| Using Genuine Business Domains and Legitimate Services to Harvest Credentials. Tips for Detecting Real-time Deepfakes: A Guide to Staying One Step Ahead. | |
| CyberheistNews Vol 15 #05 | February 4th, 2025 | |
[Eye Opener] Is DeepSeek The Next Threat in Social Engineering? AI is advancing at lightning speed, but it's also raising some big questions, especially when it comes to security. The latest AI making headlines is DeepSeek, a Chinese startup that's shaking up the game with its distilled cost-efficient, high-performing models. But it's also raising red flags for cybersecurity pros. Overnight, DeepSeek became a top contender, mostly driven by curiosity. It's being praised for its efficiency, with models like DeepSeek-V3 and DeepSeek-R1 performing at a fraction of the cost and energy usage compared to competitors, being trained on Nvidia's lower-power H800 chips. But here's where things get tricky: DeepSeek's outputs appear to be biased, favoring Chinese Communist Party (CCP) narratives. In some cases, it even outright refuses to address sensitive topics like human rights. This is a big red flag. Open-source AI tools like DeepSeek have massive potential —not just for productivity but also for social engineering. With its lightweight infrastructure, DeepSeek could be weaponized to spread misinformation or execute phishing attacks at scale. Imagine a world where tailored propaganda or scam emails can be generated in seconds at almost no cost, fooling even the most tech-savvy users. That's not a futuristic scenario; it's a risk we face today. The app's rapid rise has already unsettled AI investors, triggering a bloodbath in AI-related stocks. For a market that's added over $14 trillion to the Nasdaq 100 Index since early 2023, that's saying something. While DeepSeek's efficiency is impressive--never mind for the moment how they got there--its potential for misuse reminds us why vigilance in the AI era is critical. The takeaway? DeepSeek shows that AI can be a double-edged sword. It's a glimpse into what the AI future could look like—faster, cheaper, more accessible—but it's also a wake-up call. As these tools evolve, so do the tactics of bad actors. Staying ahead means fighting AI with AI. Blog post with links:
https://blog.knowbe4.com/eye-opener-is-deepseek-the-next-threat-in-social-engineering Six ways threat actors will weaponize DeepSeek - By Yours Truly in SC Media:
https://www.scworld.com/perspective/six-ways-threat-actors-will-weaponize-deepseek | | | [Live Demo] Ridiculously Easy AI Powered Security Awareness Training and Phishing Phishing and social engineering is the #1 cyber threat to your organization. Sixty-eight percent of all data breaches are caused by human error. Join us for a live demonstration of KnowBe4 in action. See how we safeguard your organization from sophisticated social engineering threats using the most comprehensive human risk management platform. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. - NEW! Artificial Intelligence Defense Agents allows you to personalize security training, reduce admin burden and elevate your human risk management strategy
- NEW! SmartRisk Agent provides actionable data and metrics to help you lower your organization's human risk score
- NEW! Individual Leaderboards are a fun way to help increase training engagement by encouraging friendly competition among your users
- Smart Groups allows you to use employees' behavior and user attributes to tailor and automate phishing campaigns, training assignments, remedial learning and reporting
- Full Random Phishing automatically chooses different templates for each user, preventing users from telling each other about an incoming phishing test
Find out how 70,000 organizations worldwide have mobilized their end users as their human firewall. Date/Time: TOMORROW, Wednesday, February 5, @ 2:00 PM (ET) Save My Spot!
