Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

KnowBe4

[Eye Opener] Attackers Don't Hack, They Log In. Can You Stop Them?

The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in. We see this now in the wild, driven by organized criminal groups like Scattered Spider and BlackCat, who’ve reemerged with a renewed focus on gaining access through legitimate means, often exploiting help desks and social engineering tactics.

Attackers Abuse DocuSign to Send Phony Invoices

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.

Phishing Campaign Impersonates OpenAI To Collect Financial Data

Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method. The phishing emails appear fairly convincing, but trained users could spot some red flags. The most obvious giveaway is that the emails were sent from “info@mtacom,” which is clearly unrelated to OpenAI.

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks. The threat actor begins by sending mass email spam campaigns targeting employees, then adding people who fall for the emails to Microsoft Teams chats with external users. These external users pose as IT support or help desk staff, and send employees Microsoft Teams messages containing malicious QR codes.

Attackers Abuse Eventbrite to Send Phishing Emails

Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024. “Perception Point researchers observed phishing emails delivered via ‘noreply@events.eventbritecom,’” the researchers write.

If Social Engineering Is 70% - 90% of Attacks, Why Aren't We Acting Like It?

Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of my 36-year career to realize it. At the time, I think everyone in cybersecurity knew social engineering was a big part of why hackers and their malware programs were so successful, but no one really knew how big.

Celebrating 5 Million Learners: The Evolution of KnowBe4's Compliance Plus

When you think of KnowBe4, you might immediately picture phishing simulations, password security modules, or other security awareness training topics. But today, we're celebrating a milestone that showcases just how far our Compliance Plus training offering has come: we've reached 5 million learners and over 10,000 customers worldwide! Compliance Plus offers training content that is typically boring, stale and drawn.

The Rise of Outsourced Cybersecurity: How CISOs are Adapting to New Challenges

Chief Information Security Officers (CISOs) are facing unprecedented challenges. The combination of increasingly sophisticated cyber threats, persistent talent shortages, and complex regulatory requirements has led many organizations to rethink their approach to cybersecurity. As a result, we're seeing a significant shift towards outsourcing key security functions to managed service providers.

Every Cybersecurity List Should Be a Risk-Ranked List

Cybersecurity is all about risk management and reduction. You cannot get rid of all risk. Well, I guess you could, but you (and everyone else) would probably not want to work in a true zero-risk environment. It would be too locked down, super slow, and incredibly inflexible. Cybersecurity is all about identifying the most likely and impactful risks and reducing them. To repeat, cybersecurity is about risk management. Identify the biggest risks and mitigate those the best you can. That is your job.