World Tour Survey: IT Operations’ Hands-on Defense

December 3, 2024 at 02:24PM Cybercriminals are enhancing their attacks using generative AI, increasing risks for businesses. A survey of over 750 cybersecurity professionals reveals rising concerns among IT operations teams regarding operational blind spots and prioritization of vulnerabilities. Effective communication with security operations is vital for addressing these challenges and ensuring security protocols are … Read more

Phishing Prevention Framework Reduces Incidents by Half

November 25, 2024 at 04:47PM The FS-ISAC launched a Phishing Prevention Framework aimed at reducing phishing and fraud for businesses, especially in financial services. Successful pilot programs cut phishing complaints in half. The framework emphasizes understanding fraud origins, collaborative data collection, and partnerships with telecom providers to enhance defenses against evolving phishing tactics. ### Meeting … Read more

Microsoft Disrupts ONNX Phishing Service, Names Its Operator

November 22, 2024 at 05:00AM Microsoft has taken down 240 phishing websites and disrupted the ONNX service, attributing its operation to an individual based in Egypt. This action is part of the company’s ongoing efforts to combat phishing threats. **Meeting Takeaways:** 1. **Phishing Website Seizures**: Microsoft has taken action by seizing a total of 240 … Read more

Microsoft 365 Admin portal abused to send sextortion emails

November 18, 2024 at 08:14AM Scammers are exploiting the Microsoft 365 Admin Portal to send sextortion emails that bypass spam filters by using the legitimate “o365mc@microsoft.com” address. These emails claim to have compromising content and demand payment. Microsoft is investigating this abuse, but users should remain vigilant and not respond to these scams. ### Meeting … Read more

Most US Political Campaigns Lack DMARC Email Protection

October 22, 2024 at 04:29PM Nearly 75% of US Senate campaign websites lack DMARC protections, leaving them vulnerable to phishing and spoofing attacks. This raises concerns over compromised voter and donor data, risking public trust in elections. A study urges immediate DMARC implementation to secure sensitive information and enhance campaign operations. ### Meeting Takeaways: 1. … Read more

OpenAI confirms threat actors use ChatGPT to write malware

October 12, 2024 at 02:10PM OpenAI reported that its AI chatbot, ChatGPT, has been exploited in over 20 cyber operations for creating malware, spreading misinformation, and phishing. Threat actors from China and Iran used the tool for tasks like vulnerability research and scripting. OpenAI has banned the accounts involved and shared relevant data with cybersecurity … Read more

Ransomware gang Trinity joins pile of scumbags targeting healthcare

October 9, 2024 at 09:49AM The Trinity ransomware gang has targeted at least one US healthcare provider, likely Rocky Mountain Gastroenterology, which experienced a data breach. The HHS issued a security advisory highlighting Trinity’s sophisticated double extortion tactics. Organizations are urged to enhance cybersecurity measures, including MFA and secure backups, to prevent attacks. ### Meeting … Read more

Stellar Cyber Secures National ‘Don’t Click It’ Day

September 26, 2024 at 04:57PM Stellar Cyber announced the National “Don’t Click It” Day on October 16, 2024, as a part of National Cybersecurity Awareness Month. This initiative educates people about cyber threats, especially targeting young individuals. Partnering with various organizations, Stellar Cyber aims to educate and raise awareness about the dangers of cybercrime and … Read more

Phishing Espionage Attack Targets US-Taiwan Defense Conference

September 18, 2024 at 09:02PM A phishing attack targeted the upcoming US-Taiwan Defense Industry Conference, aiming to distribute fileless malware through a forged registration form. The event’s organizer, the US-Taiwan Business Council, promptly recognized and repelled the attack. This incident reflects a recurring threat to the conference, as well as the council’s proactive approach to … Read more

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

August 29, 2024 at 07:48AM Attackers are increasingly using new phishing toolkits, like adversary-in-the-middle (AitM), which lets them bypass traditional prevention controls. AitM phishing uses dedicated tooling to act as a proxy between the target and a legitimate login portal for an application, enabling attackers to steal live sessions. AitM toolkits employ reverse web proxies … Read more