• Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact
Menu

Exploring Information Security

Securing the Future - A Journey into Cybersecurity Exploration
  • Explore
  • Blog
  • Podcast
  • Community
  • About
  • Services
  • Contact

Image created by ChatGPT.

Security Awareness Newsletter From August 2024

September 10, 2024

These are news stories I’ve shared internally at my company. Feel free to take and use as part of your security awareness program.

Russia-linked Operations Target Paris 2024 Olympics 

In the lead-up to the 2024 Summer Olympics in Paris, Russian-linked actors launched a disinformation campaign to discredit France’s hosting capabilities and spread fear of terrorist attacks. These operations employed tactics like AI-generated videos, fake news reports, and social media hashtags to undermine confidence and create chaos. France's support for Ukraine has made it a target for these hybrid destabilization efforts. Stay vigilant against misinformation and verify sources before sharing content online. 

Key Insights: 

  • Russian-linked actors are targeting the Paris 2024 Olympics. 

  • Disinformation tactics include AI-generated content and fake news. 

  • The campaign aims to undermine confidence and spread fear. 

  • Verify information from trusted sources to avoid spreading misinformation. 

For more details, visit the DFRLab article. 

 

 

Ransomware Attacks on Blood Suppliers 

In a concerning trend, blood suppliers have faced three ransomware attacks in the past three months. The latest victim, OneBlood, experienced a significant disruption, impacting over 350 hospitals and causing a critical shortage of blood supplies. This follows similar attacks on Synnovis and Octapharma, highlighting the growing threat to healthcare infrastructure. The American Hospital Association urges health systems to review their contingency plans to mitigate such risks. 

Key Insights: 

  • OneBlood hit by ransomware, causing severe blood supply disruptions. 

  • Recent attacks also targeted Synnovis and Octapharma. 

  • Increased targeting of healthcare infrastructure by ransomware groups. 

  • Review and update contingency plans to ensure operational resilience. 

For more details, visit the Healthcare IT News article. 

 

 

Surge in Data Breach Victims in 2024 

In the first half of 2024, over 1 billion individuals were affected by data breaches, a staggering increase compared to 2023. The majority of breaches targeted financial services, healthcare, and manufacturing sectors. Alarmingly, there is a significant rise in attacks with unspecified vectors, highlighting a need for improved transparency and information sharing to bolster defense strategies. Phishing remains the primary attack method, underscoring the importance of robust security awareness training. 

Key Insights: 

  • Over 1 billion victims in the first half of 2024. 

  • Top targets: financial services, healthcare, manufacturing. 

  • Increase in unspecified attack vectors. 

  • Phishing remains the leading attack method. 

For more details, visit the KnowBe4 article. 

 

 

Foreign Influence Actors Adapting to U.S. Presidential Race 

U.S. intelligence agencies have identified that foreign influence actors are adapting their strategies in response to changes in the 2024 U.S. presidential race. These actors are leveraging social media, misinformation campaigns, and other digital tactics to sway public opinion and disrupt the electoral process. Key sources of influence include Russia, China, and Iran, each employing sophisticated techniques to achieve their objectives. 

Key Insights: 

  • Foreign actors are evolving their methods to interfere in the U.S. elections. 

  • Tactics include social media manipulation and misinformation. 

  • Vigilance and media literacy are crucial to counter these threats. 

For more details, visit the Reuters article. 

 

 

$40 Million Recovered from International Email Scam 

Interpol's Global Rapid Intervention of Payments (I-GRIP) mechanism helped recover over $40 million from an international email scam targeting a Singapore-based commodity firm. The scam involved a fraudulent email from a fake supplier requesting payment to a new bank account. Swift action by Singapore and Timor Leste authorities led to the interception of funds and the arrest of seven suspects. 

Key Insights: 

  • Swift action: Crucial in intercepting fraudulent funds. 

  • Global cooperation: Essential for combating international scams. 

  • Awareness: Verify email requests for fund transfers. 

