey, it is wonderful infosec price range ammo:
https://www.pwc.com/us/PulseSurveyElection2024?mod=djemCybersecruityPro&tpl=cs

Rip Malicious Emails With KnowBe4’s PhishER Plus

Rip malicious emails out of your customers’ mailbox with KnowBe4’s PhishER Plus! It is time to supercharge your phishing defenses utilizing these two highly effective options:

1) Mechanically block malicious emails that your filters miss
2) Rip malicious emails from inboxes earlier than your customers click on on them

With PhishER Plus, you may:

• NEW! Detect and reply to threats sooner with real-time net popularity intelligence with PhishER Plus Menace Intel, powered by Webroot!
• Use crowdsourced intelligence from greater than 13 million customers to dam identified threats earlier than you are even conscious of them
• Mechanically isolate and “rip” malicious emails out of your customers’ inboxes which have bypassed mail filters
• Simplify your workflow by analyzing hyperlinks and attachments from a single console with the CrowdStrike Falcon Sandbox integration
• Automate message prioritization by guidelines you set and reduce by way of your incident response inbox noise to answer probably the most harmful threats rapidly

Be a part of us for a reside 30-minute demo of PhishER Plus, the #1 Chief within the G2 Grid Report for SOAR Software program, to see it in motion.

Date/Time: TOMORROW, Wednesday, October 16, @ 2:00 PM (ET)

Save My Spot:
https://information.knowbe4.com/phisher-demo-1?partnerref=CHN2

Hurricane Deepfakes Flood Social Media

Because the current hurricane Helene triggered main harm and as hurricane Milton has left a path of destruction throughout Florida, deepfakes are spreading misinformation on social media.

Platforms similar to Instagram, Fb and X are flooded with manipulated pictures, complicated customers and distorting the truth.

In line with Forbes, one of the vital viral pictures — a younger woman stranded in floodwaters clutching a drenched pet — has garnered over 1,000,000 views on X alone.

Kevin Guo, CEO of the content material moderation platform Hive, confirmed the picture was AI-generated and is getting used to sow misinformation in regards to the federal authorities’s response to the hurricane.

Different false pictures embody a person wading by way of water with a canine, legislation enforcement officers engaged in reduction efforts, and even a doctored photograph of Donald Trump in a life jacket navigating muddy waters. Whereas these AI-generated pictures could seem innocent at first look, they pose a menace you all perceive. Quite a few scams are attainable with this kind of social engineering.

The crooks are impersonating FEMA and different catastrophe reduction organizations with the intention to trick individuals into sending cash or handing over private info. Cybercriminals all the time try to take advantage of pure disasters with social engineering assaults, and related scams ought to be anticipated within the aftermath of Hurricane Milton.

One notably merciless rip-off is immediately concentrating on victims of hurricanes who’re looking for monetary help. “One of many first main threats we noticed is FEMA declare scamming, the place cybercriminals pose as official FEMA help suppliers to steal private info and funds,” researchers at Veriti say.

“A VIP member on a hackers discussion board, underneath the alias ‘brokedegenerate,’ lately posted a couple of new rip-off concentrating on Florida residents affected by the hurricane. On the discussion board, the scammer shares techniques for creating faux FEMA help claims, with detailed directions on learn how to deceive victims and siphon off funds supposed for catastrophe reduction.

“This sort of rip-off is especially harmful, as victims are already in a weak place as a result of pure catastrophe.” The researchers have additionally noticed a surge in hurricane-related phishing domains, similar to “hurricane-helene-relief[.]com.”

“Through the use of hurricane-related phrases and associating themselves with catastrophe reduction, these domains purpose to create a way of urgency, making it extra possible that victims will fall for the phishing schemes,” the researchers write.

“Attackers will possible ship phishing emails directing recipients to those web sites, claiming to supply reduction companies or grant functions. As soon as victims enter their private particulars, the attackers can use or promote the info for monetary acquire.”

Throughout instances of disaster, it is essential to confirm the knowledge you encounter on-line. Sharing false or deceptive pictures can divert consideration away from actual wants. As AI know-how continues to advance, so does its potential to mislead, and staying vigilant within the face of those techniques is extra necessary than ever. Keep alert and assume twice earlier than sharing content material throughout any form of catastrophe.

