[Heads Up] FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs
Email not displaying? | View Knowbe4 Blog
CyberheistNews Vol 12 #11 | Mar. 15th., 2022
[Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs
The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors.
Bleeping computer reported this was revealed in a joint TLP:WHITE flash alert published last week in coordination with the Cybersecurity and Infrastructure Security Agency.
"As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors," the federal law enforcement agency said.
"RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention." The flash alert focuses on providing Indicators of Compromise (IOCs) organizations can use to detect and block Ragnar Locker ransomware attacks.
IOCs associated with Ragnar Locker activity include info on attack infrastructure, cryptocurrency addresses used to collect ransom demands, and email addresses used by the gang's operators. Although the FBI first became aware of Ragnar Locker in April 2020, Ragnar Locker ransomware payloads were first observed in attacks months before, during late December 2019.
Ragnar Locker operators terminate remote management software (e.g., ConnectWise, Kaseya) used by managed service providers (MSPs) to manage clients' systems remotely on compromised enterprise endpoints. This allows the threat actors to evade detection and make sure remotely logged-in admins do not interfere with or block the ransomware deployment process.
Request for info linked to Ragnar Locker attacks
The FBI asked admins and security professionals who detect Ragnar Locker activity to share any related information with their local FBI Cyber Squad. Useful info that would help identify the threat actors behind this ransomware gang includes copies of the ransom notes, ransom demands, malicious activity timelines, payload samples and more.
The FBI added that it doesn't encourage paying Ragnar Locker ransoms since victims have no guarantee that paying will prevent leaks of stolen data or future attacks. Instead, ransom payments will further motivate the ransomware gang to target even more victims and incentivizes other cybercrime operations to join in and launch their own ransomware attacks.
However, the federal agency did recognize the damage inflicted to businesses by ransomware attacks, which may force executives to pay ransoms and protect shareholders, customers or employees. The FBI also shared mitigation measures to block such attacks and strongly urged victims to report such incidents to their local FBI field office.
Blog post with link to FBI PDF:
https://blog.knowbe4.com/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs
The U.S. Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple U.S. critical infrastructure sectors.
Bleeping computer reported this was revealed in a joint TLP:WHITE flash alert published last week in coordination with the Cybersecurity and Infrastructure Security Agency.
"As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors," the federal law enforcement agency said.
"RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention." The flash alert focuses on providing Indicators of Compromise (IOCs) organizations can use to detect and block Ragnar Locker ransomware attacks.
IOCs associated with Ragnar Locker activity include info on attack infrastructure, cryptocurrency addresses used to collect ransom demands, and email addresses used by the gang's operators. Although the FBI first became aware of Ragnar Locker in April 2020, Ragnar Locker ransomware payloads were first observed in attacks months before, during late December 2019.
Ragnar Locker operators terminate remote management software (e.g., ConnectWise, Kaseya) used by managed service providers (MSPs) to manage clients' systems remotely on compromised enterprise endpoints. This allows the threat actors to evade detection and make sure remotely logged-in admins do not interfere with or block the ransomware deployment process.
Request for info linked to Ragnar Locker attacks
The FBI asked admins and security professionals who detect Ragnar Locker activity to share any related information with their local FBI Cyber Squad. Useful info that would help identify the threat actors behind this ransomware gang includes copies of the ransom notes, ransom demands, malicious activity timelines, payload samples and more.
The FBI added that it doesn't encourage paying Ragnar Locker ransoms since victims have no guarantee that paying will prevent leaks of stolen data or future attacks. Instead, ransom payments will further motivate the ransomware gang to target even more victims and incentivizes other cybercrime operations to join in and launch their own ransomware attacks.
However, the federal agency did recognize the damage inflicted to businesses by ransomware attacks, which may force executives to pay ransoms and protect shareholders, customers or employees. The FBI also shared mitigation measures to block such attacks and strongly urged victims to report such incidents to their local FBI field office.
Blog post with link to FBI PDF:
https://blog.knowbe4.com/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs
Log4j - Kevin Mitnick Explains One of the Most Serious Vulnerabilities in the Last Decade
The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered. Sleepless nights followed for many. But a shortage of time and manpower has left this vulnerability wide open in many organizations. Is your organization one of them?
