CyberheistNews Vol 12 #38 | September twentieth, 2022
[HEADS UP] New Uber Safety Breach ‘Seems Unhealthy’, Brought on by Social Engineering
It was everywhere in the information, however ZDNet’s Eileen Yu was one of many first:
“Hacker is believed to have breached Uber’s whole community in a social engineering assault, which one safety vendor says is extra intensive than the corporate’s 2016 world information breach and entry logs doubtlessly altered.”
The article continues: “A hacker on Thursday was believed to have breached a number of inside methods, with administrative entry to Uber’s cloud companies together with on Amazon Internet Providers (AWS) and Google Cloud (GCP).
“The attacker is claiming to have utterly compromised Uber, displaying screenshots the place they’re full admin on AWS and GCP,” Sam Curry wrote in a tweet. The safety engineer at Yuga Labs, who corresponded with the hacker, added: “It is a complete compromise from what it seems like.”
Uber since had shut down on-line entry to its inside communications and engineering methods, whereas it investigated the breach, in keeping with a report by The New York Instances (NYT), which broke the information. The corporate’s inside messaging platform, Slack, additionally was taken offline.
“I used to be spamming worker with push auth for over an hour. I then contacted him on WhatsApp and claimed to be from Uber IT, advised him if he needs it to cease he should settle for it. And properly, he accepted and I added my system.”
With the worker’s password, the hacker was in a position to get into the inner VPN, stated Acronis’ CISO Kevin Reed in a LinkedIn publish. The hacker then gained entry to the company community, discovered extremely privileged credentials on community file shares, and used these to entry all the pieces, together with manufacturing methods, company EDR (endpoint detection and response) console, and Uber’s Slack administration interface.”
Quote from WIRED: “One unbiased safety engineer described the OneLogin account entry the Uber hacker appears to have had entry to as “the golden ticket jackpot. That is God—they personal that there is nothing they cannot entry,” the safety engineer added. “It is Disneyland. It is a clean verify on the sweet store and Christmas morning all rolled up collectively. However certain, buyer journey information wasn’t impacted. OK.”
Do not let this occur to you. Prepare your customers.
Weblog publish with hyperlinks – it is a persevering with story:
https://weblog.knowbe4.com/uber-security-breach-looks-bad-caused-by-social-engineering
[New PhishER Feature] Flip the Tables on the Cybercriminals With PhishFlip
Cybercriminals are at all times arising with new, devious phishing strategies to trick your customers. PhishFlip is a brand new PhishER characteristic that means that you can reply in actual time and switch the tables on these menace actors. With PhishFlip, now you can instantly “flip” a harmful assault into an instantaneous real-world coaching alternative on your customers.
Your customers are seemingly already reporting doubtlessly harmful emails in some style inside your group. Now you can mix your current PhishRIP e-mail quarantine functionality with the brand new PhishFlip characteristic that routinely replaces energetic phishing threats with a brand new defanged look-alike again into your customers’ mailbox.
The brand new PhishFlip characteristic is included in PhishER—sure you learn that proper, no further value— so now you possibly can flip the tables on these menace actors and flip focused phishing assaults right into a simulated phishing take a look at for all customers. This new characteristic dramatically reduces information breach threat and the burden in your IT and InfoSec groups.
See how one can finest handle your user-reported messages.
Be part of us Wednesday, September 21 @ 2:00 PM (ET) for a stay 30-minute demonstration of PhishER, the #1 Chief within the G2 Grid Report for SOAR Software program. With PhishER you possibly can:
- NEW! Robotically flip energetic phishing assaults into secure simulated phishing campaigns with PhishFlip. You may even exchange energetic phishing emails with secure look-alikes in your person’s inbox.