For more details, visit the Interpol article. 

 

 

Cyberattack on France's Grand Palais During Olympics 

France's Grand Palais suffered a ransomware cyberattack during the 2024 Olympic Games. The attack led to operational disruptions, particularly affecting museum bookstores and boutiques. Swift action was taken to prevent the spread of the attack, and temporary autonomous solutions were implemented to keep stores operational. Authorities, including ANSSI and CNIL, were informed, and preliminary investigations found no data exfiltration. This incident highlights the importance of robust cybersecurity measures, especially during major events. 

Key Insights: 

  • Ransomware Attack: Disrupted operations at Grand Palais. 

  • Immediate Response: Systems shut down to prevent spread. 

  • No Data Exfiltration: Preliminary findings are positive. 

For more details, visit the Bleeping Computer article. 

 

 

Rising Costs of Data Breaches in Healthcare 

A recent report by IBM and the Ponemon Institute revealed that the healthcare industry faces the highest average data breach costs at $10.93 million, significantly above the global average of $4.45 million. These breaches, often involving stolen credentials, can take up to 292 days to resolve. Healthcare organizations are urged to implement AI and automation in cybersecurity to reduce breach lifecycle and costs. Incident response planning and stringent data protection measures are essential to mitigate these risks. 

For more details, visit the Security Intelligence article. 

 

 

Enhanced Protection in Chrome 

Google has revamped the Chrome downloads experience to boost security and user awareness. The redesigned interface now offers detailed warnings, classifying files as either suspicious or dangerous, using AI-powered assessments. Enhanced Protection mode users benefit from automatic deep scans for suspicious files, providing extra layers of safety against new malware. Additionally, Chrome now tackles encrypted malicious files by prompting users to enter passwords for deep scans, enhancing protection even further. These updates aim to reduce user bypassing of warnings and improve overall safety when downloading files. 

For more details, visit the Google Security Blog. 

 

 

New Phishing Campaign Exploits Google Drawings and WhatsApp 

Menlo Security has uncovered a sophisticated phishing campaign that abuses Google Drawings and WhatsApp's URL shortener to deceive users. The attack redirects victims from what appears to be legitimate links to malicious sites mimicking trusted brands like Amazon. These tactics make it difficult for users and traditional security tools to detect the threat. Stay cautious of unexpected emails with links or attachments, even if they appear to be from familiar sources. 

Key Insights: 

  • Exploited Platforms: Google Drawings and WhatsApp's URL shortener. 

  • Phishing Tactics: Redirection to malicious sites mimicking trusted brands. 

  • Recommendation: Be cautious of unexpected emails with links, even from known sources. 

For more details, visit the Menlo Security article. 

 

 

Real Social Engineering Attack on KnowBe4 Employee Foiled 

KnowBe4 recently thwarted a social engineering attack targeting one of its employees. The attacker, posing as a customer support representative, attempted to gain unauthorized access to internal systems by exploiting trust and urgency. The employee recognized the signs of a phishing attempt and reported the incident immediately. This event underscores the importance of ongoing security awareness training and vigilance against social engineering tactics. 

Key Insights: 

  • Social Engineering: Attackers may pose as trusted sources to gain access. 

  • Vigilance: Recognizing and reporting suspicious activity is crucial. 

  • Training: Regular security awareness training is essential to prevent such attacks. 

For more details, visit the KnowBe4 article. 

 

 

Beware of Misinformation on TikTok: Protect Yourself from Political Lies 

In today's digital age, social media platforms like TikTok are not just sources of entertainment—they have become powerful tools for spreading information, both true and false. A recent study revealed that a staggering 33% of young Americans have been exposed to political lies on TikTok. This statistic highlights a growing concern: the rapid spread of misinformation, particularly among younger generations. 

Why This Matters: Misinformation, especially on social media, can influence opinions, sway elections, and even create social unrest. For cybercriminals, misinformation is a weapon. They can use false information to manipulate public perception, incite division, or even scam users by blending lies with phishing attacks. 

