[World Premiere] KnowBe4 Debuts New Season 6 of Netflix-Style Security Awareness Video Series - "The Inside Man". Nation-State Threat Actors Rely on Social Engineering First. | | CyberheistNews Vol 14 #47 | November 19th, 2024 | | Step-by-Step To Creating Your First Realistic Deepfake Video in a Few Minutes By Roger Grimes Learn how to create your first realistic deepfake video step-by-step in just a few minutes. There comes a point in time when every IT security person needs or wants to create their first deepfake video. They not only want to create their first deepfake video but make it fairly believable, and if they are lucky, scare themselves, their friends, co-workers and bosses. I get it. It is fun. If you follow these instructions, it will take you longer to create the free accounts you need (a minute or two) than it does to create your first realistic-looking deepfake video. There are literally hundreds of deepfake audio-, image- and video-making sites and services, and more appear each day. Each of the existing ones gets easier and more feature-rich every day. You can use any of these sites to create your first deepfake video. [CONTINUED] at the KnowBe4 Blog, with links, screenshots and detailed instructions: https://blog.knowbe4.com/step-by-step-to-creating-realistic-deepfake-video-in-minutes | | Rip, Flip, and Revolutionize Your Phishing Defenses with PhishER Plus Human error contributes to 68% of data breaches, according to Verizon's 2024 Data Breach Investigations Report. It's time to turn that statistic on its head and transform your users from vulnerabilities to cybersecurity assets. Meet KnowBe4's PhishER Plus: The only SOAR email security offering that combines AI-driven protection with crowdsourced intelligence for unmatched email security and incident management. In this demo, PhishER Plus can help you: - Slash incident response times by 90%+ by automating message prioritization
- Customize workflows and machine learning to your protocols
- Use crowdsourced intelligence from more than 13 million users to block known threats
- Conducts real-world phishing simulations that keep security top-of-mind for users
Join us for a live 30-minute demo of PhishER Plus, the #1 Leader in the G2 Grid Report for SOAR Software, to see it in action. Date/Time: TOMORROW, Wednesday, November 20, @ 2:00 PM (ET) Save My Spot: https://info.knowbe4.com/phisher-demo-2?partnerref=CHN2 | | [World Premiere] KnowBe4 Debuts New Season 6 of Netflix-Style Security Awareness Video Series - "The Inside Man" We're thrilled to announce the long-awaited sixth season of the award-winning KnowBe4 Original Series — "The Inside Man" is now available in the KnowBe4 ModStore! This network-quality video training series educates and entertains with episodes that tie security awareness principles to key cybersecurity best practices. From social engineering, CEO fraud and physical security, to social media threats, phishing and password theft, "The Inside Man" Season 6 teaches your users real-world scenarios that empowers users to make smarter security decisions that are engaging and fun. We developed "The Inside Man" to tie authentic hacking and social engineering scenarios with edge of the seat, emotionally engaging drama. The goal: inspire your users to take responsibility for protecting your organization from social engineering attacks through security awareness principles that are seamlessly embedded within a compelling storyline. From social engineering, CEO fraud and physical security, to social media threats, phishing and password theft, "The Inside Man" reveals how easy it can be for bad actors to trick users like yours and wreak havoc in your organization. Season 6 is available in the KnowBe4 ModStore for all customers with a Diamond level subscription. Blog post with links, episode descriptions, and the OFFICIAL TRAILER! https://blog.knowbe4.com/world-premiere-knowbe4-debuts-new-season-6-inside-man | | Nation-State Threat Actors Rely on Social Engineering First A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique. In the second and third quarters of 2024, state-sponsored APTs from China, Russia, Iran and North Korea used social engineering attacks to compromise their targets. Iranian threat actors continued conducting cyber espionage against countries across the Middle East, Europe and the U.S. They also expanded their targeting to hit financial companies in Africa. "We observed indications that Iran-aligned groups might be leveraging their cyber capabilities to support diplomatic espionage and, potentially, kinetic operations," ESET says. "These groups compromised several financial services firms in Africa – a continent geopolitically important to Iran; conducted cyber espionage against Iraq and Azerbaijan, neighboring