| First Ever Magic Quadrant™ for Email Security Platforms by Gartner®. Japan Attributes More Than 200 Cyberattacks to China. | |
| CyberheistNews Vol 15 #03 | January 21st, 2025 | |
Waging War on Explicit Deepfakes. The Real Problem Behind the UK Crackdown. By Javvad Malik The UK government decided to wage war on explicit deepfakes. About time, right? But before we start celebrating, let's take a closer look. The fact is that this isn't about technology, it's about human behavior. The government is not trying to outright ban deepfakes, which would be impossible, to be honest. They're targeting the misuse of this tech for nefarious purposes. But here's the million-dollar question: Does it really matter if an explicit image is a deepfake or hand-crafted by someone with too much time and photoshop skills? The end result is the same — someone's privacy and dignity being violated faster than you can say "artificial intelligence." The real issue here is that it doesn't matter whether you're using cutting-edge artificial intelligence (AI) or a crayon to create non-consensual explicit content, you're still in the wrong. Laws against deepfakes are a great start, but it's not enough, we also need a cultural shift. We need to foster an environment where respect for others' privacy and consent is as ingrained as the British love for queuing or complaining about the weather. Don't get me wrong, I'm all for the government taking action. But, this feels like treating a symptom, not the disease. The disease is a lack of digital ethics and empathy…and unfortunately, there's no patch or quick fix for that. So, how do we effectively address this? Education, for starters. We need to teach digital ethics from an early age. Make it as fundamental as learning to tie your shoelaces or not eating yellow snow. We need to create a culture where the thought of creating or sharing non-consensual explicit content — deepfake or otherwise — is as abhorrent as... well, eating yellow snow. While I applaud the UK government for taking steps to address explicit deepfakes, let's not lose sight of the bigger picture. It's not about the technology; it's about the humans behind it. We need to focus on changing behaviors, fostering respect, and creating a digital world where consent and privacy are sacred. Blog post with links:
https://blog.knowbe4.com/deepfakes-shallow-morals-the-real-issue-behind-the-uks-crackdown | | | Rip, Flip and Revolutionize Your Phishing Defenses with PhishER Plus Human error contributes to 68% of data breaches, according to Verizon's 2024 Data Breach Investigations Report. It's time to turn that statistic on its head and transform your users from vulnerabilities to cybersecurity assets. In this demo, PhishER Plus can help you: - Slash incident response times by 90%+ by automating message prioritization
- Customize workflows and machine learning to your protocols
- Use crowdsourced intelligence from more than 13 million users to block known threats
- Conducts real-world phishing simulations that keep security top-of-mind for users
Join us for a live 30-minute demo of PhishER Plus, the #1 Leader in the G2 Grid Report for SOAR Software, to see it in action. Date/Time: TOMORROW, Wednesday, January 22, @ 2:00 PM (ET) Save My Spot:
https://info.knowbe4.com/phisher-demo-1?partnerref=CHN2 | | | First Ever Magic Quadrant™ for Email Security Platforms by Gartner® Gartner has released its inaugural Magic Quadrant for Email Security Platforms, evaluating vendors based on their ability to execute and completeness of vision. This comprehensive analysis provides organizations with insights into the strengths and weaknesses of various email security platforms, helping you to make informed decisions. The report emphasizes the importance of robust email security in protecting against phishing, malware and other cyber threats. For detailed information and to understand the positioning of different vendors, you can access the full report here. It includes the new KnowBe4 Defend in the Leaders quadrant! Blog post with link to report:
https://blog.knowbe4.com/first-ever-magic-quadrant-for-email-security-platforms-by-gartner | | | [NEW Live Demo] Stop Advanced Phishing Attacks with KnowBe4 Defend Phishing attacks slipping through SEG detection have surged by 52% in the last year, with an increasing number bypassing Microsoft native security and legacy secure email gateways. This not only forces you and your IT team to spend hours configuring rules and monitoring quarantines but also leaves your organization vulnerable. Join us for a live demo to see how to stop more advanced phishing attacks in your Microsoft 365 environment. Get a look at how Defend helps you: - Reduce data breach risks by detecting threats missed by M365 and SEGs
- Transform security awareness with color-coded banners, turning risks into teachable moments
- Empower employees to become cybersecurity advocates
- Free up admin resources through automated email security tasks
- Boost productivity by intelligently filtering graymail and spam
Find out how to enhance email security through the detection of advanced phishing attacks and the reduction of human error. Date/Time: Wednesday, January 22nd @ 1:00 PM (ET) Save My Spot:
