blog-slider.jpg

KnowBe4

Security Awareness Training Blog


Keeping You Informed. Keeping You Aware.

Hackers Invade German Ministries of Defense and Foreign Affairs

Hackers Invade German Ministries of Defense and Foreign Affairs

Foreign hackers have invaded secure networks of various German government departments. According to German and Dutch media, the Ministries of Foreign Affairs and Defense were among the targets. The authorities say that the government departments involved have improved their network Security.

Sources within the German security services say to German media that the hackers belong to the Russian group APT28, which is also known under the name Fancy Bear. It is not known what data has been captured. The German security services would have known about the data breach since the end of last year.

Cyberheists Linked to Russian Hackers Targets Banks From Moscow to Utah

Cyberheists Linked to Russian Hackers Targets Banks From Moscow to Utah

A previously unknown ring of Russian-speaking hackers has stolen as much as $10 million from U.S. and Russian banks in the last 18 months, according to a Moscow-based cyber-security firm Group-IB that runs the largest computer forensics laboratory in eastern Europe.

Dark Overlord hackers reveal plans to leak 'Hollywood database stolen from top studio'

Dark Overlord hackers reveal plans to leak 'Hollywood database stolen from top studio'

Criminal hacking group The Dark Overlord is threatening to leak the internal client data of top Hollywood production studio Line 204, IBTimes UK has learned.

The seemingly international group of hackers, which recently targeted streaming giant Netflix and a London-based plastic surgeon's office, provided evidence that it had accessed the firm's customer database. It has shared information with IBTimes – including hundreds of contracts, files and client invoices.

"As with all of our friends who don't accept one of our handsome business proposals, we'll handle them appropriately by publicly releasing all their client data, documents, intellectual property, and other sensitive documentation," the group said via encrypted chat. 

Is combosquatting a new trick hackers use to lure users into visiting malicious websites?

Is combosquatting a new trick hackers use to lure users into visiting malicious websites?

Georgia Tech researchers reported that hackers are using a technique identified with a newly coined term "combosquatting" to trick users into visiting malicious websites.

Sorry to break it to you guys, but this type of social engineering has been done for at least a decade. Perhaps the actual news is the scale and fully automated level it happens at today.

Hackers Target Nation’s Schools

Hackers Target Nation’s Schools

Tawnell D. Hobbs at the Wall Street Journal wrote:
 

"Hackers looking to exploit sensitive information for profit are increasingly targeting the nation’s schools, where they are finding a relatively weak system to protect a valuable asset: student data.

"Cyberthieves have struck more than three dozen school systems from Georgia to California so far this year, stealing paychecks and data or taking over networks to extort money. The thefts have prompted many school officials to hire cyber security consultants to fight back against a trend that experts say is growing fast.

"The attackers have gained access to servers containing student names, addresses, social security numbers, birth dates, academic performance, phone numbers and medical and discipline records—in some cases releasing data in an escalating series of demands and actions.

The CCleaner app, designed for good cyber hygiene, was itself infected with a backdoor by hackers

The CCleaner app, designed for good cyber hygiene, was itself infected with a backdoor by hackers

Cisco's TALOS security researchers discovered a devious way to infect millions of machines. They said: "Supply chain attacks are a very effective way to distribute malicious software into target organizations. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. This trust relationship is then abused to attack organizations and individuals and may be performed for a number of different reasons."

Subscribe To Our Blog

Phish Your Users

Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews