You are here

Cybersecurity

Cofense Annual Report – Malicious Emails Bypassing Secure Email Gateways - Critical Insights into the Evolving Email Security Landscape

Cofense, a leading cybersecurity firm in email security, recently released its 2024 Annual State of Email Security Report. The report reveals emerging trends in the email threat landscape, such as an increase in various phishing tactics. Most notable, the report indicates a significant (37%) increase in malicious emails that are bypassing secure email gateways (SEGs) over last year, and an overwhelming 310% increase since 2021.

Passthrough – EPA Office of Inspector General Issues BEC Fraud Alert

The U.S. EPA OIG issued a fraud alert (attached) to highlight the all-too-common and costly form of phishing known as business email compromise (BEC). In this convincing scam, criminals are using fraudulent emails that appear to come from known and trusted sources to access company email accounts and target organizations that make or receive financial transactions. These emails may originate from lookalike, or spoofed, email accounts or legitimate email accounts compromised through phishing campaigns.

Passthrough – CISA Cybersecurity Emotions

CISA recently shared its “Cybersecurity Emotions” series detailing social engineering tactics that threat actors often use when implementing various tactics against organizations and internet facing users. Organizations can add CISA’s “Cybersecurity Emotions” to security awareness training as each of the “emotions” are effectively described and explained giving relatable real-world understanding of these tactics and helping users learn the basics of “cyber hygiene.”

Ransomware Awareness – LockBit Ransomware Disrupted Following International Takedown Operation

In a joint operation known as “Operation Cronos,” international law enforcement partners collaborated in efforts to disrupt the notorious ransomware group known as LockBit. The U.S. Department of Justice Office of Public Affairs has issued a press release announcing the disruption of the gang along with indictment charges against two Russian nationals. 

A banner on LockBit’s data leak website reads:

FBI FLASH – Identification and Disruption of the Warzone Remote Access Trojan (RAT)

The FBI has published a TLP:CLEAR FLASH to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Warzone Remote Access Trojan (RAT), also identified as “Ave Maria” through open-source reporting and FBI investigation.

On 7 February 2024, the FBI and international partners executed a coordinated operation to disrupt Warzone RAT infrastructure worldwide. The FBI is releasing this product to maximize awareness on the service and to seek additional reporting from victims.

Incident Awareness – Canadian Pipeline Confirms November Breach, ALPHV/BlackCat Claims Responsibility

The Trans-Northern Pipelines (TNPI), a Canadian pipeline located in Ontario-Quebec, confirmed yesterday that its internal network was breached in November. TNPI operates 726 total miles of pipeline across Ontario and Alberta, transporting 221,300 barrels daily. The threat group ALPHV/BlackCat has claimed responsibility for the breach, added Trans-Northern to its blackmail site on Tuesday, and purports to have stolen 190 GB of data from the oil distributor.

Pages

Subscribe to Cybersecurity