How to Protect Yourself: 

  1. Verify Before You Trust: Always cross-check information from multiple credible sources before believing or sharing it. Look for news from established, reputable outlets. 

  1. Be Skeptical of Viral Content: Just because something is popular doesn't mean it's true. Viral videos and posts may be designed to elicit strong emotional responses, making it easier to spread falsehoods. 

  1. Watch for Red Flags: Pay attention to signs of misinformation, such as sensational headlines, lack of credible sources, and emotionally charged language. 

  1. Educate Yourself and Others: Stay informed about the tactics used by those who spread misinformation. Share your knowledge with friends and family to help them avoid being misled. 

Conclusion: As we continue to navigate the complex world of social media, staying vigilant against misinformation is crucial. By adopting a skeptical mindset and verifying the content we encounter online, we can protect ourselves and our communities from the harmful effects of political lies and other forms of disinformation. 

 

 

Exposed Passwords Highlight Risk 

A recent breach at National Public Data (NPD) underscores the critical need for strong security practices. NPD inadvertently published administrator passwords to their backend database, exposing sensitive information. This incident, coupled with a previous massive data leak, highlights the importance of securing credentials and regularly updating passwords. Users of similar services should take immediate steps to protect their personal information, including freezing their credit files and monitoring their accounts for suspicious activity. 

Key Takeaway: Ensure your passwords are strong, unique, and updated regularly to avoid similar risks. 

Read more 

 

 

Unmasking Styx Stealer 

Checkpoint Research uncovered the Styx Stealer malware, designed to steal browser data, cryptocurrency, and instant messenger sessions. The developer's operational security mistakes, including leaking data during debugging, led to a treasure trove of intelligence. This discovery linked Styx Stealer to the Agent Tesla malware campaign, revealing details about the cybercriminals involved, including their identities and operations. 

Key Insights: 

  • Malware Functionality: Steals browser data, cryptocurrency, and instant messenger sessions. 

  • OpSec Failures: Leaks led to significant intelligence gathering. 

  • Linkage: Connected to the Agent Tesla campaign and other cybercriminals. 

For more details, visit the Checkpoint article. 

 

 

AI Vishing Threats on the Rise 

Recent research by KnowBe4 has demonstrated that unsuspecting call recipients are highly vulnerable to AI-driven vishing (voice phishing) attacks. These attacks leverage AI to create highly convincing voice manipulations, often impersonating trusted individuals or authority figures. The study highlights the importance of being skeptical of unsolicited calls, even if the caller sounds familiar. Employees should verify the authenticity of any unexpected requests over the phone before taking action. 

Key Insights: 

  • AI Vishing: Increasingly sophisticated and convincing. 

  • Verification: Always verify unexpected phone requests. 

  • Awareness: Stay vigilant against unsolicited calls. 

For more details, visit the KnowBe4 article. 

 

 

Employment Scams Targeting Job Seekers 

KnowBe4 reports a surge in employment scams targeting job seekers. Scammers pose as legitimate employers, often using fake job postings or direct outreach to collect personal information and money from victims. These scams exploit the urgency and desperation of job seekers, making them particularly effective. To protect yourself, always verify job offers through official channels, be cautious of unsolicited communications, and avoid sharing sensitive information without thorough verification. 

Key Insights: 

  • Scam Tactics: Fake job postings and direct outreach. 

  • Target: Personal information and money from job seekers. 

  • Recommendation: Verify job offers through official channels. 

For more details, visit the KnowBe4 article. 

 

 

Protect Yourself from File-Sharing Phishing Attacks 

Over the past year, file-sharing phishing attacks have surged by 350%, targeting employees through fake notifications from services like Google Drive or Dropbox. These attacks aim to steal sensitive information or infect your device with malware. To protect yourself, always verify the legitimacy of file-sharing requests, avoid clicking on suspicious links, and report any unusual emails to IT immediately. Staying vigilant is key to keeping our organization secure. 