In this on-demand webinar, Kevin Mitnick, KnowBe4's Chief Hacking Officer and The World's Most Famous Hacker, and Colin Murphy, KnowBe4's Chief Information Officer, share their experience with the Log4j vulnerability. Hear their first-hand accounts of testing network environments with this incredibly easy hack.
In less than 30 minutes, you'll learn:
Watch Now!
https://info.knowbe4.com/kevin-mitnick-explains-the-log4j-vulnerability
The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered. Sleepless nights followed for many. But a shortage of time and manpower has left this vulnerability wide open in many organizations. Is your organization one of them?
In this on-demand webinar, Kevin Mitnick, KnowBe4's Chief Hacking Officer and The World's Most Famous Hacker, and Colin Murphy, KnowBe4's Chief Information Officer, share their experience with the Log4j vulnerability. Hear their first-hand accounts of testing network environments with this incredibly easy hack.
In less than 30 minutes, you'll learn:
- Real life examples of this bug bounty bonanza
- Potential consequences of these attacks
- Remediation - blocking the perimeter is not enough
- The future for this class of exploits
Watch Now!
https://info.knowbe4.com/kevin-mitnick-explains-the-log4j-vulnerability
According to KnowBe4 Research's Q1 2022 Report: Shadow IT Is a Real Risk
Imagine needing to share a large PDF non-confidential document with a customer. It is too large to send via email, and recently you started using a cloud file sharing service to store files and make them accessible on your smartphone, tablet or other computers.
You upload the file to the filesharing service and then share the link with the customer to make things easier. After a few clicks, a link is sent to the customer and they download the PDF document.
The next day, you get a phone call from one of the information security officers from the organization asking about a file they noticed you transferred out of the company to the filesharing service.
As expected, they told you that you should not have done that, as it is against corporate policies. You ask if there is anything similar to use on behalf of the company.
At that time, there was not, but within a couple of months after that phone call, you are informed via company communications that a new filesharing service is now available to use to send large files to customers, and it was going to allow for encryption and other access controls to protect the data.
CONTINUED:
https://blog.knowbe4.com/q1-2022-knowbe4-research-report-shadow-it-impacts-security-culture
Imagine needing to share a large PDF non-confidential document with a customer. It is too large to send via email, and recently you started using a cloud file sharing service to store files and make them accessible on your smartphone, tablet or other computers.
You upload the file to the filesharing service and then share the link with the customer to make things easier. After a few clicks, a link is sent to the customer and they download the PDF document.
The next day, you get a phone call from one of the information security officers from the organization asking about a file they noticed you transferred out of the company to the filesharing service.
As expected, they told you that you should not have done that, as it is against corporate policies. You ask if there is anything similar to use on behalf of the company.
At that time, there was not, but within a couple of months after that phone call, you are informed via company communications that a new filesharing service is now available to use to send large files to customers, and it was going to allow for encryption and other access controls to protect the data.
CONTINUED:
https://blog.knowbe4.com/q1-2022-knowbe4-research-report-shadow-it-impacts-security-culture
[New PhishER Feature] Turn the Tables on the Cybercriminals with PhishFlip
Cybercriminals are always coming up with new, devious phishing techniques to trick your users. PhishFlip is a new PhishER feature that allows you to respond in real time and turn the tables on these threat actors. With PhishFlip, you can now immediately “flip” a dangerous attack into an instant real-world training opportunity for your users.
Your users are likely already reporting potentially dangerous emails in some fashion within your organization. You can now combine your existing PhishRIP email quarantine capability with the new PhishFlip feature that automatically replaces active phishing threats with a new defanged look-alike back into your users’ mailbox.
The new PhishFlip feature is included in PhishER — yes you read that right, no extra cost — so now you can turn the tables on these threat actors and flip targeted phishing attacks into a simulated phishing test for all users. This new feature dramatically reduces data breach risk and the burden on your IT and InfoSec teams.
See how you can best manage your user-reported messages.
Join us Wednesday, March 23 @ 2:00 PM (ET) for a live 30-minute demonstration of PhishER, the #1 Leader in the G2 Grid Report for SOAR Software.
With PhishER you can:
Find out how adding PhishER can be a huge time-saver for your Incident Response team!
Date/Time: Join us Wednesday, March 23 @ 2:00 PM (ET)
Save My Spot!
https://event.on24.com/wcc/r/3595274/CBED27E05FF17653264E576D16B2BBEF?partnerref=CHN
Cybercriminals are always coming up with new, devious phishing techniques to trick your users. PhishFlip is a new PhishER feature that allows you to respond in real time and turn the tables on these threat actors. With PhishFlip, you can now immediately “flip” a dangerous attack into an instant real-world training opportunity for your users.