https://info.knowbe4.com/defend-live-demo?partnerref=CHN | | | Japan Attributes More Than 200 Cyberattacks to China Japan's National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor "MirrorFace," Infosecurity Magazine reports. The attacks, which began with spear phishing emails, targeted "Japanese think tanks, government (including retired employees), politicians, and individuals and organizations related to the media." Later campaigns also focused on organizations in the semiconductor, aerospace and academia sectors. The NPA describes malware attacks that occurred from December 2019 through 2024. The spear phishing emails contained either a malicious attachment or a link to download the malware. Many of the phishing emails used geopolitical themes that would be of interest to the targeted individuals, such as "Japan-US alliance" or "Taiwan Strait." Once the malware was installed, it used advanced techniques to remain hidden for long periods of time. The NPA reminds users to be wary of documents that ask you to enable macros, since this is a popular method for malware installation. Phishing is used as an initial access vector by threat actors of all levels of sophistication because it's so effective. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk. Blog post with links:
https://blog.knowbe4.com/japan-attributes-more-than-200-cyberattacks-to-china | | | Got (Bad) Email? IT Pros Are Loving This Tool: Mailserver Security Assessment With email still a top attack vector, do you know if hackers can get through your mail filters? Email filters have an average 21% failure rate where enterprise email security systems missed spam, phishing and malware attachments. KnowBe4's Mailserver Security Assessment (MSA) is a complimentary tool that tests your mailserver configuration by sending 40 different types of email message tests that check the effectiveness of your mail filtering rules. Here's how it works: - 100% non-malicious packages sent
- Select from 40 automated email message types to test against
- Saves you time! No more manual testing of individual email messages with MSA's automated send, test and result status
- Validate that your current filtering rules work as expected
- Results in an hour or less!
Find out now if your mailserver is configured correctly, many are not!
https://info.knowbe4.com/mailserver-security-assessment-CHN | | | Brad Pitt Romance Scams Pushed By AI-Enabled Deepfakes By Roger Grimes I have helped people detect romance scams for decades. It is still very common for romance scammers to leverage both pictures of celebrities and pictures of innocent, everyday people as part of these scams. I have always been amazed by people's ability to think that some famous celebrity is not only in love with them but somehow needs the victim's money to escape their current entanglements to begin life anew with the victim. In particular, I remember one woman who told me the famous Greek composer and musician Yanni was in love with her. Yanni told her that he just needed her money so that he could divorce his wife Linda Evans and marry her. When I told her that Yanni never married Linda Evans, which was something she could easily confirm, she broke off communications with me and continued to send "Yanni" money until she had no more money to send. [CONTINUED]
https://blog.knowbe4.com/brad-pitt-romance-scams-pushed-by-ai-enabled-deepfakes
Let's stay safe out there. Warm regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc. PS: Your KnowBe4 Compliance Plus Fresh Content Updates from December 2024:
https://blog.knowbe4.com/knowbe4-cmp-content-updates-december-2024 PPS: Your KnowBe4 Awareness Training Fresh Content Updates from December 2024:
https://blog.knowbe4.com/knowbe4-content-updates-december-2024 | | "Silence is one of the great arts of conversation."
- Marcus Tullius Cicero - Orator and Statesman (106 - 43 BC) |
"Hear the other side."
- Saint Augustine (354 - 430 AD) |
| Thanks for reading CyberheistNews You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-14-03-waging-war-on-explicit-deepfakes-the-real-problem-behind-the-uk-crackdown | | | Threat Actors Deploy New Tactics Supported by AI Tools Ransomware gangs and nation-state APTs are using new tactics to improve the efficiency of their attacks, according to a new report from BlackBerry. The report, which includes insights from the Royal Canadian Mounted Police's National Cybercrime Coordination Centre (NC3), found that ransomware actors are now looking for sensitive information within stolen data to increase pressure on victims. "More recently, ransomware operations have added a third element of extortion, as opposed to only exfiltrating data and threatening to post it online, some ransomware operations are taking the time to analyze stolen data and weaponize it to increase pressure on victims who refuse to pay. "This strategy may involve sharing the contact details or doxing the family members of targeted CEOs and business owners, as well as threatening to report any information about illegal business activities uncovered in the stolen data to the authorities. "The ransomware operators may threaten to contact customers or clients, or worse, launch additional attacks if ransom demands are not met." The report also notes an increase in the use of video and audio deepfakes in social engineering attacks, particularly targeting the financial industry. "The implications for business are profound," BlackBerry says. "When stakeholders can no longer trust the authenticity of executive communications, every aspect of operations is affected — from market-moving announcements to internal strategic directives. "The banking and financial services sector has emerged as the primary target, facing unprecedented challenges in maintaining secure communications and transaction verification processes." BlackBerry outlines the following best practices to help employees avoid falling for social engineering attacks: - "Verify sender email domains carefully.