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/hurricane-deepfakes-flood-social-media

The Excellent ROI of KnowBe4’s PhishER Plus Platform

91% of cyber assaults begin with a spear-phishing assault, and phishing is accountable for two-thirds of ransomware infections. In case your group is combating phishing threats with guide workflows, you are dramatically rising the chance that phishing presents to your group.

You want to arm your IT and InfoSec groups with the instruments to precisely and rapidly mitigate phishing threats earlier than they strike. However making a compelling enterprise case on your CFO and management is the important first step.

This information is designed that can assist you articulate the worth of PhishER Plus, KnowBe4’s Safety Orchestration, Automation and Response (SOAR) platform, to your CFO and management. It supplies concrete examples of the return on funding that KnowBe4 prospects have realized, empowering you to current a robust enterprise case for the funding.

Obtain this return on funding information for insights into:

• The continued drawback of overcoming the phishing tsunami for organizations of all sizes
• The chance and price of combating phishing threats with guide workflows
• The fee financial savings and threat discount realized by way of utilizing PhishER Plus

Obtain Now:
https://information.knowbe4.com/en-us/wp-outstanding-roi-phisher-plus-platform-chn

Attackers Abuse URL Rewriting to Evade Safety Filters

Attackers proceed to take advantage of URL rewriting to cover their phishing hyperlinks from e-mail safety filters, in response to researchers at Irregular Safety.

URL rewriting is a safety approach utilized by many e-mail safety platforms to investigate hyperlinks in emails to confirm their security earlier than customers are allowed to click on on them. Nevertheless, this system may also be abused to masks the unique phishing hyperlink.

“In step one of the assault, the menace actor compromises an e-mail account belonging to a buyer of an e-mail safety resolution that leverages URL rewriting (not the goal of the particular e-mail assault offered hereafter),” the researchers write.

“The menace actor then sends an e-mail to that very same compromised account containing a novel URL, which is able to get rewritten somewhat than blocked. When the menace actor has that rewritten URL, a brand new e-mail is distributed from the compromised account to the menace actor’s subsequent victims containing that rewritten URL.”

This new e-mail impersonates a Microsoft safety alert informing the person {that a} malicious hyperlink was blocked. The e-mail incorporates a hyperlink to view particulars in regards to the alert.

“As a result of this message originates from a official account, passes e-mail authentication, and incorporates a novel, rewritten URL from a official safety management, the sufferer’s safe e-mail gateway (SEG) delivers the message and rewrites the already-rewritten URL,” Irregular says.

If the person clicks the hyperlink, they’re going to be despatched to a website that makes an attempt to trick them into putting in an OAuth app that offers the attacker entry to their Microsoft 365 account.

“The person is redirected to a different website and should resolve a CAPTCHA. After this, they’re prompted to permit the set up of an OAuth utility,” the researchers write. “This grants the attacker permission to entry their M365 account. As an alternative of a standard phishing assault, the person unknowingly installs an add-on that offers the attacker ongoing entry to the account, even when the person adjustments their password. The one approach to cease this entry is by eradicating the add-on from the account.”

KnowBe4 empowers your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human threat.

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/attackers-abuse-url-rewriting

KnowBe4 is the #1 SAT Platform on G2 for over 5 years!

Have you ever ever needed to peek backstage of Safety Consciousness Coaching (SAT) platforms and see which one really stands out? Properly, you needn’t surprise anymore. The G2 Grid Report has executed all of the heavy lifting for you, making it straightforward to make an knowledgeable choice.

The G2 Grid Report ranks in response to the individuals who use the merchandise day by day. We’re speaking real suggestions, satisfaction rankings and the way massive of an affect they’re making out there.

In a league of our personal, KnowBe4 scored within the 90s, the one vendor to do that. 98% of customers gave us 4 or 5 stars and 93% would suggest us to others. Belief is not simply gained; it is earned, and we take that to coronary heart.

You will get entry to:

• A line up of SAT distributors stacked and rated primarily based on buyer opinions
• Profiles of every vendor highlighting strengths, industries and group measurement
• Person-driven scores for ease of use, assist high quality and extra, that can assist you decide one of the best platform

Able to get your palms on this goldmine of data? Obtain your complimentary report and see why KnowBe4 has been ranked the #1 SAT vendor for the twenty first consecutive quarter and has extra prospects than all SAT distributors mixed.

