You are here

Home » Cybersecurity

Cybersecurity

Proofpoint Human Factor 2022 Report

The cybersecurity firm Proofpoint just released its 2022 edition of the Human Factor Report, which focuses on the lures and techniques that threat actors use to fool individuals into performing a certain activity and compromising an organization’s cyber defenses. Among many other findings, the report details how threats emanating from email continue to plague organizations. Specifically, the difference in email attacks containing malicious attachments versus malicious links. Email attacks containing malicious links were three to four times more common than attachment-based attacks.

FBI PSA - FBI Warns of Scammers Soliciting Donations Related to the Crisis in Ukraine

The FBI has published a Public Service Announcement (PSA) warning the public of fraudulent schemes seeking donations or other financial assistance related to the war in Ukraine. According to the PSA, “criminal actors are taking advantage of the crisis in Ukraine by posing as Ukrainian entities needing humanitarian aid or developing fundraising efforts, including monetary and cryptocurrency donations.” Taking advantage of crises to scam unwitting individuals is nothing new, but its important to be aware of these schemes as fraudsters develop more sophisticated scams to steal money.

OT Ransomware Resilience – Are you Ready for an OT Impacting Ransomware Attack?

Traditional ransomware impacts data – data availability, data confidentiality, and even data integrity. The targets of traditional ransomware are often IT devices and the recovery method is typically a restore from backup (or rebuild). While annoying and inconvenient, it’s not usually an operations impacting event – Colonial Pipeline notwithstanding. However, as ransomware groups continue evolving their tradecraft and capabilities, anything is possible.

Threat Awareness - EnemyBot Incorporates Exploits for Critical VMware and F5 BIG-IP Vulnerabilities

The EnemyBot botnet continues to add critical vulnerabilities to its capabilities. Specifically, researchers observed that the botnet has added the recently disclosed VMware and F5 BIG-IP CVEs. EnemyBot is a botnet that was first discovered in March and is primarily being used to conduct distributed denial-of-service (DDoS) attacks and infect new devices.

FBI PIN - Compromised U.S. Academic Credentials Identified Across Various Public and Dark Web Forums

The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that compromised U.S. academic credentials are being advertised for sale on online criminal marketplaces. Credential harvesting against an entity is often a consequence of spear-phishing, ransomware, or other cyber intrusion tactics. According to the FBI, “The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks” such as the deployment of ransomware.

Security Awareness – Phishing Campaign Leveraging QuickBooks Theme

An ongoing phishing campaign is masquerading as the QuickBooks accounting software support team seeking to steal victims’ personal information and likely conduct other malicious activity. In this particular campaign, users receive an email purporting to come from the QuickBooks support team with a warning message stating that QuickBooks is unable to verify account information and the account is about to be suspended.

Threat Awareness – Breaking Down the Emotet Infection Chain as Attacks Continue to Rise

Emotet malware continues to be one of the most prevalent and destructive types of malware targeting organizations today. Thus, understanding Emotet’s infection chain can help network defenders and users protect against this threat. Emotet propagates via email phishing campaigns, using infected devices to send malicious emails to victims. While Emotet typically employs email hijacking, it is also known to leverage other social engineering tactics with the goal of tricking victims into opening a malicious file or link.

Security Awareness – Email Spoofing

Email remains one of the most common attack vectors for threat actors seeking access into an organization’s network infrastructure. One of the more stealthy tactics adversaries employ to fool users into clicking on malicious links or attachments is email spoofing, where an email or link appears to come from a legitimate source but has been modified to obfuscate malicious intent. Some common forms of email spoofing include business email compromise (BEC), legitimate domain spoofing, lookalike domain spoofing, and spear phishing.

Pages

Subscribe to Cybersecurity