CyberheistNews Vol 14 #43 North Korean IT Employee Menace: 10 Crucial Updates to Your Hiring Course of


CyberheistNews Vol 14 #43  |   October twenty second, 2024


North Korean IT Employee Menace: 10 Crucial Updates to Your Hiring Course ofStu Sjouwerman SACP

KnowBe4 was requested what modifications had been made within the hiring course of after the North Korean (DPRK) pretend IT employee discovery. Right here is the abstract, and we strongly counsel you discuss this over with your individual HR division and make these identical modifications or comparable course of updates.

Query: What remediations had been put in place from this incident?

Reply: Please be aware that our cybersecurity controls on this matter had been efficient at shortly detecting, stopping and remediating the incident in a really well timed method (underneath half-hour). There are nonetheless many corporations on the market who’re unaware a DPRK IT employee is of their atmosphere after months.

Query: We want to know extra element about modifications within the recruitment course of itself. As an example, are you interviewing in particular person now?

Reply: We’re not requiring in-person interviews for all hiring, as this can be a course of that won’t scale and we do not need all employees in-office. That is additionally not a requirement of many different tech corporations that rent distant employees, one in every of which reached out to me after studying our article on the subject to debate their challenges and what they applied on their aspect as effectively to stop the menace.

Query: What has KnowBe4 modified of their hiring course of?

Reply: We have now made the next 10 rapid modifications to our hiring and recruitment course of. A few of these modifications embrace suggestions offered by menace intelligence companions and different safety corporations going through the identical points:

[CONTINUED ON THE KNOWBE4 BLOG (too long for the newsletter)]
https://weblog.knowbe4.com/north-korean-it-worker-threat-10-critical-updates-to-your-hiring-process

Lights, Digital camera, Hacktion! The Inside Scoop on Creating ‘The Inside Man’

Over the past 5 years, KnowBe4’s binge-worthy collection “The Inside Man” has been revolutionizing the way in which organizations take into consideration safety consciousness coaching. Now, we invite you behind the scenes to be taught from the creators, and discover out what makes “The Inside Man” so successful in organizations around the globe.

Be a part of us for this may’t-miss webinar the place we’re spilling all of the tea with the masterminds behind “The Inside Man.” You will hear from Jim Shields, Director of “The Inside Man,” Wealthy Leverton, Director of Content material at Twist & Shout, and Perry Carpenter, Govt Producer and Chief Human Threat Administration Strategist at KnowBe4 as they share:

  • Insights on how the idea got here to be, and behind the scenes antics from the solid and crew
  • The key sauce that makes “The Inside Man” much more addictive than your favourite Netflix present
  • Why storytelling is your new superpower within the battle towards cybercriminals and making your safety tradition stick

We’ll even be dropping some juicy teasers in regards to the upcoming season that’ll depart you on the sting of your seat. Whether or not you are a die-hard fan or new to “The Inside Man” get together, you will not need to miss this!

Date/Time: Wednesday, October 30 @ 2:00 PM (ET)

Cannot attend dwell? No worries — register now and you’ll obtain a hyperlink to view the presentation on-demand afterwards.

Save My Spot:
https://information.knowbe4.com/inside-man-webinar?partnerref=CHN

What Spending 3 Hours in IKEA Taught Me About Cybersecurity Consciousness

By Javvad Malik

It was a Saturday morning, and I had grand plans. By “grand plans,” I imply sitting on the couch, watching reruns of “The IT Crowd,” and pretending I did not hear the garden mower calling my title.

However my spouse had different concepts. “We’re going to IKEA,” she introduced, with our children excitedly agreeing within the background. I groaned internally. The Swedish furnishings labyrinth was the final place I wished to be.

Little did I do know, I used to be about to stumble right into a masterclass on person expertise and consciousness that will open my eyes. Who knew that between the MALM dressers and POÄNG chairs, I would discover the strategies that can be utilized to make any safety consciousness program extra participating.

As we entered the blue and yellow kingdom, it is laborious to overlook the clear path laid out earlier than us. It was like following the yellow brick highway, however as a substitute of Oz, it led to reasonably priced furnishings and meatballs. “Create a clear path,” I muttered to myself, fascinated with most convoluted safety insurance policies.