Obtain Now:
https://information.knowbe4.com/g2-grid-report-for-security-awareness-training-chn

Free Phishing Platform Has Created Greater than 140,000 Spoofed Web sites

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted within the creation of greater than 140,000 phishing websites over the previous yr, in response to researchers at Palo Alto Networks. The service permits unskilled criminals to spin up subtle phishing websites that steal credentials or ship malware.

“For potential phishers, Sniper Dz presents a web based admin panel with a catalog of phishing pages.” Phishers can both host these phishing pages on Sniper Dz-owned infrastructure or obtain Sniper Dz phishing templates to host on their very own servers.

Surprisingly, Sniper Dz PhaaS presents these companies freed from cost to phishers — maybe as a result of Sniper Dz additionally collects sufferer credentials stolen by phishers who use the platform to compensate for the price of service. The equipment’s builders have taken measures to cover the phishing websites from safety suppliers, so the websites keep up longer earlier than being flagged as malicious.

“Sniper Dz makes use of a novel strategy of hiding phishing content material behind a public proxy server to launch reside phishing assaults,” the researchers write. “The criminals behind this platform auto-setup the proxy server to load phishing content material that’s hosted on their server. We consider this strategy could possibly be helpful in defending their infrastructure from detection.”

The menace actors additionally abuse official companies to host the websites, which will increase the chance that the phishing hyperlinks will bypass safety filters.

“Criminals utilizing Sniper Dz typically abuse official software-as-a-service (SaaS) platforms to host phishing web sites,” the researchers write. “When establishing their infrastructure, these phishers embody fashionable model names, developments, and even delicate matters as key phrases to lure victims into opening and utilizing their phishing pages

“After stealing credentials from a sufferer, this infrastructure can redirect the sufferer to malicious commercials together with distribution of probably undesirable functions or applications (PUA or PUP) like rogue browser installers.”

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/free-phishing-platform-created-140000-spoofed-websites

Let’s keep protected on the market.

Heat regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: KnowBe4 Reinforces Market Management Streak in G2 Fall 2024 Report, Topping Each Safety Consciousness Coaching and SOAR Classes:
https://www.prnewswire.com/news-releases/knowbe4-reinforces-market-leadership-streak-in-g2-fall-2024-report-topping-both-security-awareness-training-and-soar-categories-302268345.html

PPS: [NEW] 10 Cybersecurity Execs to Comply with on LinkedIn (I am one 😀 ):
https://www.spiceworks.com/tech/it-careers-skills/articles/10-cybersecurity-pros-to-follow-on-linkedin/

You may learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-42-heads-up-majority-of-us-execs-now-rank-cyber-threats-as-number-one-risk

Spear Phishing and Ransomware Surge within the Healthcare Sector

Spear phishing is the commonest preliminary entry vector for attackers concentrating on organizations within the healthcare and social help (HSA) sector, in response to researchers at ReliaQuest. Spear phishing was concerned in practically two-thirds of incidents on this sector over the previous yr.

“Attackers concentrating on the HSA sector primarily use spear phishing with hyperlinks and attachments,” the researchers write. “Almost 30% of incidents throughout all sectors started with spear phishing, with the HSA sector disproportionately accounting for 13% of those assaults.

“HSA organizations are prime targets for spear phishing as a result of fast-paced surroundings in hospitals and medical institutions.” The researchers be aware that social engineering assaults are efficient in opposition to this sector because of a scarcity of safety coaching.

“The HSA sector is especially weak to phishing and social engineering assaults because of a scarcity of cybersecurity coaching, particularly in publicly funded and understaffed organizations,” ReliaQuest says. “This vulnerability is exacerbated throughout peak durations, such because the COVID-19 pandemic, when overworked groups could unintentionally neglect cybersecurity protocols.

“We anticipate a rise in AI-generated phishing emails and voice/video assaults. To counter these threats, HSA organizations ought to implement sturdy verification processes, set up clear cybersecurity insurance policies, and deploy superior e-mail filtering options.”

