Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The spread of the remote workforce and the growth of digital transformation has exponentiated the number of login-based attack vectors. While multi-factor authentication (MFA) generally protects against common methods of gaining unauthorized account access, not all multi-factor authentication methods can defend against sophisticated attacks. To achieve full zero-trust access, MFA is being replaced by phishing-resistant MFA and the standards that define it.

A new report covering 13 global markets highlights phishing prevalence and its role in cyber attacks when compared to other types of attacks. It’s difficult for me not to stand on my “phishing is a problem” soapbox when there exists stories and reports demonstrating that phishing continues to dominate as a security problem that isn’t being properly addressed.

This new phishing toolkit is rising in popularity for its effective realism in impersonating not just Microsoft 365, but the victim organization as well. Security researchers at Cisco Talos have identified a new Microsoft 365 toolkit that actually creates a realistic login experience for the victim user, making it more dangerous to organizations.

On Wednesday, May 3, 2023, Google introduced eight new top-level domains (TLD) available for purchase and that could be used with websites and/or email addresses. From these eight new TLD’s, one that stands out as a potential security risk is.zip. The.zip TLD is concerning since it is also used as an extension of files commonly shared over the internet. With the inclusion of.zip as a domain, email clients and web platforms will now accept URLs disguised as filenames with.zip extensions.

The days of massive server rooms and having every employee all under one roof may seem like they are gone forever, but for a great many organizations the on-premise work environment is still here and unlikely to be pushed out of service any time soon. Let’s start off with a quick reminder on the importance of security an email system. Email remains the number one attack vector favored by threat actors because it involves humans, who can be a weak link in any security system.

Ransomware attacks target organizations or individuals using malware that takes systems or data hostage until a ransom is paid on the promise that a decryption key will then be sent to the organization. There are two main forms of ransomware, non-encrypting ransomware, and crypto ransomware. Non-encrypting, or screen-locking ransomware, locks victims out of their device entirely and is the least common form of ransomware used by cybercriminals.

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) shows an unrelenting upward trend in the number of phishing attacks per quarter. Despite the alarm that the growth in the number of phishing attacks should generate, this report sheds some light on what seems to be working for cybercriminals if you dig a little deeper. According to the report.

Netskope Threat Labs is tracking phishing campaigns abusing InterPlanetary File System (IPFS) to deliver their payloads. From March 1 to April 30, Netskope Threat Labs has seen a 7x increase in traffic to IPFS phishing pages. The attacks have been targeting victims mainly in North America and Asia Pacific across different segments, led by the financial services, banking, and technology sectors. IPFS was first launched in 2014 and has been steadily increasing in popularity since.

The US Federal Trade Commission has issued an alert warning of phishing campaigns that are impersonating PayPal and the MetaMask cryptowallet. “If you got an email that seems to be from MetaMask or PayPal, stop,” the FTC says. “They’re phishing scams. The MetaMask fake says your cryptocurrency wallet is blocked. And, if you don’t act fast, click a link, and update your wallet, they say your crypto will be lost.

OSINT stands for open-source intelligence. It is the collection, analysis, and dissemination of information from publicly available sources, such as social media, government reports, newspapers, and other public documents. OSINT is commonly used by intelligence agencies, private investigators, and law enforcement to gather information about an individual or organization. The OSINT framework showcases the multiple ways in which organizations can gather intelligence.