If IKEA might information 1000’s of consumers each day with out confusion, absolutely I might create a clearer path for our workers to comply with safety finest practices. Then got here the meeting directions. As I stared at a diagram for the BILLY bookcase, it hit me, the straightforward and wordless directions visually confirmed how you can assemble the furnishings.

No language boundaries, no room for misinterpretation. Like these well-designed infographics which share volumes of analysis in a single easy to grasp picture.

As we meandered by means of the shop, my spouse and youngsters examined each chair, opened each cupboard, and lay on each mattress. I noticed IKEA was providing hands-on expertise with their merchandise. I started to examine a “cybersecurity playground” the place workers might safely work together with phishing simulations and safety instruments.

An Allen secret is just about the one factor you must assemble most IKEA furnishings. However I did see somewhat field offered with a screwdriver, nails, screws and some different fixing gadgets. Principally a number of important instruments that had been easy to make use of and will assemble any merchandise throughout the retailer. Which obtained me fascinated with equipping employees with the best safety software program and sources.

Lastly, as we loaded our automotive with way over the one bookshelf we got here for, I marveled at IKEA’s self-service mannequin. They offered the showroom inspiration, the instruments, and the assist employees, however finally, clients assembled their purchases themselves. “Self-service with support,” I mentioned out loud, inflicting my spouse to ask if I used to be feeling okay.

As we drove house, our automotive packed tighter than a SMÃ…STAD storage mixture, I could not assist however smile. I had entered IKEA dreading the expertise however left with a trunk stuffed with furnishings and a thoughts stuffed with concepts.

The 5 steps to user-centric safety design that may assist foster and create a stronger safety tradition, could be summed up as follows:

  • Create a Clear Path: Simply as IKEA designs a transparent path by means of its shops, create a transparent, intuitive path for cybersecurity practices. Information customers by means of safety processes as easily as IKEA guides you from sofas to kitchenware.
  • Use Visible Directions: Exchange text-heavy safety insurance policies with visible guides. Assume IKEA’s wordless meeting directions — easy, common and efficient.
  • Supply Arms-On Expertise: Arrange “cybersecurity showrooms” the place workers can work together with safety instruments and practices in a secure, sandbox atmosphere. It is like IKEA’s room setups, however for digital security.
  • Present Important Instruments: Equip customers with the best “tools” for cybersecurity, simply as IKEA gives that important Allen key. This might be password managers, methods to securely again up knowledge or two-factor authentication apps.
  • Encourage Self-Service with Assist: Foster a tradition the place customers can “assemble” their very own safe atmosphere, with knowledgeable assist available — like IKEA’s useful employees scattered all through the shop.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/-spending-3-hours-ikea-taught-about-cybersecurity-awareness

Establish Weak Person Passwords In Your Group With the Newly Enhanced Weak Password Take a look at

Cybercriminals by no means cease searching for methods to hack into your community, but when your customers’ passwords could be guessed, they’ve made the unhealthy actors’ jobs that a lot simpler.

Verizon’s Knowledge Breach Investigations Report confirmed that 81% of hacking-related breaches use both stolen or weak passwords.

The Weak Password Take a look at (WPT) is a free instrument to assist IT directors know which customers have passwords which can be simply guessed or inclined to brute drive assaults, permitting them to take motion towards defending their org.

Weak Password Take a look at checks the Energetic Listing for a number of kinds of weak password-related threats and generates a report of customers with weak passwords.

Here is how Weak Password Take a look at works:

  • Connects to Energetic Listing to retrieve password desk
  • Checks towards 10 kinds of weak password associated threats
  • Shows which customers failed and why
  • Doesn’t show or retailer the precise passwords
  • Simply obtain, set up and run. Leads to a couple of minutes!

Do not let weak passwords be the downfall of your community safety. Reap the benefits of KnowBe4’s Weak Password Take a look at and acquire invaluable insights into the power of your password protocols.

Obtain Now:
https://information.knowbe4.com/weak-password-test-chn

North Korean Hackers Proceed to Goal Job Seekers

A North Korean menace actor is launching social engineering assaults towards job seekers within the tech business, in line with researchers at Palo Alto Networks’ Unit 42.

The hackers are impersonating job recruiters and making an attempt to trick job seekers into putting in malware as a part of the phony interview course of.