- Simply search, discover, and take away e-mail threats with PhishRIP, PhishER’s e-mail quarantine characteristic for Microsoft 365 and Google Workspace
- Minimize by way of your Incident Response inbox noise and reply to probably the most harmful threats extra rapidly
- Automate message prioritization by guidelines you set into considered one of three classes: Clear, Spam or Risk
- Simple integration with KnowBe4’s e-mail add-in button, Phish Alert, or forwarding to a mailbox works too!
Learn how including PhishER is usually a enormous time-saver on your Incident Response staff!
Date/Time: Wednesday, September 21 @ 2:00 PM (ET)
Save My Spot!
https://data.knowbe4.com/phisher-demo-september-2022?partnerref=CHN2
The On-line Scams Exploiting Queen Elizabeth’s Demise Are Right here
The UK Solar simply reported that consultants are sending a warning about on-line scams in relation to Queen Elizabeth’s passing. These menace actors are using social engineering techniques by utilizing phony Twitter accounts to supply tickets to the funeral. The hyperlink to the tickets takes you as a substitute to a fraudulent web site that asks on your financial institution login.
There’s additionally one other rip-off recognized from e-mail and social media scams that the Queen has left behind massive sums of cash for the taking. Javvad Malik, KnowBe4’s Safety Consciousness Advocate, had this to say to the Solar, “Criminals are swift to capitalize on public occasions, whether or not it’s a pure catastrophe, a sporting occasion, or the demise of a distinguished particular person. With the passing of the Queen, folks ought to be vigilant of scammers attempting to take advantage of the state of affairs.”
Present occasion scams should not going anyplace, and it is essential on your customers to remain up-to-date on the newest phishing developments. New-school safety consciousness coaching can guarantee your customers are reporting any suspicious exercise of their day-to-day job operations.
Weblog publish with hyperlinks:
https://weblog.knowbe4.com/heads-up-online-scams-on-queen-elizabeths-death-is-here
[New KB4-CON Europe Event] Kevin Mitnick Keynote Spotlight at Digital KB4-CON EMEA
Cybercriminals have develop into very adept at manipulating unsuspecting targets with out them even realizing it. Along with having superior expertise and strategies at their fingertips, hackers are taking extra time to analysis what their goal is engaged on, accustomed to, and find out how to spur an emotional response and a subsequent damaging click on. So, how are you going to preserve abreast of the ever-changing menace panorama?
Kevin Mitnick, KnowBe4’s Chief Hacking Officer and The World’s Most Well-known Hacker, has information and perception only a few others have. On this session, on 6 October, he’ll:
- Share the newest hacking methods and strategies unhealthy actors are utilizing
- Present the “hacker’s perspective” by way of stay demonstrations
- Educate you on how one can shield your group from the newest threats
You do not need to miss this particular presentation along with two different keynote periods from Keren Elazari, Safety Analyst, Creator & Researcher, and Perry Carpenter, KnowBe4’s Chief Evangelist & Technique Officer. You’ll obtain a certificates for persevering with schooling credit instantly following the occasion on 6 October.
Date: Thursday, 6 October, 2022
Save My Spot!
https://knowbe4.cventevents.com/VmKwy0?RefId=PROCHN
Ransomware Gangs Enhance Assault Pace and Evade Detection With New “Intermittent Encryption” Tactic
As ransomware gangs search for new methods to enhance their execution, this comparatively new encryption tactic has been gaining reputation in a number of ransomware households.
When you had been a developer of ransomware software program, what would your two largest enchancment targets be on your software program that assist obtain better success in receiving a ransom fee? I might guess avoiding detection and a quicker encryption velocity – all to make sure the utmost quantity of knowledge is encrypted earlier than any incident response efforts can happen.