The researchers additionally warn that the HSA sector noticed a 40% enhance in ransomware assaults over the previous yr. “Traditionally, many Ransomware-as-a-Service (RaaS) teams have prohibited assaults on medical establishments, enforced each by express laws and collective disapproval from the broader cybercriminal group,” ReliaQuest explains.

“Nevertheless, this restriction seems to be weakening: ReliaQuest noticed 442 HSA organizations listed on ransomware data-leak web sites through the reporting interval. A 40% enhance from the 315 organizations named within the earlier 12 months. This surge is probably going defined by the emergence of latest RaaS teams that disregard previous conventions and are unwilling to withhold assaults in opposition to a sector seen as extra more likely to pay ransoms.

“The HSA sector is broadly perceived as extra more likely to pay ransoms to rapidly restore operations and guarantee continuity of important affected person care.”

KnowBe4 empowers your workforce to make smarter safety selections each day.

ReliaQuest has the story:
https://www.reliaquest.com/weblog/threats-health-care-social-assistance-landscape/

Trinity Ransomware Targets the Healthcare Sector

The Trinity ransomware gang is launching double-extortion assaults in opposition to organizations within the healthcare sector, in response to an advisory from the U.S. Division of Well being and Human Companies (HHS). The ransomware beneficial properties preliminary entry through phishing emails or software program vulnerabilities.

“Trinity ransomware was first seen round Could 2024,” the advisory says. “It’s a kind of malicious software program that infiltrates techniques by way of a number of assault vectors, together with phishing emails, malicious web sites, and exploitation of software program vulnerabilities.

“Upon set up, Trinity ransomware begins gathering system particulars such because the variety of processors, accessible threads, and linked drives to optimize its multi-threaded encryption operations. Subsequent, Trinity ransomware will try to escalate its privileges by impersonating the token of a official course of.

“This enables it to evade safety protocols and protections. Moreover, Trinity ransomware performs community scanning and lateral motion, indicating its capability to unfold and perform assaults throughout a number of techniques in a focused community.”

Like many different organized ransomware teams, Trinity steals a duplicate of the sufferer’s knowledge earlier than encrypting it, with the intention to enhance strain on the sufferer to pay the ransom.

“Trinity ransomware employs a double extortion technique,” HHS explains. “This entails exfiltrating delicate knowledge from victims earlier than encrypting it, after which threatening to publish the info if the ransom shouldn’t be paid. This can be a tactic more and more seen throughout newer ransomware strains concentrating on important industries, notably healthcare.

“There was a complete of seven Trinity ransomware victims recognized up to now. Of those, two victims have been recognized as healthcare suppliers, one primarily based in the UK, and the opposite a United States-based gastroenterology companies supplier, the place Trinity claims to have entry to 330 GB of the group’s knowledge.”

New-school safety consciousness coaching can provide your group a necessary layer of protection in opposition to ransomware assaults.

The HHS has the story:
https://www.hhs.gov/websites/default/recordsdata/trinity-ransomware-threat-actor-profile.pdf

What KnowBe4 Prospects Say

“Hello Stu, sure, we’re pleased with the KnowBe4 platform. It is simple to make use of and an ideal approach to hold our colleagues conscious of all of the attainable cybersecurity threats.”

– W.J., Software program Developer

(Unsolicited) “Mr. Sjouwerman, I wish to personally thanks for sharing one among your brightest stars with our firm Erika B. She is among the many causes we’ve continued to resume our subscription with KnowBe4. It’s of no shock to us that she is excelling inside your organization, and I’ve nice hopes that her progress will proceed to flourish over the approaching years.

Erika grew to become an indispensable and built-in Coaching Advisor for our firm. She devoted hours to make sure that we understood the Knowbe4 product and that we obtained probably the most out of the coaching sources that KnowBe4 has to supply. She created a customized report for us to trace coaching progress, which I take advantage of to transient my CEO/CFO month-to-month, as they’ve each expressed their pleasure within the report’s element and structure.

We are going to miss her as our Buyer Success Supervisor, however we consider she’s going to proceed to deliver worth to KnowBe4, as her love for what she does exemplifies her ardour for self-development and private development.”

– M.V., Supervisor Info Know-how