- Be suspicious of unsolicited connection requests, particularly from high-ranking executives.
- Never click on buttons or links in suspicious emails — they should instead visit the referenced site by typing the URL directly into their browser.
- Pay attention to security warnings from their email system.
- Be wary of flattery or urgency in unexpected professional networking requests."
KnowBe4 empowers your workforce to make smarter security decisions every day. BlackBerry has the story:
https://www.blackberry.com/us/en/solutions/threat-intelligence/threat-report | | | Ransomware Gangs Claimed More Than Five Thousand Attacks in 2024 Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech's latest Ransomware Roundup report. The average ransom demand was more than $3.5 million, and the average ransom paid was $9.5 million. Many of these attacks involved data theft extortion, leading to the breach of nearly 200 million records. "Across the 1,204 confirmed attacks, 195.4 million records were breached (and counting)," Comparitech says. "These figures for 2024 are lower than those recorded in 2023 (1,474 attacks affecting 261.5 million records), but with many reports coming through months (and, in some cases, years) after the attack, we do expect 2024 figures to rise in the coming months." The major ransomware attacks last year were tied to several known threat actors, some of which operate under an affiliate model. These hacking groups function as organized criminal gangs to maximize ransom payouts. "[T]he most prolific ransomware gangs in 2024 (based on confirmed attacks) were RansomHub (89 confirmed attacks), LockBit (83), Medusa (62), and Play (57)," the researchers write. "However, the gang responsible for the most breached records is ALPHV/BlackCat (119.6M in total), and Dark Angels received the biggest payout ($75M)." Ransomware is an extremely profitable criminal industry, and Comparitech expects to see these attacks continue through the foreseeable future. "Based on 2024, it's highly likely we'll continue to see large-scale attacks that either cause widespread disruption to companies and/or see troves of data being stolen," the researchers write. "What's more, Clop's recent Cleo exploit looks set to see a number of companies issuing breaches in the coming months (the gang threatened to release around 66 companies toward the end of 2024)." Most ransomware attacks involve phishing or some other form of social engineering as an initial access vector. KnowBe4 empowers your workforce to make smarter security decisions every day. Comparitech has the story:
https://www.comparitech.com/news/ransomware-roundup-2024-end-of-year-report/ | | | What KnowBe4 Customers Say "Hi Stu, KnowBe4 is working VERY well for us! We are calling out a LOT of "clickers" and the training campaigns are very easy to set up and use. BIG shout-out to our account rep, Hayden B., for helping us every step of the way. Thanks for the check-in!" - N.J., IT Manager, Business Systems | | | The 10 Interesting News Items This Week | | | This Week's Links We Like, Tips, Hints and Fun Stuff | | | Copyright © 2014-2025 KnowBe4, Inc. All rights reserved. Privacy | Legal | Terms Unsubscribe Don't like to click? Email opt-out requests should be sent to opt-out@knowbe4.com | | | | |
Sidoarjo Perum Gedangan Indah asri Ketajen Gedangan Harga 300.000.000 mau ?? atau yang ini ajah?? https://rumahdijual.com/kota-lain/...
ARGENT PARC SIDOARJO New Flourishing Sidoarjo ARGENT PARC SIDOARJO Developed by PT Avila Prima Intra Makmur ARGENT PARC S...
Rumah BUMI SUKO INDAH | Click for more Transaksi Jual Rumah BUMI SUKO INDAH cari rumah dekat masjid ? Klik>> https:...
Apakah Anda ingin tahu lebih lanjut tentang Pi Network, Stellar, atau teknologi blockchain secara umum? Ya, ada hubungan yang cukup erat a...