Your users are likely already reporting potentially dangerous emails in some fashion within your organization. You can now combine your existing PhishRIP email quarantine capability with the new PhishFlip feature that automatically replaces active phishing threats with a new defanged look-alike back into your users’ mailbox.
The new PhishFlip feature is included in PhishER — yes you read that right, no extra cost — so now you can turn the tables on these threat actors and flip targeted phishing attacks into a simulated phishing test for all users. This new feature dramatically reduces data breach risk and the burden on your IT and InfoSec teams.
See how you can best manage your user-reported messages.
Join us Wednesday, March 23 @ 2:00 PM (ET) for a live 30-minute demonstration of PhishER, the #1 Leader in the G2 Grid Report for SOAR Software.
With PhishER you can:
- NEW! Automatically flip active phishing attacks into safe simulated phishing campaigns with PhishFlip. You can even replace active phishing emails with safe look-alikes in your user’s inbox
- Easily search, find, and remove email threats with PhishRIP, PhishER’s email quarantine feature for Microsoft 365 and G Suite
- Cut through your Incident Response inbox noise and respond to the most dangerous threats more quickly
- Automate message prioritization by rules you set into one of three categories: Clean, Spam or Threat
- Easy integration with KnowBe4’s email add-in button, Phish Alert, or forwarding to a mailbox works too!
Find out how adding PhishER can be a huge time-saver for your Incident Response team!
Date/Time: Join us Wednesday, March 23 @ 2:00 PM (ET)
Save My Spot!
https://event.on24.com/wcc/r/3595274/CBED27E05FF17653264E576D16B2BBEF?partnerref=CHN
Phishing Impersonation and Attack Trends in 2021
Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.
“Barely edging Microsoft out of the top spot, Facebook is the most impersonated brand of 2021, representing 14% of phishing pages analyzed by Vade,” the researchers write. “Facebook, which sat at #2 on the Phishers’ Favorites list in 2020, has seen increased interest from phishers over the last two years."
"While Facebook has dominated social media for more than a decade, disruptive social changes, including COVID-19 and political unrest, created a perfect storm for phishers’ to capitalize on the last two years. Always ready to exploit a bad situation, phishers’ have no doubt kept tabs on Facebook and found ample opportunities to exploit its users.”
The two atop the leader board may both be IT companies, but another sector is heavily represented in the field. Unsurprisingly, more than a third of phishing attacks impersonated companies in the financial industry.
“Representing 35% of all phishing pages, financial services was the most impersonated industry of the year,” Vade says. “Crédit Agricole, Chase, Wells Fargo, and PayPal are among the top 20 most impersonated brands, while financial services overall had six brands on the list.”
The researchers also observed an increase in tech support scams that encouraged recipients to call a phone number rather than click a link in the email.
“In March 2021, Vade began tracking a phishing campaign that impersonated several antivirus providers, including Norton, McAfee, and Microsoft,” the researchers write. “Unlike traditional phishing emails, the tech support scams did not include links but phone numbers."
"Users were urged to call a phone number in the footer of the email to either renew their subscriptions or be charged a renewal fee. Once on the phone, users are lured by hackers who convince the users that their computers are infected with malware. Vade detected 1 million tech support scam emails between March and April 2021.”
New-school security awareness training can enable your employees to recognize phishing attacks like this.
Blog post with links:
https://blog.knowbe4.com/2021-phishing-impersonation-attack-trends-2021
Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.
“Barely edging Microsoft out of the top spot, Facebook is the most impersonated brand of 2021, representing 14% of phishing pages analyzed by Vade,” the researchers write. “Facebook, which sat at #2 on the Phishers’ Favorites list in 2020, has seen increased interest from phishers over the last two years."
"While Facebook has dominated social media for more than a decade, disruptive social changes, including COVID-19 and political unrest, created a perfect storm for phishers’ to capitalize on the last two years. Always ready to exploit a bad situation, phishers’ have no doubt kept tabs on Facebook and found ample opportunities to exploit its users.”
The two atop the leader board may both be IT companies, but another sector is heavily represented in the field. Unsurprisingly, more than a third of phishing attacks impersonated companies in the financial industry.
