CyberheistNews Vol 14 #12 [HEADS UP] I Am Announcing AIDA: Artificial Intelligence Defense Agents!



Cyberheist News

CyberheistNews Vol 14 #12  |   March 19th, 2024

[HEADS UP] I Am Announcing AIDA: Artificial Intelligence Defense Agents!Stu Sjouwerman SACP

AI is evolving at breakneck speed. Elon Musk recently said: "I've never seen any technology advance faster than AI compute. We are on the edge of the biggest technology revolution ever. As in the Chinese curse; we are living in the most interesting of times."

Enter AIDA, KnowBe4's latest leap in fortifying security culture and managing human risk through the power of GenAI.

AIDA to the Rescue

We just announced and demonstrated KnowBe4's new Artificial Intelligence Defense Agents (AIDA) at our KB4-CON conference last week. AIDA is not just another tool; it's a game-changer in empowering you to create a strong security culture.

What's Special About AIDA?

AIDA was designed to revolutionize how organizations approach security awareness training. AIDA provides a tailored learning experience that addresses the unique needs of each user. This means not just any training, but the right kind of training (including phishing simulations) at the right time to the right audience. Early tests show promising results, pointing toward a future where defenses against AI-assisted threats are not just reactive, but proactive and robust.

Six Years of AI Experience

At KnowBe4, diving deep into AI is nothing new. For nearly six years, we've been exploring AI from both sides of the fence — understanding how it can be used in attacks and how we can harness its power for defense. Through rigorous testing, research and simulations, we've kept a step ahead, developing strategies to counter AI-enabled threats.

A Message from Me — KnowBe4's CEO

"Our journey with AI has always been about empowering our customers to safeguard their organizations better. With AIDA, we're pushing the boundaries further, using hyper-personalization to craft engaging, effective training. It's about preparing employees not just for today's threats, but for the sophisticated deepfakes of tomorrow."

Looking Ahead

AIDA symbolizes KnowBe4's unwavering commitment to innovation and providing cutting-edge security products. It's a testament to our belief in the transformative power of AI in creating a secure, aware and resilient organizational culture. As we release AIDA this year, we look forward to not just countering threats, but defining the future of cybersecurity education.

Stay ahead of the curve with KnowBe4, and let's forge a safer digital world together. For more insights into AIDA and how we're revolutionizing security awareness, drop by https://www.knowbe4.com/kb4-con for the on-demand keynotes that came online Friday, March 15th. At the end of my own keynote, we lift the veil on some super exciting AI capabilities we are working on.

Blog post with links:
https://blog.knowbe4.com/i-am-announcing-aida-artificial-intelligence-defense-agents

Register and watch the KB4-CON Keynotes here:
https://www.knowbe4.com/kb4-con

RIP Malicious Emails With KnowBe4's PhishER Plus

RIP malicious emails out of your users' mailbox with KnowBe4's PhishER Plus!

It's time to supercharge your phishing defenses using these two powerful features:

1) Automatically block malicious emails that your filters miss
2) Being able to RIP malicious emails before your users click on them

With PhishER Plus you can:

  • Use crowdsourced intelligence from more than 13 million users to block known threats before you're even aware of them
  • Automatically isolate and "rip" malicious emails from your users' inboxes that have bypassed mail filters
  • Simplify your workflow by analyzing links and attachments from a single console with the CrowdStrike Falcon Sandbox integration
  • Leverage the expertise of the KnowBe4 Threat Research Lab to analyze tens of thousands of malicious emails reported by users around the globe per day
  • Automate message prioritization by rules you set and cut through your Incident Response inbox noise to respond to the most dangerous threats quickly

Join us for a live 30-minute demo of PhishER Plus, the #1 Leader in the G2 Grid Report for SOAR Software, to see it in action.

Date/Time: TOMORROW, Wednesday, March 20, @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/phisher-demo-3?partnerref=CHN2

AI-Driven Voice Cloning Tech Used in Vishing Campaigns

This is something you could share with your users. The Better Business Bureau (BBB) is generally seen as a credible source for scams.

Scammers are using AI technology to assist in voice phishing (vishing) campaigns, the BBB warns.

Generative AI tools can now be used to create convincing imitations of people's voices based on very small audio samples. "At work, you get a voicemail from your boss," the BBB says. "They instruct you to wire thousands of dollars to a vendor for a rush project. The request is out of the blue. But it's the boss's orders, so you make the transfer.

"A few hours later, you see your boss and confirm that you sent the payment. But there's one big problem; your manager has no idea what you are talking about!

"It turns out that the message was fake. At home, you may receive a phone call or voicemail from a family member in an urgent situation like an accident or a medical emergency. They provide convincing details and ask for money immediately via a digital wallet payment app like Venmo or PayPal.