countries with which Iran has complex relationships; and increased their interest in the transportation sector in Israel. "Despite this seemingly narrow geographical targeting, Iran-aligned groups maintained a global focus, also pursuing diplomatic envoys in France and educational organizations in the United States." The Russian threat actor Sednit (also known as "APT28" or "Fancy Bear") launched phishing attacks designed to compromise Roundcube servers in a variety of sectors. "We discovered new Sednit spear phishing waves, which are part of the already known Operation RoundPress campaign directed against Roundcube webmail servers," the researchers write. "In the past several months, we observed such spear phishing waves against governmental, academic, and defense-related entities in Cameroon, Cyprus, Ecuador, Indonesia, Romania, and Ukraine. Sednit used a wide range of lures, from legitimate news articles to a commercial brochure for thermal optics." The researchers note that North Korean threat actors often establish trust with their victims using phony employment offers before tricking them into installing malware. "Another distinctive feature of many attacks that we attribute to North Korea-aligned groups is the gradual building up of the relationship with the victim," ESET says. "Both Lazarus and Kimsuky used fake job offers to approach the targeted individuals. Only after the victim responds and a relationship is established, is a malicious package sent to the victim." KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk. Blog post with links: https://blog.knowbe4.com/nation-state-threat-actors-rely-on-social-engineering | | How Vulnerable is Your Network Against Ransomware and Cryptomining Attacks? Bad actors are constantly coming out with new versions of ransomware strains to evade detection. Is your network effective in blocking ransomware when employees fall for social engineering attacks? KnowBe4's Ransomware Simulator "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario to show you if a workstation is vulnerable. Here's how RanSim works: - 100% harmless simulation of real ransomware and cryptomining infections
- Does not use any of your own files
- Tests 25 types of infection scenarios
- Just download the installer and run it
- Results in a few minutes!
This is complimentary and will take you five minutes max. RanSim may give you some insights about your endpoint security you never expected! Get RanSim Now! https://info.knowbe4.com/ransomware-simulator-tool-1chn Let's stay safe out there. Warm regards,
Stu Sjouwerman, SACP Founder and CEO KnowBe4, Inc. PS: [FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!: https://blog.knowbe4.com/free-resource-kit-stay-cyber-safe-this-holiday-season-with-our-free-2024-resource-kit | | "The most important thing is to try and inspire people so that they can be great in whatever they want to do." - Kobe Bryant - Basketball Player (born 1978) | "I think the greatest thing we give each other is encouragement...knowing that I'm talking to someone who wants me to grow and fulfill my potential." - Fred Rogers, Television Personality (1928–2003) | Thanks for reading CyberheistNews You can read CyberheistNews online at our Blog https://blog.knowbe4.com/cyberheistnews-vol-14-47-step-by-step-to-creating-your-first-realistic-deepfake-video-in-a-few-minutes | | Criminal Threat Actor Uses Stolen Invoices to Distribute Malware Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor "Hive0145" that's using stolen invoice notifications to trick users into installing malware. Hive0145 acts as an initial access broker, selling access to compromised organizations to other threat actors who then carry out additional cyberattacks. "Over the past year, Hive0145 has demonstrated proficiency in evolving tactics, techniques, and procedures (TTPs) to target victims across Europe," the researchers explain. "Italian, Spanish, German, and Ukrainian victims continue to receive weaponized attachments that entice the victim to open the file. "The actor's campaigns present the victim with fake invoices or receipts and often a short, generic message of urgency for victims to address. Upon loading the attached file, the victim unwittingly executes the infection chain leading to Strela Stealer malware." Notably, the threat actor has begun using real, stolen invoice notifications to add legitimacy to its phishing operations. "In July 2024, X-Force observed a mid-campaign change in the emails being distributed by Hive0145, with the short and generic messages being replaced with what appeared to be legitimate stolen emails," the researchers write. "The phishing emails exactly matched official invoice communication emails and, in some cases, still directly addressed the original recipients by name. "X-Force was able to verify that the emails were in fact authentic invoice notifications from a variety of entities across financial, technology, manufacturing, media, e-commerce and other industries. It is likely that the group sourced the emails through previously exfiltrated credentials from their prior campaigns." Strela Stealer is a strain of malware designed to exfiltrate email credentials. X-Force notes that these credentials can be used to launch business email compromise (BEC) attacks within the targeted organizations. "Hive0145's use of stolen emails for attachment hijacking is an indicator that a portion of stolen email credentials may be used to harvest legitimate emails for further distribution," the researchers write. "Both stolen and actor-created emails used by Hive0145 predominantly feature invoices as themes, which points towards potential financial motivation. It is possible that Hive0145 may sell stolen emails to affiliate partners for the purposes of further business email compromise." Blog post with links: https://blog.knowbe4.com/criminal-threat-actor-uses-stolen-invoices-to-distribute-malware | | Ransomware Surges in the Construction Sector Ransomware attacks against construction companies increased by 41% over the past year, according to a new report from ReliaQuest. "This is likely driven by the vast amounts of sensitive data that organizations hold and their critical need to maintain operational continuity," the researchers write. "These factors, exacerbated by inherent weaknesses such as inadequate government regulations and underinvestment in cybersecurity, make the sector particularly vulnerable to ransomware attacks." Meanwhile, spear phishing remained the most common initial access technique. Phishing and other social engineering tactics often precede ransomware attacks and business email compromise (BEC) scams. "The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024," the researchers write. "The sector's reliance on third parties and contractors, combined with high-pressure project timelines, makes it particularly vulnerable to phishing attacks, including spearphishing. "Phishing is favored by threat actors for its simplicity and effectiveness. And for construction organizations, the operational and financial consequences of a phishing attack can be severe." ReliaQuest believes the construction sector will see an increase in phishing, cloud attacks, and infostealer malware over the next year: - "Phishing: We anticipate phishing attacks on the construction industry to continue rising, largely due to the sector's heavy reliance on third parties and contractors. These external partners often lack essential security training and acceptable use policies, increasing their—and consequently the construction companies'—vulnerability to phishing attacks.
- Cloud Exploitation: We expect this to grow in the next year as increased cloud usage opens opportunities for attacks. Cloud adoption is on the rise in the sector, but defending the cloud can be challenging due to limited tools and expertise. Attackers exploit this vulnerability to evade detection and maintain network access.
- Infostealers: We also expect a rise in infostealer attacks over the coming year. This type of malware is designed to compromise user credentials, which are then sold on dark-web forums. Armed with these credentials, attackers can gain access to sensitive construction data, such as engineering blueprints, or deploy additional malware within systems to escalate their attacks."
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk. ReliaQuest has the story: https://www.reliaquest.com/blog/report-shows-ransomware-has-grown-41-for-construction-industry/ | | What KnowBe4 Customers Say "Hi Stu, Thank you for your email. We are very pleased with KnowBe4's products. Both our management team and staff members have provided positive feedback. We are considering scheduling another security awareness training session early next year." - Y.H., Senior IT Infrastructure and Network Officer | | "Hey Stu, appreciate you checking in! I'm pleased to say we've been getting on well with KnowBe4 and the training it's providing for our users. We're now into our second year and over the course of running KnowBe4, so far we've run a training campaign and 5 phishing campaigns to test users. We've already got our 6th phishing campaign planned and will be running that next month. Many thanks! Wishing you a great weekend!" - L.N., IT Manager | | The 10 Interesting News Items This Week | | This Week's Links We Like, Tips, Hints and Fun Stuff | | Copyright © 2014-2024 KnowBe4, Inc. All rights reserved. Privacy | Legal | Terms Unsubscribe Don't like to click? Email opt-out requests should be sent to opt-out@knowbe4.com | | | | |