For more details, visit the KnowBe4 article. 

 

 

Beware of Travel-Themed Spam Scams 

Bitdefender’s AntiSpam Lab warns that half of all travel-themed spam messages circulating worldwide are scams. Attackers are specifically targeting users of popular travel sites like Booking.com and Airbnb. These scams often involve fake booking confirmations and travel deals designed to steal personal information or deliver malware. With the travel season in full swing, it's essential to verify the authenticity of any travel-related emails and avoid clicking on suspicious links. 

Key Insights: 

  • 50% of travel-themed spam messages are scams. 

  • Targeted Platforms: Booking.com and Airbnb users. 

  • Recommendation: Verify emails and book through trusted sources. 

For more details, visit the Bitdefender article. 

 

 

Beware of Phishing Attacks Using URL Shorteners 

Phishing attacks are increasingly leveraging URL shorteners to obfuscate malicious links, making it harder for users to recognize potential threats. These shortened URLs often appear in emails or text messages, leading victims to fraudulent websites that steal personal information or deploy malware. To protect yourself, always hover over links to reveal their true destination, and avoid clicking on shortened URLs from unknown sources. 

For more details, visit the KnowBe4 article. 

 

 

Surge in Microsoft Brand Impersonation Attacks 

A recent report shows a 50% increase in phishing attacks impersonating Microsoft in just one quarter. These attacks target users by mimicking Microsoft’s branding to steal credentials or deploy malware. Given Microsoft’s widespread use in organizations, employees should be extra cautious when receiving emails claiming to be from Microsoft, especially those requesting login details or prompting downloads. Always verify the sender's address and report suspicious emails to IT. 

For more details, visit the KnowBe4 article. 

 

North Korean IT-Worker Scheme Exposed in Tennessee 

A Nashville resident, Matthew Isaac Knoot, was arrested for facilitating a scheme that funneled hundreds of thousands of dollars to North Korea’s illicit weapons program. Knoot allegedly helped North Korean IT workers secure remote jobs with U.S. and British companies by using stolen identities. The funds, earned through six-figure salaries, were laundered and funneled back to North Korea. This case underscores the growing threat of North Korean cyber operations targeting remote work environments. 

For more details, visit the full article. 

 

Cyber Threats Targeting US Elections 2024 

As the US elections approach on November 5, 2024, cybercriminals are intensifying their efforts to exploit the event. From phishing campaigns using candidate names to fake websites and domains designed to mislead voters, these threats are aimed at manipulating voter sentiment and stealing personal information. 

Key Insights: 

  • Candidate Names: Used in domains to create believable phishing sites. 

  • Election Manipulation: Emotional appeals to influence voter behavior. 

  • Financial Fraud: Fake donation sites and meme coins targeting voters. 

For more information, visit BforeAI. 

 

 

Beware of QR Code Phishing: Microsoft Sway Abused 

A new phishing campaign is leveraging QR codes in emails to trick users into visiting malicious websites hosted on Microsoft Sway. This attack is particularly dangerous because it bypasses traditional email security filters and targets users on mobile devices, where security controls are often weaker. 

Key Insights: 

  • Targets: Tech, manufacturing, and finance sectors. 

  • Method: QR codes embedded in phishing emails. 

  • Action: Be cautious when scanning QR codes, especially from unsolicited emails. 

Stay vigilant and educate your teams about this evolving threat. For more details, visit BleepingComputer. 

 

 

Malvertising Campaign Impersonates Google Products 

A recent malvertising campaign has been detected, impersonating various Google products to lure users into tech support scams. These malicious ads, exploiting Google’s Looker Studio, redirect victims to fake Microsoft or Apple warning pages, urging them to call a fraudulent support number. This campaign serves as a reminder to be cautious of online ads, even those that appear to represent trusted brands. 

Key Insights: 

  • Target: Users of Google products. 

  • Tactics: Fake tech support scams via malvertising. 

  • Impact: Potential malware installation and data theft. 