"You find out later that the story wasn’t true, and your money is gone." The BBB offers the following recommendations to help users avoid falling for these types of scams:

  • "Resist the urge to act immediately. No matter how convincing a phone call or voicemail may sound, hang up or close the message if something doesn’t feel right. Call the person who claimed to have called you directly with the phone number you have saved for them. Don't call back the number provided by the caller or caller ID. Ask questions that would be hard for an impostor to answer correctly.
  • Don't send money if you're in doubt. If the caller urgently asks you to send money via a digital wallet payment app or a gift card, that may be a red flag for a scam. If you wire money to someone and later realize it's a fraud, the police must be alerted.
  • Secure your accounts: Whether at work or home, set up multi-factor authentication for email logins and other changes in email settings. At work, verify changes in information about customers, employees, or vendors.
  • At work, train your staff: Create a secure culture at your office by training employees in internet security. Make it a policy to confirm all change and payment requests before transferring. Don't rely on email or voicemail."

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Blog post with links:
https://blog.knowbe4.com/voice-cloning-tech-used-in-vishing-campaigns

Can You Be Spoofed?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain?

This is how "CEO fraud" spear phishing attacks are launched on your organization. Such attacks are hard to defend against, unless your users know what to look for.

Are your email servers vulnerable to spoofing? KnowBe4 can help you find out with our free Domain Spoof Test. It's quick, easy and often a shocking discovery.

Find out now if your email server is configured correctly, many are not!

  • This is a simple, non-intrusive "pass/fail" test
  • We will send a spoofed email "from you to you"
  • If it makes it through into your inbox, you know you have a problem
  • You'll know within 48 hours!

Try to Spoof Me!
https://info.knowbe4.com/domain-spoof-test-1-chn

Compromised Credentials Postings on the Dark Web Increase 20% in Just One Year

Data trends show a clear upward momentum of posts from initial access brokers on the dark web, putting the spotlight on what may become cybersecurity’s greatest challenge.

Any organization that has made cybersecurity a priority is laser focused on putting preventative measures, multiple means of detection, and a response plan in place.

And yet, new data from CrowdStrike's 2024 Global Threat Report points to one aspect of the strategy that is falling through the cracks: users are falling for credential harvesting attacks by Initial Access Brokers (IAB).

A simple act of social engineering, a credential attack only needs to get the user to believe there's a file, etc., they need to see and when attempting to do so, are asked for their credentials. There's no malware to detect, and IABs are smart enough to use techniques to trick users that their impersonated login sites are legitimate.

And according to the CrowdStrike report, the number of posts offering up compromised credentials are on the rise — a trend that can be seen throughout all of last year. [Chart On Blog]

If the chart were an Excel chart and you added a trendline, you can already tell where it would be pointing — toward more and more posts each month. And the 2,992 posts from last year were a 20% increase over the previous year — another detail that demonstrates this is quickly becoming a trend.

As we saw with ransomware actors, there will be more IAB-centric platforms, toolkits, affiliate networks and actors getting into the game. So, what does it mean for organizations? Simple — you need to better protect users from themselves so they don't go and offer up their credentials because they weren't paying attention.

And it's that lack of attention that's the issue — something mitigated through new-school security awareness training that puts the employee into the right mindset whenever they're asked unexpectedly for their credentials.

Blog post with links and chart:
https://blog.knowbe4.com/compromised-credentials-postings-on-dark-web-increase-20-in-one-year

[NEW Whitepaper]: The Future of Phishing Defense: AI Meets Crowdsourcing

Rising phishing attacks and targeted spear phishing campaigns expose infosec professionals like you to an expanding attack surface, demanding more vigilant security measures.

You need a "tip-of-the-spear," proactive approach to mitigate real-world phishing attacks and targeted spear phishing campaigns. This is possible with the power of AI combined with crowdsourced knowledge from one of your most valuable assets: your users.

This whitepaper will explore the limitations of strictly technical controls and make the case for efficient, smart use of AI teamed with hard-won human intelligence to mitigate phishing threats.

Read this whitepaper to learn:

  • The limitations of relying solely on antiquated, technology-based platforms
  • Why a proactive approach, rather than strictly defensive, is vital for phishing mitigation
  • The importance of crowdsourcing and making users part of the team
  • Actionable advice to help you make the most out of your user- and technology-based resources

Download Now:
https://info.knowbe4.com/wp-future-phishing-defense-ai-crowdsourcing-prp-chn


Let's stay safe out there.

Warm Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [HOLY MOLY] Next-gen AI autonomous software developer spawns and trains its own AIs. Oh, and check out those images with subliminal messaging:
https://newatlas.com/technology/devin-ai-software-engineer/

PPS: [MINDBLOWING] Figure 01 robot combined with OpenAI Speech-to-Speech Reasoning:
https://www.youtube.com/watch?v=Sq1QZB5baNw

Quotes of the Week  
"The beginning of wisdom is the definition of terms."
- Socrates - Philosopher (469 - 399 BC)

"It is the mark of an educated mind to be able to entertain a thought without accepting it."
- Aristotle - Philosopher (384 - 322 BC)

Thanks for reading CyberheistNews

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-14-12-heads-up-i-am-announcing-aida-artificial-intelligence-defense-agents

Security News

BEC Attacks Rose 246% in 2023

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest. The researchers believe the increase is due to widely available phishing kits that facilitate BEC.