“Representing 35% of all phishing pages, financial services was the most impersonated industry of the year,” Vade says. “Crédit Agricole, Chase, Wells Fargo, and PayPal are among the top 20 most impersonated brands, while financial services overall had six brands on the list.”
The researchers also observed an increase in tech support scams that encouraged recipients to call a phone number rather than click a link in the email.
“In March 2021, Vade began tracking a phishing campaign that impersonated several antivirus providers, including Norton, McAfee, and Microsoft,” the researchers write. “Unlike traditional phishing emails, the tech support scams did not include links but phone numbers."
"Users were urged to call a phone number in the footer of the email to either renew their subscriptions or be charged a renewal fee. Once on the phone, users are lured by hackers who convince the users that their computers are infected with malware. Vade detected 1 million tech support scam emails between March and April 2021.”
New-school security awareness training can enable your employees to recognize phishing attacks like this.
Blog post with links:
https://blog.knowbe4.com/2021-phishing-impersonation-attack-trends-2021
Re-Check Your Email Attack Surface Now. (We Are Always Adding New Breaches)
Your users are your largest attack surface. Data breaches are getting larger and more frequent. Cybercriminals are getting smarter every year. Add it all up and your organization's risk skyrockets with the amount of your users' credentials that are exposed.
It's time to re-check your email attack surface.
Find out your current email attack surface now with KnowBe4’s Email Exposure Check Pro. EEC Pro identifies your at-risk users by crawling business social media information and now also thousands of breach databases.
EEC Pro leverages one of the largest and most up-to-date breach data sources to help you find even more of your users’ compromised accounts that have been exposed in the most recent data breaches - fast.
Do this complimentary test now!
Get your EEC Pro Report in less than 5 minutes. It’s often an eye-opening discovery. You are probably not going to like the results...
Get Your Report:
https://info.knowbe4.com/email-exposure-check-pro-chn-2
Your users are your largest attack surface. Data breaches are getting larger and more frequent. Cybercriminals are getting smarter every year. Add it all up and your organization's risk skyrockets with the amount of your users' credentials that are exposed.
It's time to re-check your email attack surface.
Find out your current email attack surface now with KnowBe4’s Email Exposure Check Pro. EEC Pro identifies your at-risk users by crawling business social media information and now also thousands of breach databases.
EEC Pro leverages one of the largest and most up-to-date breach data sources to help you find even more of your users’ compromised accounts that have been exposed in the most recent data breaches - fast.
Do this complimentary test now!
Get your EEC Pro Report in less than 5 minutes. It’s often an eye-opening discovery. You are probably not going to like the results...
Get Your Report:
https://info.knowbe4.com/email-exposure-check-pro-chn-2
We Asked Kevin Mitnick for The Best Site To Become A Pentester
KnowBe4's Chief Hacking Officer Kevin Mitnick did an all-staff AMA a few days ago. Lots of interesting questions were asked, many of them focusing on what he was doing most of his time. His answer was that he still is dedicating himself to his pentesting business, to stay sharp and constantly hear about the latest exploits and try them out.
Then one of our team said they wanted to focus on becoming a pentester and asked what site Kevin recommended as the place to start. He immediately said that Offensive Security was the best place to go to and get certified in that area. I thought that was interesting enough to tell all of you!
Here they are:
https://www.offensive-security.com/
Let's stay safe out there.
Warm Regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.
PS - KnowBe4's Position On Recent Russian Aggression:
https://blog.knowbe4.com/knowbe4s-position-on-recent-russian-aggression
PPS - Check out The Cyber Defense Mag Top 7 Cybersecurity Conferences for 2022:
https://www.cyberdefensemagazine.com/the-7-top-cybersecurity-conferences-for-2022
KnowBe4's Chief Hacking Officer Kevin Mitnick did an all-staff AMA a few days ago. Lots of interesting questions were asked, many of them focusing on what he was doing most of his time. His answer was that he still is dedicating himself to his pentesting business, to stay sharp and constantly hear about the latest exploits and try them out.
Then one of our team said they wanted to focus on becoming a pentester and asked what site Kevin recommended as the place to start. He immediately said that Offensive Security was the best place to go to and get certified in that area. I thought that was interesting enough to tell all of you!
Here they are:
https://www.offensive-security.com/
Let's stay safe out there.
Warm Regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.
PS - KnowBe4's Position On Recent Russian Aggression:
https://blog.knowbe4.com/knowbe4s-position-on-recent-russian-aggression
PPS - Check out The Cyber Defense Mag Top 7 Cybersecurity Conferences for 2022:
https://www.cyberdefensemagazine.com/the-7-top-cybersecurity-conferences-for-2022
Quotes of the Week
"We are never deceived; we deceive ourselves."
- Johann Wolfgang von Goethe - Poet (1749 - 1832)
"Change your life today. Don't gamble on the future, act now, without delay."
- Simone de Beauvoir - Writer, Philosopher (1908 - 1986)
- Johann Wolfgang von Goethe - Poet (1749 - 1832)
"Change your life today. Don't gamble on the future, act now, without delay."
- Simone de Beauvoir - Writer, Philosopher (1908 - 1986)
Thanks for reading CyberheistNews
You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-12-11-heads-up-fbi-ransomware-gang-breached-52-us-critical-infrastructure-Orgs
Security News
By the Way, There's No Draft - Smishing Campaign Alert
Scammers are sending phony text messages informing people in the U.S. that they’ve been drafted by the U.S. Army, according to Army Times.
“The false message, claiming to be the ‘United States Official Army Draft,’ informs recipients that they’ve ‘been marked eligible’ after attempts to reach them via mail,” Army Times says.
The messages tell recipients that they could face prison if they don’t respond to the message. Interestingly, while the scammers are likely attempting to exploit fears surrounding the war in Ukraine, the messages say the recipients will be deployed to Iran.
“Recipients of the fake notice are threatened with jail time if they don’t call the phone number associated with the text, which references Iran rather than Ukraine,” Army Times says. “Military Times was unable to find a match for the new message among draft scam screenshots from 2020, though, suggesting that the message may have been sent recently despite the error.”
U.S. Army Recruiting Command (USAREC) said in a press release that similar text messages were sent in 2020 during a period of high tensions with Iran.
“Fraudulent messages about a purported military draft are once again circulating among members of the public,” USAREC said. “The messages, which are similar to those circulated two years ago, have been sent to various members of the public over the past week. These messages are false and were not initiated by the U.S. Army Recruiting Command.”
Blog Post:
https://blog.knowbe4.com/by-the-way-theres-no-draft-smishing-campaign
Scammers are sending phony text messages informing people in the U.S. that they’ve been drafted by the U.S. Army, according to Army Times.
“The false message, claiming to be the ‘United States Official Army Draft,’ informs recipients that they’ve ‘been marked eligible’ after attempts to reach them via mail,” Army Times says.
The messages tell recipients that they could face prison if they don’t respond to the message. Interestingly, while the scammers are likely attempting to exploit fears surrounding the war in Ukraine, the messages say the recipients will be deployed to Iran.
“Recipients of the fake notice are threatened with jail time if they don’t call the phone number associated with the text, which references Iran rather than Ukraine,” Army Times says. “Military Times was unable to find a match for the new message among draft scam screenshots from 2020, though, suggesting that the message may have been sent recently despite the error.”
U.S. Army Recruiting Command (USAREC) said in a press release that similar text messages were sent in 2020 during a period of high tensions with Iran.
“Fraudulent messages about a purported military draft are once again circulating among members of the public,” USAREC said. “The messages, which are similar to those circulated two years ago, have been sent to various members of the public over the past week. These messages are false and were not initiated by the U.S. Army Recruiting Command.”
Blog Post:
https://blog.knowbe4.com/by-the-way-theres-no-draft-smishing-campaign
Domains Associated With Phishing Directed Against Ukraine
Researchers from Secureworks’ Counter Threat Unit (CTU) are tracking phishing domains used by the “MOONSCAPE” threat actor to target users in Ukraine. The researchers note that Ukraine’s Computer Emergency Response Team (CERT-UA) has attributed this campaign to the Belarusian threat actor UNC1151, but Secureworks hasn’t yet confirmed this attribution.
Belarus is one of Russia’s closest allies and is assisting in Moscow’s war against Ukraine. “CTU researchers identified another set of domains with similar characteristics to the Apolena Zorka cluster, although this cluster used the ‘Radka Dominika’ registrant,” the researchers write.
“These domains included similar themes but used Polish words for verification (weryfikacja) and validation (walidacja) in several generic email validation themed domains. Another identified domain (ron-mil [dot] space) appears to spoof the legitimate domain of the Polish Ministry of National Defense."
