Code Blue Cyber’s Post

Social engineering Break news In the last cases, we noticed that the hackers used more social engineering than ever. Iran's activities and cybercrime gangs are using social engineering to penetrate our systems. Why has social engineering become so popular? Let me share some old and new key reasons why attackers succeed with this approach: We found that hackers used people's Trust and Confidence: hackers track social media activities and find hobbies, lifestyles, and Positions. Also, we found that Emotions like fear, greed, or recklessness can drive hasty actions. Desire to be helpful can be exploited, sham, and manipulated by bad guys. In cases we managed attackers pretended to be CEO, emailing employees to urgently transfer funds for a supposed business deal. In some cases a deepfake of a CFO was used to authorize a fraudulent transaction, highlighting the need for robust identity checks. In one of our latest cases, hackers impersonated legit vendors and sent emails asking for payment for a new bank account. This kind of hacker method became so popular:( What we can do before? Awareness, training, guidelines, and anti-deep fake technology can reduce the risk. Five things we can offer immediately in case of emergency: • IR investigation - Identify and Isolate the Incident: Quickly identify the scope of the breach, including which accounts and systems are compromised. Isolate affected systems to prevent further unauthorized access. • • Notify Financial Institutions: •Contact your bank and any financial institutions involved in the transaction as soon as possible to attempt to stop or reverse unauthorized transfers. • • Inform Law Enforcement: •Report the incident to local law enforcement and relevant authorities, such as the FBI’s Internet Crime Complaint Center (IC3) in the U.S. This can help with recovery efforts and potentially lead to apprehending the attackers. • • Internal Communication: Inform your internal team about the breach to stop any further actions that might exacerbate the situation, such as responding to additional phishing emails, finance activities, or procurement payments. • Review and Secure Accounts: Check and secure all potentially compromised accounts by changing passwords and reviewing recent activity for unauthorized actions Feel free to contact us to learn more about collaborating with us. #cyber #socialenggenering #cybersrcurity #IR Code Blue Cyber Code Blue by Dussmann

This is the perfect example of why enabling the functionality and allowing the use of hardware security tokens is a must. I say enabling the functionality because even if a solution has the functionality to use hardware security tokens it doesn't mean that their IT Department has enabled it to be used. SMS text messaging for 2FA is a critical risk and way to easy to exploit. Typical exploitation of SMS SIM swaps is surrounded by insider greed, malicious actors using social engineering on telecommunication company staff, or the Remo (snatch and grab a cell store managers tablet) to do the swaps. #simswap #cell #ATT #Verizon #2FA #cybersecurity #cryptocurrency

US Health Dept warns hospitals of hackers targeting IT help desks The sector alert issued by the Health Sector Cybersecurity Coordination Center (HC3) this week says these tactics have allowed attackers to gain access to targeted organizations' systems by enrolling their own multi-factor authentication (MFA) devices. In these attacks, the threat actors use a local area code to call organizations pretending to be employees in the financial department and provide stolen ID verification details, including corporate ID and social security numbers. Using this sensitive information and claiming their smartphone is broken, they convince the IT helpdesk to enroll a new device in MFA under the attacker's control. This gives them access to corporate resources and allows them to redirect bank transactions in business email compromise attacks. "The threat actor specifically targeted login information related to payer websites, where they then submitted a form to make ACH changes for payer accounts," HC3 says. "Once access has been gained to employee email accounts, they sent instructions to payment processors to divert legitimate payments to attacker-controlled U.S. bank accounts." In such incidents, attackers may also use AI voice cloning tools to deceive targets, making it harder to verify identities remotely. This is now a very popular tactic, with 25% of people having experienced an AI voice impersonation scam or knowing someone who has, according to a recent global study. https://lnkd.in/gvaAJqpy #cybersecurity #cyberattack #cybercrime #cyberrisk #cyberthreats #informationsecurity #infosec #breach #databreach #malware #google #bing #networksecurity #technicalsupport #itservices #itsupport #dataprotection #datasecurity #itnews #hackingprevention #cloudsecurity #riskmanagement #fbi #vciso #securityexpert #cisa #financialrisk #manufacturing #iot #ransomware

𝙏𝙝𝙚 "𝙈𝙤𝙩𝙝𝙚𝙧 𝙤𝙛 𝘼𝙡𝙡 𝘽𝙧𝙚𝙖𝙘𝙝𝙚𝙨": 𝙒𝙝𝙖𝙩 𝙔𝙤𝙪 𝙉𝙚𝙚𝙙 𝙩𝙤 𝙆𝙣𝙤𝙬 𝙩𝙤 𝙋𝙧𝙤𝙩𝙚𝙘𝙩 𝙔𝙤𝙪𝙧𝙨𝙚𝙡𝙛 Cyber Crime and criminals continue infiltrate unprotected Enterprises - Check out the full article in the comments. Summary: * A massive data breach, dubbed the "Mother of All Breaches," has exposed 26 billion records from popular websites like LinkedIn, Twitter, and Adobe. * Hackers gained access to a trove of personal information, including names, email addresses, passwords, and social security numbers. * The full scope of the breach is still unknown, but experts warn of widespread identity theft, financial fraud, and other cybercrimes. * Users are urged to change their passwords immediately and be wary of phishing scams. Analysis: * This breach is one of the largest in history and highlights the growing vulnerability of our online data. * The stolen information could be used for a variety of malicious purposes, making it crucial for individuals and businesses to take steps to protect themselves. * The article emphasizes the importance of strong passwords, two-factor authentication, and being cautious about sharing personal information online.

Cyber Byte of the day: The Health Sector Cybersecurity Coordination Center (HC3) warns that threat actors are using advanced social engineering tactics to target IT help desks in health sector to access organizations’ network and divert payments.  They target employees in financial roles by making phone calls with the target organization’s area code and claiming to be an employee. They pass the verification process with stolen information from other breaches, such as last four digits of social security number, corporate ID number and other demographic details. The scammers claim that their phone is broken, so they cannot login and receive MFA. They convince the IT help desk to enroll a new device.  Once the threat actors gain access to the employees’ email account, they send instructions to payment processors to divert payments to the attackers U.S. bank account which is then transferred to overseas accounts. It has been observed that during this business email compromise attack, threat actors register a domain with a single letter variation of the target’s organization and impersonate the organization’s CFO or someone of authority in the finance department.  The spear-phishing technique may also involve AI voice cloning for impersonation to make the request look more legitimate. To mitigate against Tactics, Techniques and Procedures used in unauthorized access to privileged accounts in Microsoft cloud environment, it is recommended to use Microsoft Authenticator with number matching instead of SMS verification for MFA, require users to authenticate from a trusted network location and block external access to Microsoft Azure and Microsoft 365 administration features by allowing access only if users are authenticated from a trusted network location and their device is in compliance. In addition, monitor for suspicious ACH changes and train employees on social engineering techniques.   #cybersecurity #cyberbyte #cyber #veteranowned #veteran #smallbusiness

