BuzzSec

Check out the December updates in Compliance Plus so you can stay on top of featured compliance training content. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-cmp-content-updates-december-2024

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks from The Hacker News https://thehackernews.com/2025/01/python-based-bots-exploiting-php.html

I have helped people detect romance scams for decades. It is still very common for romance scammers to leverage both pictures of celebrities and pictures of innocent, everyday people as part of these scams.  from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/brad-pitt-romance-scams-pushed-by-ai-enabled-deepfakes

I am always interested in new phishing tricks, and watching them spread across the ecosystem. A few days ago I started getting phishing SMS messages with a new twist. They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. But because they came from unknown phone numbers, the links did not work. So—this is the new bit—the messages said something like: “Please reply Y, then exit the text message, reopen the text message activation link, or copy the link to Safari browser to open it.” I saw it once, and now I am seeing it again and again. Everyone has now adopted this new trick. One article claims that this trick has been popular since last summer . I don’t know; I would have expected to have seen it before last weekend. from Schneier on Security https://www.schneier.com/blog/archives/2025/01/social-engineering-to-disable-imessage-protections.html

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "These from The Hacker News https://thehackernews.com/2025/01/us-sanctions-north-korean-it-worker.html

Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This blog highlights real-world tactics, including: Insider Reconnaissance: Rogue applicants leveraging interviews to map office layouts, identify vulnerable devices, and even plant malware during site visits. Tech Tricks: The use of deepfake technology, AI-generated photos, and VoIP to fake identities, bypass background checks, and mask locations. North Korean Operations: State-sponsored actors posing as remote IT workers with fake resumes and stolen identities to fund illicit activities like missile development. Hiring Weaknesses: Gaps in hiring processes—such as 43% of organizations skipping background checks—leaving businesses vulnerable to exploitation. Read on to discover how to fortify your hiring and onboarding practices against this bus...