https://info.knowbe4.com/kmsat-demo-2?partnerref=CHN2 | | | Using Genuine Business Domains and Legitimate Services to Harvest Credentials A KnowBe4 Threat Lab Publication Authors: Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary The KnowBe4 Threat Lab analyzed a sophisticated phishing campaign targeting multiple organizations to harvest Microsoft credentials. Threat actors utilized a compromised domain, its subdomains, bulk email services, and open redirect vulnerability to evade detection and increase click success rates. The campaign was active until October 3, 2024, underscoring the need for ongoing cybersecurity culture adaptation against evolving threats. Threat actors compromise legitimate business domains to benefit from an established reputation, bypass email security gateways, and hide from investigations that often shy away from legitimate services. In this case, the attackers exploited existing business infrastructure to run a fully configured email delivery offering that passed SPF, DKIM, and DMARC security policies. The attackers created subdomains, abusing dormant CNAME entries, and compromising the DNS administration console. The attackers used a diverse set of tactics and techniques to redirect users to their phishing landing page. Diverse tactics are used to evade email security offerings and to increase the chances of successful social engineering with targets. The phishing landing page was linked through QR codes in attachments, in hidden JavaScript, through attachments with HTML redirects, and by exploiting an open redirect of a legitimate URL. Attackers continuously develop new tactics, techniques, and procedures to bypass email security solutions and penetrate employee inboxes. Well-guarded organizations leverage open-source, machine, and human intelligence to improve the security of their email gateways. Cyber resilient organizations also train their users to resist social engineering attacks by spotting red flags and by exercising emotional intelligence and critical thinking. [CONTINUED] at:
https://blog.knowbe4.com/using-genuine-business-domains-and-legitimate-services-to-harvest-credentials | | | QR Codes Exposed: From Convenience to Cybersecurity Nightmare What looks like an innocent QR code has become a sinister weapon in the cybercriminal's arsenal. A staggering 25% of all email phishing attacks now exploit QR codes. Why? Because unsuspecting users scan first and ask questions later, creating a perfect storm of vulnerability that's sweeping through organizations worldwide. Join us for this eye-opening webinar where Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4, will peel back the layers of QR code attacks and arm you with the knowledge to fortify your defenses. You'll discover: - The mechanics behind QR codes – and why they're a hacker's dream
- Real-world examples of QR code phishing that could happen to YOU
- Battle-tested strategies to shield your organization from these pixel-powered threats
- The secret weapon in your security arsenal: how user training on cutting-edge threats can transform your entire security culture
Don't let your organization fall victim to a simple square of dots! Join us for this crucial webinar and earn CPE credit while learning to outsmart the QR quagmire. Date/Time: Wednesday, February 12 @ 2:00 PM (ET) Can't attend live? No worries — register now and you will receive a link to view the presentation on-demand afterwards. Save My Spot:
https://info.knowbe4.com/qr-codes-exposed?partnerref=CHN | | | Tips for Detecting Real-time Deepfakes: A Guide to Staying One Step Ahead By Perry Carpenter. Deepfakes are no longer just the stuff of sci-fi thrillers—they're here, and they're deceptively good. From celebrity endorsements to real-time impersonations, deepfake technology has advanced to the point where spotting one isn't as easy as it used to be. In this post, I'll share insights from my own testing and experimenting with current deepfake creation technologies. You'll get a behind-the-scenes look at how they're made and learn what to watch out for so you can stay ahead of the game. Understanding the Threat Deepfakes are synthetic media where someone's face, voice, or both are convincingly replaced or manipulated. They're often used for scams, misinformation, and fraud. For instance, scammers have used deepfakes to impersonate executives in video calls or create fake celebrity endorsements for products. The technology behind deepfakes, like DeepFaceLab/DeepFaceLive or Deep Live Cam, has made creating these fakes more accessible than ever. The easy access to these tools enables creative and educational uses, but it also lowers the barriers for malicious purposes. Cybercriminals and scammers often have the motivation and time to research and master these tools, while Red Teamers and Security Awareness professionals are frequently stretched thin with limited time and resources. Because of that, I recently created a series of YouTube videos helping Red Teamers and Security Awareness leaders get up-to-speed on the technology, techniques, and detection methods. As of today, this series consists of three videos. I think of the series as: The Defenders Guide to Understanding, Creating, and Detecting Deepfakes. The series includes: - Inside a celebrity deepfake: How I Made Taylor Swift 'Endorse' My Book
- How to create real-time deepfakes (a.k.a. I became Taylor Swift...for Science!)
