Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks. Using this news cycle is nothing new.

In a concerning trend observed recently, threat actors are increasingly leveraging encoded URLs to bypass secure email gateways (SEGs), posing a significant challenge to email security defenses. According to recent findings by Cofense, there has been a notable uptick in attacks where threat actors manipulate SEGs to encode or rewrite malicious URLs embedded in emails. This tactic exploits vulnerabilities in SEG technologies, allowing malicious links to slip through undetected to unsuspecting recipients.

Despite ransomware getting the lion’s share of the tech pub headlines, business email compromise (BEC) attacks are alive and well… and having a material impact. New data from Arctic Wolf’s 2024 State of Cybersecurity report shows that BEC attacks – whether attempted or successful – are far more widely felt than previously thought.

Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they can use employee accounts without raising suspicion.

Analysis of the latest phishing-as-a-service (PhaaS) platform ONNX Store highlights just how successful these platforms can be. Security analysts at threat intelligence vendor Eclectic IQ have been tracking ONNX Store, noting it’s a rebranded evolution of the Caffeine PhaaS platform. According to analysis, ONNX has been used to target financial institutions, “including banks, private funding firms and credit union service providers across the EMEA and AMER regions.”

Back in the early days of the internet, people looked forward to hearing that deep, robotic voice announcing “you’ve got mail!” Today, whether you like it or not, email is fundamental to personal and business communications. In 2022, people sent and received an estimated 333 billion emails daily, with the number expected to increase to 392.5 billion by 2026. Experiencing a security incident on your email server can interrupt business operations leading to lost revenue.

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months.

Modern cybercriminals aren’t just after your average employee. They’re targeting DevOps engineers – the gatekeepers of critical infrastructure and valuable data. 90% of data breaches start with phishing. Traditional awareness training often needs more technical depth. These programs tend to focus on generic red flags (e.g., suspicious links and requests for sensitive information) that are easily recognized by most.

In a recent security disclosure, Microsoft has warned more of its clients that Russian hackers have accessed emails exchanged between them and the company. This breach, attributed to the notorious "Midnight Blizzard" hacking group, has raised significant concerns about the security of communications with Microsoft.