CyberheistNews Vol 15 #01 | January 7th, 2025
[No Time to Waste] The 2025 Cybersecurity Tightrope: What's Next for The World?
Here we go again: as the Trump Administration steps into office on January 20, the U.S. faces a cybersecurity landscape riddled with challenges. From state- sponsored hacks to the relentless tide of ransomware, the stakes have never been higher. And it's the same all over the world.
Let's rewind a bit. When the Biden Administration took over four years ago, the cybersecurity outlook was already grim. The infamous SolarWinds breach was fresh in everyone's minds — a massive infiltration by Russian hackers that exposed vulnerabilities in government and corporate systems alike.
Biden promised to make cybersecurity a top priority, and to his credit, his administration rolled out several solid initiatives. These included executive orders to strengthen federal networks, strategies to shift responsibility onto software vendors and international crackdowns on ransomware gangs.
But despite these efforts, cybercrime is thriving globally.
Why? For one, cybercriminals and nation-state actors are often out of reach, operating from countries where local law enforcement can't touch them. Add to that the explosive growth of IoT devices and AI, and you've got a recipe for constant vulnerability.
U.S. Deputy National Security Advisor Anne Neuberger put it bluntly: some companies still aren't getting the cybersecurity basics right. Yes, it starts with the two most effective measures — patching software and training employees — but it is also about locking down critical infrastructure before adversaries can exploit it.
Now, it's the Trump Administration's turn to tackle these challenges. Their new platform promises to strengthen defenses and impose tougher penalties on cyberattackers, with a particular focus on China. It's a bold vision, but if the last four years taught us anything, it's that good intentions aren't enough.
Here's the reality: cybersecurity is a global team sport. Businesses, governments and individuals all play a role in protecting the digital ecosystem. As the new administration takes the field, let's hope they can rally all the world's stakeholders to take a more proactive — and united — approach to keep bad actors out of our networks.
Read on in this newsletter for articles that summarize 2024's epic failures.
KnowBe4's HRM+ in Action: Measuring and Managing Human Risk
Over 74% of breaches are attributed to human error, but less than 3% of security spending is focused on the human layer. So how do you maximize your resources and budget while making a real impact on reducing human risk?
Join us live to discover how KnowBe4's HRM+, the most comprehensive human risk management platform, can empower you to turn the tables on AI-powered social engineering threats. Learn how you can transform your greatest vulnerability — your workforce — into your strongest line of defense.
We'll showcase how HRM+ empowers you to:
- Generate personalized phishing templates and quizzes based on users' risk profiles in mere minutes using AI
- Deliver adaptive training and simulated social engineering attacks tailored to individual users
- Detect and respond to cyber threats faster to reduce risk and maximize your limited resources
Stay ahead of the curve and revolutionize your approach to human risk management by fighting AI with AI.
Date/Time: TOMORROW, Wednesday, January 8, @ 2:00 PM (ET)
Save My Spot!
https://info.knowbe4.com/en-us/hrm-live-demo?partnerref=CHN2
The Biggest Breaches and AI Threats of 2024: What You Need to Know
Grab your coffee; let's take a quick look at 2024's cyber disasters. It's been a wild ride, with major data breaches and increasingly "real" AI-driven attacks reminding us why cybersecurity needs to be a top priority.
Data Breaches That Shook the Year
One of the most alarming breaches came early in the year when Change Healthcare, a critical player in the healthcare sector, suffered a devastating cyberattack. Hackers — linked to the notorious BlackCat ransomware group — made off with health insurance details, medical records and personal information belonging to up to 110 million Americans. That's right — nearly a third of the U.S. population was affected. The fallout? Sky-high privacy concerns and a stark reminder of how lucrative healthcare data is for attackers.
Then, there was the Internet Archive breach, which hit a staggering 33 million users. Hackers exploited a misconfigured GitLab file containing an authentication token, giving them access to the site's source code and its user database. The attack not only jeopardized millions of accounts but also highlighted the dangers of overlooked security basics like proper file permissions.