- Deepfake SECRETS EXPOSED: Outsmart AI Deception with These Tricks!
The latest in this series is all about some of the oddities and tells that exist in current deepfakes… and that's what I'd like to spend a bit of time covering in this blog post. Common Red Flags in Deepfakes Keep in mind that the technology is constantly improving. Absence of a tell does not mean that something is not a deepfake. That being said, here are a few things to look out for that are indicative of current issues with today's most commonly used deepfake creation programs. I've illustrated many of these with screengrabs from the video. [CONTINUED] in this blog post with example screenshots:
https://blog.knowbe4.com/tips-for-detecting-real-time-deepfakes-a-guide-to-staying-one-step-ahead | | | Do Users Put Your Organization at Risk with Browser-Saved Passwords? Is the popularity of password dumpers, malware that allows cybercriminals to find and "dump" passwords your users save in web browsers, putting your organization at risk? KnowBe4's Browser Password Inspector (BPI) is a complimentary IT security tool that allows you to analyze your organization's risk associated with weak, reused and old passwords your users save in Chrome, Firefox and Edge web browsers. BPI checks the passwords found in the browser against active user accounts in your Active Directory. It also uses publicly available password databases to identify weak password threats and reports on affected accounts so you can take action immediately. With Browser Password Inspector you can: - Search and identify any of your users that have browser-saved passwords across multiple machines and whether the same passwords are being used
- Quickly isolate password security vulnerabilities in the browser and easily identify weak or high-risk passwords being used to access your organization
- Better manage and strengthen your organization's password hygiene policies and security awareness training efforts
Get your results in a few minutes! Find Out Now:
https://info.knowbe4.com/browser-password-inspector-chn
Let's stay safe out there. Warm Regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc. PS: Your KnowBe4 Fresh Content Updates from January 2025:
https://blog.knowbe4.com/knowbe4-content-updates-january-2025 PPS: We released a new AIDA Agent! Scroll down to the Callback Phishing Template
https://support.knowbe4.com/hc/en-us/articles/30990080170771-AIDA-Template-Generation-Guide | | "Human greatness does not lie in wealth or power, but in character and goodness. People are just people, and all people have faults and shortcomings, but all of us are born with a basic goodness."
- Anne Frank - Writer (1929 - 1945) |
"What lies behind us and what lies before us are tiny matters compared to what lies within us."
- Ralph Waldo Emerson (1803 - 1882) |
| Thanks for reading CyberheistNews You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-15-05-eye-opener-is-deepseek-the-next-threat-in-social-engineering | | | Beware: Mobile Phishing Mimicking the USPS Is On the Rise Researchers at Zimperium warn that a large phishing campaign is impersonating the US Postal Service (USPS) to target mobile devices with malicious PDF files. The goal of the campaign is to direct users to a spoofed USPS website designed to harvest personal information. "The investigation into this campaign uncovered over 20 malicious PDF files and 630 phishing pages, indicating a large-scale operation," the researchers write. "Further analysis revealed a malicious infrastructure, starting with landing pages designed to steal data, that could potentially impact organizations across 50+ countries. This campaign employs a complex and previously unseen technique to hide clickable elements, making it difficult for most endpoint security solutions to properly analyze the hidden links." Notably, the phishing campaign used a new obfuscation technique that allowed the malicious links to evade detection by security products. "The PDFs used in this campaign embed clickable links without utilizing the standard /URI tag, making it more challenging to extract URLs during analysis," Zimperium explains. "Our researchers verified that this method enabled known malicious URLs within PDF files to bypass detection by several endpoint security solutions. In