For more details, visit KnowBe4. 

 

 

When Get-Out-The-Vote Efforts Resemble Phishing Scams 

As election season approaches, many citizens receive text messages urging them to get out and vote. While these messages often come from well-intentioned organizations, a recent campaign highlighted by KrebsOnSecurity shows how such efforts can closely resemble phishing scams. 

In this case, a fake political consulting firm sent out mass texts linking to websites that requested personal information under the guise of verifying voter registration. The messages were a scam trying to get people to give up sensitive personal information. 

Here’s how you can protect yourself: 

  1. Verify the Source: Always check the sender’s identity and verify the website independently. Visit official government websites directly rather than clicking on links in unsolicited messages. 

  1. Look for Red Flags: Be wary of messages that create a sense of urgency, request personal information, or direct you to unfamiliar websites.  

  1. Report Suspicious Messages: If you suspect a message is a phishing attempt, report it to the relevant authorities or your organization's IT department. 

While voter registration is crucial, ensuring the integrity of the process and protecting personal information is equally important. Stay informed and vigilant to avoid falling victim to phishing scams during election season. 

For more details, visit KrebsOnSecurity. 

 

 

GenAI and the Surge of AI-Driven Fraudulent Websites 

Cybercriminals are increasingly leveraging large language models (LLMs) to scale the creation of fraudulent websites, including phishing sites and fake online stores. Netcraft reports a significant rise in AI-generated content for scams, with a 3.95x increase in such websites from March to August 2024. These AI tools enhance the credibility of scams by improving text quality, making malicious content more convincing and harder to detect. Organizations must enhance their defenses to mitigate the risks posed by this emerging threat. 

Key Insights: 

  • LLMs are used to generate convincing text for scams. 

  • AI-driven scams have seen a sharp increase in recent months. 

  • Monitoring and takedown strategies are essential to combat this trend. 

Further Reading: Netcraft Blog 

 

 

Scammers Exploit Fake Funeral Livestreams for Financial Gain 

Cybercriminals are using fake funeral livestreams on social media to exploit grieving families. These scams, often promoted through compromised accounts, lead victims to payment pages that charge excessive fees. This trend underscores the need for vigilance online, even during sensitive moments like a loved one's passing. Users should be cautious when encountering unexpected payment requests for livestreams and report suspicious activity. 

Further Reading: KnowBe4 Blog 

 Originally posted on exploresec.com.

 

 

 

In News Tags Newsletter, Security Awareness
← How to Get a Pentest: A Step-by-Step Guide for OrganizationsPhishing Threat Intelligence From August 2024 →

Latest PoDCASTS

Featured
Dec 9, 2025
How to Manage Cybersecurity Awareness Month
Dec 9, 2025
Dec 9, 2025
Dec 2, 2025
Exploring the Next Frontier of IAM: Shared Signals and Data Analytics
Dec 2, 2025
Dec 2, 2025
Nov 25, 2025
How to Close the Cybersecurity Skills Gap with a Student Powered SOC
Nov 25, 2025
Nov 25, 2025
Nov 18, 2025
What is the 2025 State of the API Report From Postman?
Nov 18, 2025
Nov 18, 2025
Nov 11, 2025
How AI Will Transform Society and Affect the Cybersecurity Field
Nov 11, 2025
Nov 11, 2025
Nov 4, 2025
[RERELEASE] How Macs get Malware
Nov 4, 2025
Nov 4, 2025
Oct 28, 2025
[RERELEASE] Why communication in infosec is important - Part 2
Oct 28, 2025
Oct 28, 2025
Oct 21, 2025
[RERELEASE] Why communication in infosec is important
Oct 21, 2025
Oct 21, 2025
Oct 14, 2025
Exploring AI, APIs, and the Social Engineering of LLMs
Oct 14, 2025
Oct 14, 2025
Oct 7, 2025
How to Prepare a Presentation for a Cybersecurity Conference
Oct 7, 2025
Oct 7, 2025

Powered by Squarespace