AI-Powered Phishing: The Next Frontier
While breaches dominated headlines, AI stepped into the spotlight, making phishing attacks scarily effective. Armed with AI tools, cybercriminals are crafting phishing emails that are eerily accurate, mimicking the tone, style and even specific details of legitimate communications.
Executives and high-level employees were prime targets, as these hyper personalized scams aimed to bypass traditional security measures.
These AI-driven attacks underscore a sobering reality: attackers are evolving faster than many organizations' defenses. If phishing emails look just like genuine correspondence, how can anyone stay safe?
Lessons Learned
Here's the deal: The 2024 breaches and AI threats proved that the basics like strong passwords, phishing-resistant MFA and employee training are non-negotiable. But it's also a wake-up call to prioritize advanced measures like AI to fight fire with fire.
As we head into 2025, one thing is clear: Cybercriminals aren't slowing down. Staying informed, proactive, and prepared is your best defense. Ready to tighten your cyber game? Make it a 2025 New Year's resolution.
Read more details about the 2024 horror stories here:
https://thecyberexpress.com/biggest-global-data-breaches-of-2024/
https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2024/
https://arstechnica.com/security/2025/01/ai-generated-phishing-emails-are-getting-very-good-at-targeting-executives/
AI vs. AI: Transforming Cybersecurity Through Proactive Technologies
Cybercriminals are using AI to outsmart traditional defenses, making the world more dangerous for the rest of us. They're deploying AI-generated deepfake videos to impersonate executives and using AI-powered chatbots to mimic trusted colleagues in sophisticated social engineering attacks.
As an IT professional, you have the power to turn the tables. Now is the time to leverage the power of AI to protect your organization and gain a critical edge in cybersecurity.
Join us for this webinar where James McQuiggan, Security Awareness Advocate at KnowBe4, helps you understand how your organization can harness AI-powered agents for real-time threat detection, predictive analytics and automated training.
You'll learn:
- Jaw-dropping examples of hyper-personalized phishing and shape-shifting malware attacks
- New strategies to deploy AI and autonomous agents as your 24/7 cyber guardians
- How to harness predictive analytics to stay two steps ahead of evolving threats
- About the ethical minefield of AI in cybersecurity and how to navigate it safely
- Practical, actionable steps to leverage AI in your human risk management strategy
Attend this webinar to arm yourself with the knowledge and strategies you need, and earn CPE credit for attending!
Date/Time: Wednesday, January 15, @ 2:00 PM (ET)
Can't attend live? No worries — register now and you will receive a link to view the presentation on-demand afterwards.
Save My Spot!
https://info.knowbe4.com/ai-vs-ai?partnerref=CHN
Tax-Themed Phishing Campaign Delivers Malware Via MSC Files
Securonix warns that tax-themed phishing emails are attempting to deliver malware via Microsoft Management Console (MSC) files. "The attack likely starts with either a phishing email link or attachment," the researchers explain.
"While we were not able to obtain the original phishing email used in the attack, the lures and nomenclature used in the filenames and lure documents suggest that the campaign follows standard tax-themed phishing methods.
"All of the documents examined are in English and one of them is a general tax document that appears to be prepared by the government of Pakistan." This particular attack is targeting users in Pakistan, but the researchers note that the use of .msc files in phishing attacks is starting to pick up traction more broadly.
"Threat actors can exploit these .msc files because of their ability to execute embedded scripts or commands under the guise of legitimate administrative tools," the researchers explain. "In this scenario we observed the use of JavaScript, though the execution of VBScript is also supported.
"Therefore, any malicious code executed through the .msc file will execute under the context of mmc.exe. The robust flexibility of MMC files can be exploited maliciously since attackers can craft .msc files that, when opened, execute arbitrary code without explicit user consent."
Securonix recommends that users "avoid downloading files or attachments from external sources, especially if the source was unsolicited." The researchers add, "Malicious payloads from phishing emails can be delivered as direct attachments or links to external documents to download. Common file types include zip, rar, iso, and pdf."