contrast, the same URLs were detected when the standard /URI tag was used. This highlights the effectiveness of this technique in obscuring malicious URLs." The researchers note that PDFs are commonly used in business settings, so employees need to be wary of attackers using these files to deliver phishing links. "The widespread use of PDFs is introducing significant security risks to the enterprise, particularly when targeted to mobile devices," the researchers write. "PDFs have become a common vector for phishing attacks, malware, and exploits due to their ability to embed malicious links, scripts, or payloads. On mobile platforms, where users often have limited visibility into file contents before opening, these threats can easily bypass traditional security measures." KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk. Blog post with links:
https://blog.knowbe4.com/beware-mobile-phishing-mimicking-the-usps-is-on-the-rise | | | Microsoft is Still the Most Commonly Impersonated Brand in Phishing Attacks Microsoft, Apple, and Google were the most commonly impersonated brands in phishing attacks last quarter, according to researchers at Check Point. "Microsoft retained its dominance as the most imitated brand in phishing schemes, accounting for a staggering 32% of all attempts," Check Point says. "Apple followed with 12%, while Google ranked third. Notably, LinkedIn reentered the list at fourth place, emphasizing the persistent targeting of technology and Social Network brands. The persistence of phishing attacks leveraging major brands underscores the critical need for user education and advanced security measures. Verifying email sources, avoiding unfamiliar links, and enabling multi-factor authentication (MFA) are vital to protect against these evolving threats." Check Point also observed a spike in phishing attacks impersonating clothing brands during the holidays, mimicking brands like Adidas, LuluLemon, Hugo Boss, Guess, and Ralph Lauren. "The holiday season saw a surge in phishing campaigns impersonating well-known clothing brands," the researchers write. "Fraudulent domains, such as nike-blazers[.]fr and adidasyeezy[.]ro, replicated official websites to mislead shoppers with fake discounts, ultimately stealing login credentials and personal information. These fraudulent sites replicate the brand's logo and offer unrealistically low prices to lure victims. Their goal is to trick users into sharing sensitive information, such as login credentials and personal details, enabling hackers to steal their data." Check Point says users can avoid falling for these attacks by following security best practices, including: - Installing up-to-date security software.
- Recognizing red flags in unsolicited communications.
- Avoiding interactions with suspicious links or websites.
Blog post with links:
https://blog.knowbe4.com/microsoft-is-still-the-most-commonly-impersonated-brand-in-phishing-attacks | | | What KnowBe4 Customers Say "Hi Stu, Thanks for reaching out! We're really happy with the platform and have already noticed improvements across our workforce. People have become more vigilant, and successfully reported a few real attacks that slipped through our email security. I truly believe KnowBe4 has helped us become a better version of ourselves." ๐ - M.I., Information Security Program Manager | | | The 10 Interesting News Items This Week | | | This Week's Links We Like, Tips, Hints and Fun Stuff | | | Copyright © 2014-2023 KnowBe4, Inc. All rights reserved. Privacy | Legal | Terms Unsubscribe Don't like to click? Email opt-out requests should be sent to opt-out@knowbe4.com | | | | |
Sidoarjo Perum Gedangan Indah asri Ketajen Gedangan Harga 300.000.000 mau ?? atau yang ini ajah?? https://rumahdijual.com/kota-lain/...
ARGENT PARC SIDOARJO New Flourishing Sidoarjo ARGENT PARC SIDOARJO Developed by PT Avila Prima Intra Makmur ARGENT PARC S...
Rumah BUMI SUKO INDAH | Click for more Transaksi Jual Rumah BUMI SUKO INDAH cari rumah dekat masjid ? Klik>> https:...
Apakah Anda ingin tahu lebih lanjut tentang Pi Network, Stellar, atau teknologi blockchain secara umum? Ya, ada hubungan yang cukup erat a...
DIJUAL citra harmoni rumah dijual bernuansa Bali di Sidoarjo Ukuran LT 9x18 (162 m2) LB - + 144 m2 ( 2 lantai ) Lantai GRANIT ATAP RAN...