In keeping with the safety researchers at Sentinel Labs, a tactic first seen in mid-2021 has been rising in adoption amongst ransomware gangs. Referred to as Intermittent Encryption, this tactic solely encrypts a portion of a file, however simply sufficient to render it ineffective. There are three modes seen within the wild:
- Skip-Step – this “steps” by way of and encrypts a sure variety of MBs, after which “skips” one other variety of MBs
- P.c – like Skip-Step, however skipping a % of the file, fairly than a selected variety of MBs
- Quick – Encrypts the primary X MBs of a file
A variety of ransomware households have not too long ago adopted this methodology, together with Qyick, Agenda, BlackCat, PLAY, and Black Basta.
Can You Be Spoofed?
Are you conscious that one of many first issues hackers strive is to see if they’ll spoof the e-mail handle of somebody in your individual area?
Now they’ll launch a “CEO fraud” spear phishing assault in your group, and that kind of assault could be very exhausting to defend towards, except your customers are extremely ‘safety consciousness’ educated.
KnowBe4 may also help you discover out if so with our free Area Spoof Check. It is fast, simple and sometimes a surprising discovery.
Discover out now in case your e-mail server is configured accurately, many should not!
- It is a easy, non-intrusive “go/fail” take a look at.
- We’ll ship a spoofed e-mail “from you to you”.
- If it makes it by way of into your inbox, you recognize you could have an issue.
- You may know inside 48 hours!
Attempt to Spoof Me!
https://data.knowbe4.com/domain-spoof-test-1-chn
[BUDGET AMMO] PwC: “Extra Frequent Cyber Assaults Tops the Record of Enterprise Danger for Executives”
New information from PwC gives perception into what elements of the enterprise are executives centered on, apprehensive about, and seeing as future challenges as they give the impression of being to handle enterprise threat.
Whereas the bulk (83%) of executives are focusing their enterprise technique on rising the enterprise, the newest information from PwC’s Pulse Survey: Managing Enterprise Dangers exhibits cybersecurity stays a fabric threat to reaching the specified progress.
In keeping with the report:
- Cybersecurity threat was seen because the #1 enterprise threat, with 40% of executives citing it as a severe threat and one other 38% calling it a reasonable threat
- 51% of board members cited cybersecurity as a severe threat, indicating that boards could also be more and more conscious of the issue and seeing addressing it as a part of the general enterprise technique
- 49% of executives say their group is growing investments in cybersecurity and privateness, with solely 5% planning on reducing investments
The general final result for cybersecurity from this report’s findings is that companies are conscious and are making strategic investments. On the identical time, 70% of organizations are taking a look at methods to develop everlasting distant work choices – one thing we’ve seen additionally brings with it unhealthy cyber habits and extra cyber threat – making it crucial for organizations to put money into Safety Consciousness Coaching to make sure, even whereas working at dwelling, customers stay vigilant towards elevated cyberattacks.
Weblog publish with hyperlinks:
https://weblog.knowbe4.com/cyber-attacks-top-list-of-business-risk-for-executives
Let’s keep secure on the market.
Heat Regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.
PS: MSSP Cybersecurity Report: Common Information Breach in U.S. Prices $9.4 Million:
https://www.msspalert.com/cybersecurity-research/cybersecurity-report-average-data-breach-in-u-s-costs-9-4-million/
PPS: {Hardware} With Constructed-In Safety Might Be Extra Safe Than Software program, Consultants Say. However Can It?:
https://www.lifewire.com/hardware-with-built-in-security-could-be-more-secure-than-software-experts-say-6674559
Quotes of the Week
“In any second of determination, the very best factor you are able to do is the appropriate factor, the following smartest thing is the unsuitable factor, and the worst factor you are able to do is nothing.”
– Theodore Roosevelt (1858 – 1919)
“Friendship improves happiness and abates distress, by the doubling of our pleasure and the dividing of our grief.”
– Marcus Tullius Cicero – Orator and Statesman (106 – 43 BC)
You may learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-12-38-heads-up-new-uber-security-breach-looks-bad-caused-by-social-engineering
Safety Information
[HUMOR] Unconventional Safety Consciousness Recommendation
By Javvad Malik.
