Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) moving forward. As a CISO, it’s my job to ensure that KnowBe4's information systems and data, including our customer’s data, remain protected from any and all cyber attacks. The state of any organization’s cybersecurity rests with the CISO (if they have one).

In a recent official advisory, the FBI warned about the threat of callback phishing (among other threats). Below is the relevant excerpt. If you are not familiar with callback phishing, it is usually a phishing email that arrives into a user’s email inbox, containing some sort of usual phishing message requiring the user’s urgent response. But unlike traditional email phishing, it does not contain a URL linked to a malicious site or content.

CISOs and IT leaders are tasked with the critical responsibility of safeguarding their organisations against an ever-increasing array of threats, all while striving to optimise costs and drive business growth. CISOs are grappling with the demand to achieve more with limited resources this year—a challenge that many have not encountered before.

MITRE ATT&CK Reconnaissance (TA0043) techniques section maps out how threat actors gather information about potential targets. Like other ATT&CK tactics (like initial access and lateral movement), reconnaissance provides useful threat intelligence on adversary tactics, techniques, and procedures (TTPs). It is a realistic approximation of what will happen if you become a target.

CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos.

Sumo Logic reported a security breach on November 3, 2023, due to a compromised credential that allowed unauthorized AWS account access.

In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This critical vulnerability was related to Improper Authorization and assigned CVE-2023-22518 identifier. In this blog, we delve into the details of these vulnerabilities, their implications, and the necessary mitigation steps to protect your digital assets.

Organizations focus on building resilience in their global supply chain through effective supply chain risk management strategies. The planning process involves identifying potential high-risk factors, analyzing their impact, and developing strategic measures for mitigating risk. In addition, organizations perform due diligence when creating incident response and recovery plans to ensure business continuity and avoid supply chain disruptions.

OpenAI has suffered a successful DDoS attack following the first-ever DevDay—where OpenAI announced ChatGPT-4 Turbo and the GPT Store. OpenAI’s ChatGPT launch was nearly a year ago and has since become the mainstream solution for AI tasks. The software hosts a hearty 180.5 million users, many of whom use the software for professional tasks. The DDoS attack is alarming, not because it happened, but because of who claims the event—Russian-backed Anonymous Sudan.

This week, a variety of cyberattacks and victims have appeared. The pilot union Allied Pilots Association (APA), representing American Airlines pilots, disclosed a ransomware attack early in the week. An active ransomware attack unfolded by Tuesday, targeting LEGO fanatic website BrickLink. Sand LifeStyle members also had exposed data following a breach in Singapore’s Marina Bay Sands resort network.