Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan. “In the past, poorly worded or grammatically incorrect emails were often telltale signs of phishing attempts,” Kaburu writes. “Cybersecurity awareness training emphasized identifying such anomalies to thwart potential threats. However, the emergence of ChatGPT has changed the game.

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with their delivery address and they need to click on a link to resolve the issue.

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ESET researchers uncovered the attack and attributed it to the Lazarus group, particularly a campaign dubbed Operation DreamJob. This campaign by the Lazarus group was aimed at defense and aerospace companies with the goal of carrying out cyberespionage.

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions. Everyone working in cybersecurity knows that and is all too familiar with statistics like “more than 70% of cyber incidents are facilitated by human action” (in some reports, even up to 95%). Seemingly, security awareness is all about educating people about the dangers that be, but it does not cut to the chase of actually training people to do the right thing.

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec professional working for a financial institution can tell you, loads of cybercriminals will likely agree with that sentiment. Banks and similar organizations are no stranger to cyber threats.

Cybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data. The first portion of the campaign is a phishing email that asks you to verify your personal information by clicking on a link. The messages launch in waves with several attempts to impersonate LastPass.

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware. “NSFOCUS Security Labs validated the high-level threat attributes of AtlasCross in terms of development technology and attack strategy through an in-depth analysis of its attack metrics,” the researchers write.

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity. No industry or company size is immune as the increase was seen across all organizations, however companies with $100 million in revenue saw the largest increase in number of claims (+20%), as well as staggering losses resulting from attacks (+72%).

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft help files (.chm) to deliver the malware.