As detailed in a new Area 1 Security report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly business email compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.
Traditional cybersecurity training can be individual or LMS-based and generally hinges on a 30- to 60-minute session of basic training once a year. There will be some visual reminders taking the form of emails or posters during the year. But regardless of the minor variations, traditional training doesn’t work.
Avanan announced the release of the company's 1H 2021 Global Phish Cyber Attack Report, which analyzes today’s threat landscape, phishing vectors, and industry-based attacks, exposing healthcare and manufacturing as two of the top industries being targeted by hackers in the first half of the year.
Most IT leaders believe that ransomware attacks will be a greater concern in a hybrid workplace, with legal firms and healthcare organizations particularly concerned about this threat, according to a new Tessian report.
The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima— continues to target the South Korean government, according to the Malwarebytes Threat Intelligence team, who is actively monitoring this actor and has been able to spot phishing websites, malicious documents, and scripts that have been used to target high profile people within the government of South Korea. The structure and TTPs used in these recent activities align with what has been reported in KISA’s report.
Microsoft has warned that Nobelium is currently conducting a phishing campaign after the Russian-backed group managed to take control of the account used by USAID on the email marketing platform Constant Contact. The phishing campaign has targeted around 3,000 accounts linked to government agencies, think tanks, consultants, and non-governmental organizations.
The FBI says that complaints concerning online scams and investment fraud have now reached a record-breaking level. The Internet Crime Complaint Center (IC3) received its six millionth complaint on May 15. It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million.
Lookout, Inc. released a report showing that mobile phishing exposure doubled among financial services and insurance organizations between 2019 and 2020. The Lookout Financial Services Threat Report illustrates that these organizations were not immune to mobile phishing despite an increased adoption of mobile device management (MDM).