October is Cybersecurity Consciousness Month, and you’re undoubtedly being bombarded with some improbable recommendation on find out how to keep cyber secure.
All the recommendation means properly, however merely put, all of it turns into a bit same-y after some time. Hover over hyperlinks, confirm who despatched you the e-mail, do not ship $2k price of present playing cards to a not too long ago departed relative you did not know existed.
Whereas all of this and extra is sweet recommendation, I am a agency believer in educating rules versus lists of issues to do and to not do. These are the rules I imagine may also help anybody develop into extra safety savvy, and maybe a extra profitable particular person general.
[CONTINUED]
https://weblog.knowbe4.com/unconventional-security-awareness-advice
Scammer Continues Phishing From Jail
Dutch authorities have introduced that an imprisoned scammer was operating a phishing operation from his jail cell, Cybernews reviews. The criminal used 4 cell phones to publish malicious adverts on Marktplaats, a well-liked Dutch classifieds web site.
The Northern Netherlands District Prosecutor’s Workplace stated in a press release that the scammer focused greater than a thousand folks over the course of some months. “In the summertime of 2021, a number of months after the 23-year-old suspect from Groningen was sentenced to 42 months in jail for large-scale cybercrime, the Public Prosecution Service was knowledgeable {that a} phone had been present in his cell,” the assertion stated.
“This investigation exhibits that this suspect from the PI was engaged in precisely the identical offenses for which he was convicted: phishing and fraud. That very same summer time, one other system was discovered within the suspect’s cell. And shortly afterwards system three that was present in his chicken’s meals and a while later a fourth system.
“All of the telephones discovered within the suspect’s cell comprise the identical factor: phishing and fraud. On his telephone had been greater than 1000 conversations that he had on marktplaats, attempting to get folks to click on on a hyperlink.” The authorities have additionally accused a 22-year-old man from the Netherlands of helping within the marketing campaign.
Weblog publish with hyperlinks:
https://weblog.knowbe4.com/scammer-continues-phishing-from-prison
What KnowBe4 Prospects Say
“KnowBe4 launched us to their safety tradition consultants, which was sport altering for us. So far as I’m involved, Perry Carpenter from KnowBe4 is a very powerful particular person in info safety immediately as a result of he’s such an authority on reworking how folks see safety, figuring out their behaviors about it and understanding how they react to it. Due to KnowBe4, we modified the identify of what we do. We now not run a safety program. We run a safety consciousness, habits and tradition program.”
– J.R., CIO / CISO
“I’ve had the distinct privilege of working with Invoice B. throughout our implementation of KnowBe4 (great product btw) at our Hospital.
“Presently I wish to commend Invoice for his professionalism, in-depth technical information, well timed communication and availability to at all times leap on a name to reply questions and supply steerage on best-practice options based mostly on expertise that actually work properly.
“I’ve discovered Invoice to be extraordinarily charming all through our engagement, with an excellent humorousness and a private method that immediately makes everybody really feel comfortable. Invoice has made your entire course of simple and clean and it’s at all times a pleasure speaking with him.
“I contemplate him, for all the explanation famous above, to be a serious asset to KnowBe4 and somebody who actually embodies and exemplifies the title “Buyer Success” Supervisor. He helped us succeed and continues to be a useful contact and I’ve little question he has and can assist everybody else succeed he works with! Invoice you’re wonderful! Many thanks upfront.”
– D.L., Technical Analyst Servers
“We’ve been more than happy w/ the KnowBe4 platform and are extraordinarily comfortable we switched from a special supplier. Extra importantly, the KnowBe4 staff has accomplished an distinctive job and have been terrific to work with. These staff members who’ve helped us embrace Cristina P., Wes B. and Rodolfo C. Thanks for reaching out and I hope you could have an excellent weekend.”
– S.B., VP of IT
The ten Attention-grabbing Information Objects This Week
Cyberheist ‘Fave’ Hyperlinks