The researchers explain that MOONSCAPE has been targeting both Polish and Ukrainian users, and recently shifted its focus to Ukrainian domains. New-school security awareness training can enable your employees to thwart targeted social engineering attacks.
Secureworks has the story:
https://www.secureworks.com/blog/domains-linked-to-phishing-attacks-targeting-ukraine
Researchers from Secureworks’ Counter Threat Unit (CTU) are tracking phishing domains used by the “MOONSCAPE” threat actor to target users in Ukraine. The researchers note that Ukraine’s Computer Emergency Response Team (CERT-UA) has attributed this campaign to the Belarusian threat actor UNC1151, but Secureworks hasn’t yet confirmed this attribution.
Belarus is one of Russia’s closest allies and is assisting in Moscow’s war against Ukraine. “CTU researchers identified another set of domains with similar characteristics to the Apolena Zorka cluster, although this cluster used the ‘Radka Dominika’ registrant,” the researchers write.
“These domains included similar themes but used Polish words for verification (weryfikacja) and validation (walidacja) in several generic email validation themed domains. Another identified domain (ron-mil [dot] space) appears to spoof the legitimate domain of the Polish Ministry of National Defense."
The researchers explain that MOONSCAPE has been targeting both Polish and Ukrainian users, and recently shifted its focus to Ukrainian domains. New-school security awareness training can enable your employees to thwart targeted social engineering attacks.
Secureworks has the story:
https://www.secureworks.com/blog/domains-linked-to-phishing-attacks-targeting-ukraine
What KnowBe4 Customers Say
"Stu: Thanks for checking in. Yes, we've been very happy with the platform so far. Brandie has been very helpful and great to work with."
"We actually had an incident yesterday where someone we work with at another school district had their email account compromised and some phishing emails were sent to contacts at our district. I caught the email (as I was one of the recipients), sent it to PhishER, and within a few minutes it had flagged it as a threat and removed it from the other 12 users' inboxes. "
"Google eventually picked it up as a phishing message and reclassified it, but that was 2 1/2 hours later."
- K.A., Technology Coordinator
"Stu, We are very happy with this platform. We have used other companies for training and phishing, and I must say your product is far superior and easy to use. Shout out to LexieN. She was knowledgeable, great at communication and easy to work with."
- L.M., Director of IT
"Hi Stu, I am very pleased with KnowBe4. My users have already improved in their understanding and recognition of phishing email and other suspicious activity. Even our Head of Security has noticed a change in the approach to our physical security procedures, just from requiring KnowBe4's Security Fundamentals training!"
"I must note here that CourtneyL and RebecaL are amazing. Their dedication and superior performance was the assurance I needed in the decision to adopt KnowBe4's platform as our own. You have two great human assets who will keep KnowBe4 growing for years to come. "
"(It doesn't hurt that I met Perry Carpenter when he spoke at a conference in Arkansas while I was evaluating KnowBe4). You have built an innovative product and I cannot wait to see how it will continue to improve in years to come."
"Thank you for reaching out. It is very reassuring to see you take a personal interest in your clients."
- C.R., Information Systems Director
"Stu: Thanks for checking in. Yes, we've been very happy with the platform so far. Brandie has been very helpful and great to work with."
"We actually had an incident yesterday where someone we work with at another school district had their email account compromised and some phishing emails were sent to contacts at our district. I caught the email (as I was one of the recipients), sent it to PhishER, and within a few minutes it had flagged it as a threat and removed it from the other 12 users' inboxes. "
"Google eventually picked it up as a phishing message and reclassified it, but that was 2 1/2 hours later."
- K.A., Technology Coordinator
"Stu, We are very happy with this platform. We have used other companies for training and phishing, and I must say your product is far superior and easy to use. Shout out to LexieN. She was knowledgeable, great at communication and easy to work with."
- L.M., Director of IT
"Hi Stu, I am very pleased with KnowBe4. My users have already improved in their understanding and recognition of phishing email and other suspicious activity. Even our Head of Security has noticed a change in the approach to our physical security procedures, just from requiring KnowBe4's Security Fundamentals training!"
"I must note here that CourtneyL and RebecaL are amazing. Their dedication and superior performance was the assurance I needed in the decision to adopt KnowBe4's platform as our own. You have two great human assets who will keep KnowBe4 growing for years to come. "
"(It doesn't hurt that I met Perry Carpenter when he spoke at a conference in Arkansas while I was evaluating KnowBe4). You have built an innovative product and I cannot wait to see how it will continue to improve in years to come."