New-school security awareness training gives your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 orgs worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Blog post with links:
https://blog.knowbe4.com/tax-themed-phishing-campaign-delivers-malware-via-msc-files
Security Awareness Training and Real-Time Security Coaching: The Perfect Combination
A whopping 74% of all data breaches can be traced to human-related causes, and it's easy to see why. In a world where networks and applications are becoming increasingly difficult to compromise, humans are the primary attack vector.
It's the main reason why real-time security coaching has emerged as a new category of cybersecurity tools focused on the human layer of cybersecurity strategy. Real-time security coaching analyzes and responds to risky employee behavior as it happens.
Alongside your security awareness training program, it's now a critical component of strengthening your organization's security culture.
Read this whitepaper to learn:
- Six ways real-time security coaching complements and reinforces your security awareness training
- Why it's the next logical step to your mature security awareness training program
- How your organization can measure and quantify risk based on human behavior and go beyond security awareness training and simulated phishing
Download Now:
https://info.knowbe4.com/sat-real-time-security-coaching-the-perfect-combination-sch-chn
Let's stay safe out there.
Warm regards,
Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.
PS: "Get Beyond Security Awareness Training" Does Not Mean Forgetting About It:
https://blog.knowbe4.com/lets-get-beyond-security-awareness-training-does-not-mean-forgetting-about-it
- C.S. Lewis, British writer and scholar (1898–1963)
- Peter Drucker, American management consultant (1909–2005)
You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-15-01-no-time-to-waste-the-2025-cybersecurity-tightrope-what-is-next-for-the-world
Scammers Impersonate UNICEF to Steal Money Intended for Children in Gaza
A phishing campaign is impersonating UNICEF and attempting to trick people into sending money for children in Gaza, according to researchers at Bitdefender.
Users should always be wary of messages related to high-profile crises, especially if the messages attempt to play on their emotions.
"Spam emails and scams flooding email accounts always follow any humanitarian crisis," Bitdefender says. "In fact, the same goes for events that have global reverberations. Criminals always try to take advantage of notable events to persuade people to donate."
In this case, the scammers simply ask recipients to respond to the email for more information. This tactic helps the emails bypass security filters and allows the attacker to begin a conversation with the target.
"The user can also rely on skepticism as a powerful identification tool," Bitdefender says. "But that feeling that something is not right needs clues to work. One crucial clue is when an attacker straight-up provides direct contact information or banking details or asks for a specific sum of money.
"Better yet, in some emails, the scammer even tries to persuade the user to pay in cryptocurrency, which is an even redder flag. But in this email, the attacker doesn't ask for anything specific, just to respond to the message."
Notably, the emails also ask users to send back a read receipt after they've opened the message. "If the user confirms the read receipt, it tells the scammer that the email address is active and that the user is not a person who carefully reads emails," the researchers write.
"Also, if the user replies, wanting to know how to help, the scammer already knows that the chances of tricking a victim into sending money dramatically increase. In some situations, the victims will be asked to access a link, provide various credentials, or move to another, more ‘secure' platform."
Bitdefender offers the following advice to help users avoid falling for these scams:
- "Be wary of emails that claim to come from humanitarian organizations.
- If you want to help, contact the organization directly and not via links or phone numbers provided in emails or other messages.
- Don't click on links, don't offer any kind of credentials, and do not agree to move to another platform.
- Do not confirm that you've read the message. It only offers precious information to the attackers."
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Bitdefender has the story:
https://www.bitdefender.com/en-us/blog/hotforsecurity/scam-donations-unicef
What KnowBe4 Customers Say
"I'm happy to share that we're very pleased with the training and phishing service. It has proven to be a valuable tool for raising awareness and strengthening our team's security posture here. The results have been positive, and the team appreciates the practical and engaging approach of the service.
"We're excited to continue working with you and look forward to seeing how the service evolves in the future. Please don't hesitate to reach out if there's anything new or additional you think could benefit us further."