"𝗬𝗼𝘂𝗿 𝗣𝗲𝗿𝘀𝗼𝗻𝗮𝗹 𝗗𝗮𝘁𝗮 𝗦𝗼𝗹𝗱 𝗳𝗼𝗿 𝗟𝗲𝘀𝘀 𝗧𝗵𝗮𝗻 𝗮 𝗖𝘂𝗽 𝗼𝗳 𝗖𝗼𝗳𝗳𝗲𝗲! ☕" 🎯 In a world where we thought our 𝗣𝗲𝗿𝘀𝗼𝗻𝗮𝗹 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 Finding out is difficult But Reality can 𝗦𝗵𝗼𝗰𝗸 𝗬𝗼𝘂. 😱 🎯 The recent exposure of 𝗕𝗼𝗮𝘁 𝗟𝗶𝗳𝗲𝘀𝘁𝘆𝗹𝗲'𝘀 𝗱𝗮𝘁𝗮𝗯𝗮𝘀𝗲 breach puts a glaring spotlight on the value of personal data. ⚠️ 🎯 A 𝗵𝗮𝗰𝗸𝗲𝗿 known only as 𝗦𝗵𝗼𝗽𝗶𝗳𝘆𝗚𝗨𝗬 made headlines by putting a price tag of a mere 𝟮 𝗘𝘂𝗿𝗼𝘀 on the personal details. 🔍 𝗗𝗶𝘃𝗲 𝗶𝗻𝘁𝗼 𝘁𝗵𝗲 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁: 👉 𝗔𝗽𝗿𝗶𝗹 𝟱, 𝟮𝟬𝟮𝟰: Hacker gains 𝘂𝗻𝗮𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗮𝗰𝗰𝗲𝘀𝘀. 👉 7.5 million entries leaked, opening a 𝗣𝗮𝗻𝗱𝗼𝗿𝗮'𝘀 𝗯𝗼𝘅 of potential financial fraud, phishing, and identity theft risk. 👉 It begs the question: Have we been overestimating the worth of our personal data? 🔹 Here are 5 steps the government should consider adopting: ✅ Implement stricter 𝗱𝗮𝘁𝗮 𝗽𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻 regulations. ✅ Establish comprehensive 𝗰𝘆𝗯𝗲𝗿 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁 reporting mechanisms. ✅ Foster 𝗽𝘂𝗯𝗹𝗶𝗰-𝗽𝗿𝗶𝘃𝗮𝘁𝗲 partnerships for 𝗰𝘆𝗯𝗲𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆. ✅ Increase awareness around 𝗱𝗮𝘁𝗮 𝗽𝗿𝗶𝘃𝗮𝗰𝘆 𝗿𝗶𝗴𝗵𝘁𝘀. ✅ Encourage the development of secure 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗶𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲. 💬 What are your thoughts? How do you value your Personal Data? Any steps you believe are crucial in safeguarding our Digital Footprints? Do let us know in the comment box!  Let’s connect with  Abhishek Aggarwal, CFPᶜᵐ or Grivaa Capital for more amazing updates. #DataPrivacy #CyberSecurity #TechNews #boat #amangupta #DigitalSecurity #governmentofindia #sharktankindia

Another reason why Cyber Security is so vital.

Who profits most consistently from corporate cyber crime? Techology companies, insurers and consulting firms that specialize in cyber security. I don’t mean this in any way as a criticism. Their products and services are absolutely essential given the rate of cyber crime. But what about the cyber criminals, you ask. Most corporate victims of ransomware breaches no longer pay the threat actors, so they often end up selling the data they have exfiltrated to other criminals at a fraction of their ransom demands. I saw a recent situation where a TA exfiltrated millions of customer records from an online engagement platform, were unable to extract ransom and are now selling the data for a few thousand dollars. Now, who consistently pays the cost of cyber crime? Consumers. I’d be curious to see the impact that cyber crime and resultant preparedness actions have had on prices in recent years. Perhaps if journalists focused on raising awareness of the cost rather than the lurid details, more pressure would be placed on legislators to do more to prevent cyber crime.

Cyber crime is a growing concern in today's digital age, and it can affect anyone. The dark side of cyber crime is the malicious intent behind it, as it can be used to target individuals, businesses, and governments. Cyber criminals typically use computer networks to commit a variety of crimes, from stealing personal information to blackmailing businesses and spreading viruses. Cyber criminals can also use social engineering techniques to gain access to sensitive systems. The consequences of cyber crime can be severe, ranging from identity theft to financial loss, reputational damage, and even fraudulent activity. Individuals, businesses, and governments must take steps to protect themselves against cyber crime, by adopting appropriate security measures and staying up to date with the latest security technologies. Speak to us about your security requirements info@pieterseassociates.com

Cyber crime is a growing concern in today's digital age, and it can affect anyone. The dark side of cyber crime is the malicious intent behind it, as it can be used to target individuals, businesses, and governments. Cyber criminals typically use computer networks to commit a variety of crimes, from stealing personal information to blackmailing businesses and spreading viruses. Cyber criminals can also use social engineering techniques to gain access to sensitive systems. The consequences of cyber crime can be severe, ranging from identity theft to financial loss, reputational damage, and even fraudulent activity. Individuals, businesses, and governments must take steps to protect themselves against cyber crime, by adopting appropriate security measures and staying up to date with the latest security technologies. Speak to us about your security requirements info@pieterseassociates.com