Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One of KnowBe4's long-term employees just send me a picture this morning of a postcard that sure looks like it's phishing, the good old-fashioned way: snail mail! Here is the picture and you tell me what all the red flags are! The domain does not work of course. The email seems to have disappeared into the bitbucket. For many obvious reasons i have not tried the QR code since I do not have a bulletproof sandbox installed on my smartphone where I can detonate malware. :-D.

The US Cybersecurity and Infrastructure Security Agency (CISA), FBI, and others have issued a joint alert, advising organisations of the steps they should take to mitigate the threat posed by BianLian ransomware attacks. BianLian, which has been targeting different industry sectors since June 2022, is a ransomware developer, deployer and data extortion group which has predominantly targeted enterprises.

Cyber threats are a growing concern for organizations of all sizes. Data breaches, malware infections, and ransomware attacks can severely disrupt operations, including financial loss, reputational damage, and legal liabilities. As a result, it is essential to proactively monitor your environment and identify malicious activity to detect threats before they can cause significant damage.

I’d position the following scenario to you as hypothetical but the reality of it is we have all been there at one time or another. Either as the result of a rogue script, a complete accident, or even malicious behavior, many are familiar with that sinking feeling when you noticed certain Azure Active Directory (Azure AD) objects have been deleted. Whether it be Users, Groups, Enterprise Apps, or Application Registrations, businesses rely on these Azure AD objects.

There’s no denying it, public cloud is here to stay and there’s a pretty good chance that your company is running some workloads on Amazon Web Services.

Kroll’s findings for Q1 2023 highlight fragmented threat actor groups and a continued evolution in attack methods and approaches, which, alongside other key shifts in behavior, have concerning implications for organizations in many sectors. In Q1 2023, Kroll observed a 57% increase in the overall targeting of the professional services sector from the end of 2022.

Ransomware attacks target organizations or individuals using malware that takes systems or data hostage until a ransom is paid on the promise that a decryption key will then be sent to the organization. There are two main forms of ransomware, non-encrypting ransomware, and crypto ransomware. Non-encrypting, or screen-locking ransomware, locks victims out of their device entirely and is the least common form of ransomware used by cybercriminals.

CISA issues a joint advisory on Russia’s Snake malware operation, hackers use ChatGPT lures to spread malware on Facebook, and a new phishing-as-a-service tool appears in the wild.

Midsize and enterprise organizations take notice: the average and median amount of a ransom payment and the median size of the victim organization are on the rise. If you’re at all concerned about ransomware (and you should be), the latest details from ransomware response vendor Coveware’s latest Quarterly Ransomware Report should have your attention.