ReliaQuest states, "BEC attacks will almost certainly intensify through 2024, as threat actors increasingly use generative AI and sophisticated phishing kits to evade such defenses as two-factor authentication (2FA)."

The researchers point out that BEC attacks are typically more financially damaging than other forms of social engineering. "The stealthy nature of BEC leads to it often going unnoticed until the damage is done," the researchers write. "Although useful for identifying known threats, traditional detection practices are less effective against sophisticated attackers who continuously adapt their strategies.

"For example, static detection relies on spotting anomalies, such as email rules with unexpected names or actions. But attackers are using techniques that mimic expected and legitimate activities, making them harder to detect and leading to potential security breaches."

ReliaQuest also notes that attackers are getting better at bypassing organizations' security defenses. "Not only are there more means to conduct BEC, but threat actors are also becoming increasingly aware of organizations' security measures and finding ways to evade them," the researchers write.

"In a BEC attack we analyzed this year, a threat actor posed as an employee of a ReliaQuest customer and created an email rule in the employee's Outlook account. When we flagged the action as suspicious to the client's security team, the 'employee' then claimed it was intentional. Despite the claim, we recommended the customer to communicate with the employee through a different channel, which confirmed the activity was malicious."

New-school security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day.

Blog post with links:
https://blog.knowbe4.com/bec-attacks-rose-246-in-2023

Organizations Are Vulnerable to Image-based and QR Code Phishing

A majority of organizations have a false sense of security regarding their resistance to phishing attacks, according to a new report from researchers at IRONSCALES and Osterman Research.

"The study surveyed 300 IT and security professionals across a variety of industries and geographies and unveiled a troubling paradox — while over 70% of respondents said they feel their current security stack is highly effective against image-based and QR code phishing, 76% reported being compromised by these types of attacks within the past 12 months — highlighting a stark disparity between the perceived and actual effectiveness of current defenses," the researchers write.

The report found that very few organizations managed to stop every phishing attack from reaching employees' inboxes, but trained employees were able to avoid falling for these attacks.

"Only 5.5% of organizations in this research claim that they were able to detect and block all emerging types of phishing attacks so that none were released to users' inboxes," the researchers write. "At a further 18.8% of organizations, while their email security stack did release phishing attacks to users' inboxes, no users fell for them.

"At these organizations, cybersecurity awareness training appears to have created sufficient skepticism of unexpected and abnormal email messages to stop the phish from succeeding."

The report concludes that organizations must ensure that their employees can recognize new social engineering tactics. "Organizations must continuously evolve their phishing simulation programs to mirror the latest phishing techniques observed, providing employees with practical and current examples they may see if the organization's technical measures fail," the report says.

"Some email security vendors are leveraging generative AI to craft micro targeted phishing simulation tests optimized for each individual."

Blog post with links:
https://blog.knowbe4.com/organizations-vulnerable-to-image-based-qr-code-phishing

What KnowBe4 Customers Say

"Hi Stu, I love your platform, very happy user! It is being well received in my organization, training programs are engaging and informative, and phishing campaigns are very useful for myself. Customer success rep is great, very helpful!"

- M.B., Director, Digital Transformations (Head of IT)

The 10 Interesting News Items This Week
  1. UK government's ransomware failings leave the country 'exposed and unprepared':
    https://therecord.media/uk-government-ransomware-report-response

  2. Ivanti Breach Prompts CISA to Take Systems Offline:
    https://www.darkreading.com/cyberattacks-data-breaches/ivanti-breach-cisa-systems-offline

  3. Four things we learned when U.S. spy chiefs testified to Congress:
    https://techcrunch.com/2024/03/11/four-things-we-learned-when-us-spy-chiefs-testified-to-congress/

  4. LockBit ransomware affiliate gets four years in jail, to pay $860k:
    https://www.bleepingcomputer.com/news/security/lockbit-ransomware-affiliate-gets-four-years-in-jail-to-pay-860k/

  5. U.S. Department of Health and Human Services (HHS) will investigate Change Healthcare attack:
    https://therecord.media/hhs-investigating-unitedhealth-after-ransomware-attack

  6. [HOLY MOLY] Next-gen AI software developer spawns and trains its own AIs:
    https://newatlas.com/technology/devin-ai-software-engineer/

  7. French unemployment agency data breach impacts 43 million people:
    https://www.bleepingcomputer.com/news/security/french-unemployment-agency-data-breach-impacts-43-million-people/

  8. Apple Buys Canadian AI Startup as It Races to Add Features:
    https://www.bloomberg.com/news/articles/2024-03-14/apple-aapl-buys-canadian-ai-startup-darwinai-as-part-of-race-to-add-features

  9. Midnight Blizzard exploits data stolen from Microsoft:
    https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/

  10. Exclusive: After LockBit's takedown, its purported leader vows to hack on:
    https://therecord.media/after-lockbit-takedown-its-purported-leader-vows-to-hack-on

Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff

Topics: Cybercrime, KnowBe4



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews