Just type your contacts
Just type your contacts
You accept the privacy policy by submitting the form.
Just type your contacts
You accept the privacy policy by submitting the form.
Social engineering news review
1
Security Vulnerabilities in Mobile Devices: Analysis and Recommendations
We have free courses for your staff. Download
A report from Verizon has analysed the security of mobile devices. The report found that 81% of organisations experienced various malware, phishing and password attacks in the year 2023, which were primarily targeted at users.
It was found that 72% of organisations experienced security breaches related to remote working and overall 74% of all breaches were due to human error. Malware was found in 40% of breaches.
Interestingly, 80% of phishing sites were specifically designed to target mobile devices or were universal across desktops and mobile devices. At the same time, the average user is exposed to six to ten times more SMS phishing attacks than email attacks.
Therefore, it is recommended that you pay close attention to security training for your employees. We encourage you to waste no time and start training your staff, as 74% of security breaches are due to human error.
It was found that 72% of organisations experienced security breaches related to remote working and overall 74% of all breaches were due to human error. Malware was found in 40% of breaches.
Interestingly, 80% of phishing sites were specifically designed to target mobile devices or were universal across desktops and mobile devices. At the same time, the average user is exposed to six to ten times more SMS phishing attacks than email attacks.
Therefore, it is recommended that you pay close attention to security training for your employees. We encourage you to waste no time and start training your staff, as 74% of security breaches are due to human error.
2
US aerospace firm downed by spearphishing attack
In recent days, reports have emerged of espionage by an attacker known as AeroBlade, who targeted a US aerospace company with an underwater hunter attack. The incident has caused concern among cybersecurity experts, who say that American companies have yet to learn the basics of online security.
"This is a great example of how the world still doesn't take cybersecurity seriously enough," said Roger Grimes, privacy evangelist at KnowBe4. "The aerospace industry is a critical infrastructure industry, and cybersecurity should be as strong there as it is in any other organisation. Yet stealth phishing, which has been around for more than three decades, continues to be a consistent success."
In a blog post, the BlackBerry Threat Research and Intelligence team explained that the spearphishing attack itself was a weaponised document embedded in an email attachment containing malicious VBA macro code for remote template injection.
Here’s how the researchers said the attack was executed (see illustration below): A malicious Microsoft Word document called [redacted].docx was delivered via email spearphishing, which when executed manually by the user, employs a remote template injection to download a second stage file called “[redacted].dotm.” This file in turn executes "item3.xml,, which creates a reverse shell connecting to "redacted[.]redacted[.]com" over port 443.
"This is a great example of how the world still doesn't take cybersecurity seriously enough," said Roger Grimes, privacy evangelist at KnowBe4. "The aerospace industry is a critical infrastructure industry, and cybersecurity should be as strong there as it is in any other organisation. Yet stealth phishing, which has been around for more than three decades, continues to be a consistent success."
In a blog post, the BlackBerry Threat Research and Intelligence team explained that the spearphishing attack itself was a weaponised document embedded in an email attachment containing malicious VBA macro code for remote template injection.
Here’s how the researchers said the attack was executed (see illustration below): A malicious Microsoft Word document called [redacted].docx was delivered via email spearphishing, which when executed manually by the user, employs a remote template injection to download a second stage file called “[redacted].dotm.” This file in turn executes "item3.xml,, which creates a reverse shell connecting to "redacted[.]redacted[.]com" over port 443.
Anurag Gurtu, CEO of StrikeReady, described the AeroBlade attack as serious because of the sensitive nature of the data held by aerospace companies, including national security information and technology patents. Gurtu added that the methods used often include well-crafted emails and social engineering tactics designed to extract sensitive information or spread malware.
"To combat these threats, it is important for organisations to not only strengthen their cybersecurity defences, but also focus on training employees to identify and respond to phishing attempts," Gurtu said. "This dual approach is critical to protecting against potential breaches that could result in significant loss of intellectual property and threats to national security".
Material used from Steve Zurier's article
"To combat these threats, it is important for organisations to not only strengthen their cybersecurity defences, but also focus on training employees to identify and respond to phishing attempts," Gurtu said. "This dual approach is critical to protecting against potential breaches that could result in significant loss of intellectual property and threats to national security".
Material used from Steve Zurier's article
3
How AI is creating more realistic fraud
"2024 will be the year of massive fraud created by artificial intelligence," warns cybersecurity expert Kevin Gosschalk of Arkose Labs.
Attackers are increasingly harnessing the power of artificial intelligence to create more realistic forms of fraud. One of these is phishing, which involves sending false messages or emails to trick users into revealing their sensitive information.
In the past, phishing messages were usually written in bad language with numerous errors, which attracted attention and made it easier to detect the fake messages. However, the use of generative artificial intelligence now allows for more attractive and higher quality messages with perfect grammar, making them harder to detect.
???? Voice cloning scams using artificial intelligence are also on the rise, warns the expert.
Cybercriminals are using deep voice fakes created from voice recordings of real users found in sources such as YouTube videos. This allows them to accurately reproduce the intonation, accent and other characteristics of another person's voice, creating the illusion of a real conversation partner.
High-profile incidents such as the case of the CEO of a UK energy company who was tricked by a hacker into transferring $243,000 to a third party, or the case of a bank director in the Emirates whose voice was cloned using neural networks, netting the fraudsters $35 million, demonstrate the danger of such attacks.
☠ In most cases, the human factor is the main reason for the success of such fraudulent schemes. Lack of awareness and inappropriate actions by employees become the weak link in a company's security system. Therefore, it is important to train and vet your employees to give them the necessary knowledge and skills to combat fraud.
If you need help training your employees and improving the security of your organisation, please contact us. We are here to help.
Team Security Champion