Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

KnowBe4

Warning: Organizations Need to Prep For AI-Powered Ransomware Attacks

The rise of agentic AI tools will transform the cybercrime landscape, according to a new report from Malwarebytes. Agentic AI—which is still under development—is a step above the generative AI tools that are currently available to the public, and will likely be widely released in 2025. While these tools will have many legitimate uses, they’ll also enable cybercriminals to scale their attacks.

Make-Shift Brand Impersonation: Abusing Trusted Domains with Open Redirects

A KnowBe4 Threat Lab publication Authors: Daniel Netto, Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary Attackers exploit redirects that lack safeguarding mechanisms to borrow the domain reputation of the redirect service, obfuscate the actual destination and exploit trust in known sources. Whitelisting URLs, only allowing a predefined set of URLs to be rewritten, is an effective countermeasures against the vulnerability on the server side.

Organizations Observed 50% Increase in Deepfakes and Phishing Scams in 2024

Nearly half (46%) of businesses observed an increase in deepfakes and generative AI-related fraud last year, a new report from AuthenticID has found. Additionally, phishing attempts increased by 76% in 2024, and more than 90% of cyberthreats were driven by social engineering. The report also noted a rise in workplace-related fraud, including employee impersonation and account takeover.

From Firewalls to Digital Well-Being: A Whole-School Approach to Online Safety

Recently, I started working with my children's school to enhance their online safety measures and develop a digital mindfulness course in collaboration with their digital literacy lead. This experience highlighted the fact that our schools are not only expected to provide safe places of learning but also extend that safety into the digital spaces.

Warning: Phishing Campaign Targets Germany with New Malware

Researchers at Cisco Talos warn that a new phishing campaign is targeting users in Germany and Poland in an attempt to deliver several strains of malware, including a new backdoor dubbed “TorNet.” The phishing emails purport to be fake money transfer confirmations from financial institutions or phony order receipts from manufacturing and logistics companies.

The Rising Tide of Cybercrime Concerns in Africa

Our recent Africa Cybersecurity Awareness survey has revealed a startling surge in cybersecurity concerns among African users, with 58% of respondents expressing high levels of worry about cybercrime - a figure that has nearly doubled from 29% in 2023. The fear is not unfounded. As highlighted by Interpol's African Cyberthreat Report 2024, the continent has witnessed a significant uptick in cybercrime, along with its financial and social repercussions.

Beware: Mobile Phishing Mimicking the USPS Is On the Rise

Researchers at Zimperium warn that a large phishing campaign is impersonating the US Postal Service (USPS) to target mobile devices with malicious PDF files. The goal of the campaign is to direct users to a spoofed USPS website designed to harvest personal information. “The investigation into this campaign uncovered over 20 malicious PDF files and 630 phishing pages, indicating a large-scale operation,” the researchers write.

[Eye Opener] Is DeepSeek The Next Threat in Social Engineering?

AI is advancing at lightning speed, but it’s also raising some big questions, especially when it comes to security. The latest AI making headlines is DeepSeek, a Chinese startup that’s shaking up the game with its cost-efficient, high-performing models. But it’s also raising red flags for cybersecurity pros. DeepSeek overnight became a top contender, mostly driven by curiosity.

Using Genuine Business Domains and Legitimate Services to Harvest Credentials

A KnowBe4 Threat Lab Publication Authors: Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary The KnowBe4 Threat Lab analyzed a sophisticated phishing campaign targeting multiple organizations to harvest Microsoft credentials. Threat actors utilized a compromised domain, its subdomains, bulk email services, and open redirect vulnerability to evade detection and increase click success rates.

Microsoft is Still the Most Commonly Impersonated Brand in Phishing Attacks

Microsoft, Apple, and Google were the most commonly impersonated brands in phishing attacks last quarter, according to researchers at Check Point. “Microsoft retained its dominance as the most imitated brand in phishing schemes, accounting for a staggering 32% of all attempts,” Check Point says. “Apple followed with 12%, while Google ranked third. Notably, LinkedIn reentered the list at fourth place, emphasizing the persistent targeting of technology and Social Network brands.