"Thank you for reaching out. It is very reassuring to see you take a personal interest in your clients."
- C.R., Information Systems Director
The 10 Interesting News Items This Week
- Why training is essential to building a strong cybersecurity culture:
https://www.fastcompany.com/90723595/why-training-is-essential-to-building-a-strong-cybersecurity-culture - Recent 10x Increase in Cyberattacks on Ukraine: https://krebsonsecurity.com/2022/03/report-recent-10x-increase-in-cyberattacks-on-ukraine/
- Online daters lost a record $547 million to scams in 2021:
https://www.cnbc.com/2022/03/08/online-daters-lost-a-record-547-million-to-scams-in-2021.html - Deepfakes study finds doctored text is more manipulative than phony video:
https://thenextweb.com/news/deepfakes-study-finds-doctored-text-is-more-manipulative-than-phony-video-mit-media-lab - What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare:
https://hbr.org/2022/03/what-russias-ongoing-cyberattacks-in-ukraine-suggest-about-the-future-of-cyber-warfare - China’s APT41 exploited Log4j within hours: https://www.computerweekly.com/news/252514376/Chinas-APT41-exploited-Log4j-within-hours
- FBI: Ransomware gang breached 52 U.S. critical infrastructure orgs:
https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/ - Hackers Targeted U.S. LNG Producers in Run-Up to Ukraine War:
https://www.bloomberg.com/news/articles/2022-03-07/hackers-targeted-u-s-lng-producers-in-run-up-to-war-in-ukraine - Researchers warn of malicious typosquatting packages making their way into open-source repositories:
https://www.computing.co.uk/news/4045953/researchers-warn-malicious-typosquatting-packages-open-source-repositories - 3 Information Security Policies To Help Create a Strong Anti-phishing Foundation:
https://www.cpomagazine.com/cyber-security/3-information-security-policies-to-help-create-a-strong-anti-phishing-foundation/
Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff
- The Top 10 Places To Visit In Ukraine - Beautiful 4K Travel Guide. Save Ukraine!:
https://www.youtube.com/watch?v=lAyWhJ6tr9E
- And here is a very neat “Little Big World” video on Ukraine:
https://www.flixxy.com/ukraine-unreal.htm?utm_source=4
- GoPro Awards: Vertical Building Dancers. WOW:
https://www.youtube.com/watch?v=2BNRe1rb_Ts
- Best Of The Week is back with another action filled round of ordinary people doing extraordinary things!:
https://www.flixxy.com/people-are-awesome-best-of-the-week-105.htm?utm_source=4
- Olympic Champion snowboarder Pierre Vaultier sends his snowboard down another incredible snow pump track in the Alps:
https://www.flixxy.com/snowboarding-the-perfect-track.htm?utm_source=4
- Lock Picking… An Inside Perspective. You see the opened lock from the inside:
https://www.youtube.com/watch?v=T_sy3dLwHkc
- Is This Paperweight Better Than a Master Lock?:
https://www.youtube.com/watch?v=ULUz4u5FLYg
- Formula 1: Drive To Survive Season 4 Official Netflix Trailer:
https://www.youtube.com/watch?v=WoFpyFL8E7s
- Why Delhi is Building a Massive New Railway:
https://www.youtube.com/watch?v=tc355CBeeX0
- Obi-Wan Kenobi | Teaser Trailer | Disney+:
https://www.youtube.com/watch?v=TWTfhyvzTx0
- For Da Kids #1 - Woman Goes To Papa John's And Ends Up Rescuing Kittens:
https://www.youtube.com/watch?v=xqMfN2KGrfQ
- For Da Kids #2 - Picky Kitten Refuses To Give Up His Bottle:
https://www.youtube.com/watch?v=Y8HhfT7QoRQ
- For Da Kids #3 - Elephants Ran To Reunion With A Friend Who Was Away For 14 Months:
https://www.youtube.com/watch?v=LGQVn8nsvN0
- For Da Kids #4 - More Animal Crackers Music For Animals:
https://www.flixxy.com/music-for-animals.htm?utm_source=4
- For Da Kids #5 - Can Otters See optical illusions?:
https://www.youtube.com/channel/UCDYyCQAk60CqabvkL5gU3Mw