- P.T., Director Information Technology
- Top 10 Cybersecurity Trends to Watch in 2025:
https://www.databreachtoday.com/top-10-cybersecurity-trends-to-watch-in-2025-a-27191? - AI-generated phishing emails are getting very good at targeting executives:
https://arstechnica.com/security/2025/01/ai-generated-phishing-emails-are-getting-very-good-at-targeting-executives/ - Ransomware is 35 years old and now a billion-dollar problem. Here's how it could evolve:
https://www.cnbc.com/2024/12/30/ransomware-35-years-on-history-behind-hacking-method-and-whats-next.html - AT&T and Verizon say networks are secure after being breached by China-linked Salt Typhoon hackers:
https://techcrunch.com/2024/12/30/verizon-says-it-has-secured-its-network-after-breach-by-china-linked-salt-typhoon-group/ - HIPAA to be updated with cybersecurity regulations, White House says:
https://therecord.media/hipaa-cybersecurity-regulations-update - Threat actors stole $2.2 billion worth of cryptocurrency last year:
https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2025/ - U.S. Treasury says Chinese hackers stole documents in 'major incident':
https://www.reuters.com/technology/cybersecurity/us-treasurys-workstations-hacked-cyberattack-by-china-afp-reports-2024-12-30/ - U.S. Soldier Arrested in Verizon, AT&T SnowFlake Hacks:
https://www.darkreading.com/cyberattacks-data-breaches/us-soldier-arrested-in-verizon-at-t-hack - Phishing campaign targeted Chrome browser extension developers, compromising 35 extensions:
https://www.bleepingcomputer.com/news/security/new-details-reveal-how-hackers-hijacked-35-google-chrome-extensions/ - U.S. sanctions China's Integrity Technology over alleged hacking sweep:
https://www.reuters.com/technology/cybersecurity/us-issues-cybersecurity-sanctions-against-chinas-integrity-technology-2025-01-03/
- [SUPER FAVE!] Insta360 - Best Action Videos of 2024:
https://youtu.be/lg1ophkGdQM - Virtual Vaca #1: 2024 Year of Travel in Review: Amazing Places on Our Planet:
https://youtu.be/hWitL8As7fw - Virtual Vaca #2 Budapest , Hungary - by drone:
https://youtu.be/Y8s1rJV3ut0 - Your Future Vaca! - Top 10 Places To Visit in 2025:
https://youtu.be/eLPVDaaQybY - Best Of The Year 2024 | People Are Awesome:
https://youtu.be/rv9359XhW30 - Need some space? Heaven Of Earth 120 Fps Dolby Vision - 4K ULTRA HD:
https://youtu.be/yLAvSUYgxiw - Vintage Snow Days: 1920s is Brought To Amazing Life:
https://youtu.be/bGAqb94Lzzo - W16 Mistral World record: Redefining Open-Top Speed At 453.91 Km/h:
https://youtu.be/lI-XkyYR3X0 - Ukrainian freediver sets world record!:
https://youtu.be/OsWSZXajJDQ - Why The World's Tallest Tower Doesn't Topple:
https://youtu.be/BjJT0zFGQiE - Tree Surfer / Wingsuit Base Jump / Slovenia / 2024:
https://youtu.be/CKonIaHqWg0 - For Da Kids #1 - Our Big Bear Family:
https://youtu.be/J184FmCiuLk - For Da Kids #2 - Grieving Dog Finds Love Again Thanks To This Cat:
https://youtu.be/_f3EC1_84iM - For Da Kids #3 - Mama Raccoon Is Hiding A Surprise In This House:
https://youtu.be/6jGCll9OxAI - For Da Kids #4 - Bossy Turkey Befriends a Man And Screams For His Kisses:
https://youtu.be/PJ0dx_UpssM - For Da Kids #5 - Couple Rescued a Baby Fox and Gave Her a Dog Brother:
https://youtu.be/fHft0Nt6_rM