“In this campaign, the attackers targeted job-seeking individuals on LinkedIn, luring them to download and execute malware that masquerades as a legitimate video call application,” the researchers write. “This campaign is a continuation of activity we initially reported in November 2023.”

The menace actors arrange convincing on-line personas impersonating technical recruiters and attain out to software program builders with attractive employment provides. The hackers persuade the job seeker to put in a malicious model of a reliable video-conferencing software so as to conduct a web-based interview.

Unit 42 notes that North Korean state-sponsored menace actors typically conduct each cyber espionage and monetary theft throughout their operations. On this case, the malware was designed to steal cryptocurrency, in addition to probably giving the hackers entry to delicate company info.

“North Korean threat actors are known to conduct financial crimes for funds to support the DPRK regime,” the researchers write. “This marketing campaign could also be financially motivated, for the reason that BeaverTail malware has the potential of stealing 13 completely different cryptocurrency wallets….One other essential danger that this marketing campaign poses is potential infiltration of the businesses who make use of the focused job seekers.

“A successful infection on a company-owned endpoint could result in collection and exfiltration of sensitive information. It is essential for individuals and organizations to be aware of such advanced social engineering campaigns.”

Human danger administration offers your group an important layer of protection towards social engineering assaults. KnowBe4 empowers your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/north-korean-hackers-continue-to-target-job-seekers

Registration is Open for KB4-CON 2025!

Thrilling information — registration for KB4-CON 2025 is now open! Be a part of us April 7-9, 2025, on the lovely Gaylord Palms Resort in sunny Orlando, Florida.

KB4-CON is the premier annual convention for KnowBe4 clients, companions and the broader cybersecurity group, bringing collectively 1000’s of attendees from throughout the business. For 3 days, you will discover the world of human danger administration, AI and efficient safety methods. As well as, get unique insights into KnowBe4’s product roadmap and upcoming options.

We’re designing an interesting expertise that can remodel your strategy to managing human danger within the ever-changing cybersecurity panorama.

The perfect half? Now you can safe your spot for KB4-CON 2025 with a restricted time particular in honor of Cybersecurity Consciousness Month for $199 by means of October 31! Be aware that the common worth is $399, so register now! For those who need assistance with approval to attend, obtain our journey justification letter right here.

Save your spot on the cybersecurity occasion of the 12 months!

Save My Spot:
https://knowbe4.cventevents.com/00nVrz?RefId=emregoppros

Chinese language Menace Actor Targets OpenAI With Spear Phishing Assaults

OpenAI has disclosed that its workers had been focused by spear phishing assaults launched by a suspected Chinese language state-sponsored menace actor. The phishing makes an attempt had been unsuccessful. Notably, the menace actor additionally abused OpenAI’s personal merchandise to help within the marketing campaign.

“We identified and banned accounts, which based on an assessment from a credible source likely belonged to a suspected China-based adversary, that were attempting to use our models to support their offensive cyber operations while simultaneously conducting spear phishing attacks against our employees and governments around the world,” OpenAI says.

“Publicly tracked as SweetSpecter, this adversary emerged in 2023. We understand this is the first time their targeting has publicly been identified to include a U.S.-based AI company, with their previous activity reported as having focused on political entities in the Middle East, Africa, and Asia.”

The menace actor despatched phishing emails to company and private e mail addresses of OpenAI workers, asking for assist with ChatGPT errors. The emails contained attachments designed to put in malware.

“In these emails, SweetSpecter posed as a ChatGPT user asking for support from the targeted employees,” the corporate says. “The emails included a malicious attachment referred to as ‘some issues.zip’, containing an LNK file. This file contained code that will, if opened, current a DOCX file to the person that listed varied obvious error and repair messages from ChatGPT.

“In the background, however, Windows malware known as SugarGh0st RAT would be decrypted and executed. The malware is designed to give SweetSpecter control over the compromised machine and allow them to do things like execute arbitrary commands, take screenshots, and exfiltrate data.”

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/chinese-threat-actor-targets-openai-with-spear-phishing-attacks

Let’s keep secure on the market.

Heat regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [IMPORTANT BLOG POST] Meet SmartRisk Agentâ„¢: Unlock Your New Human Threat Administration:
https://weblog.knowbe4.com/meet-smartrisk-agent-unlock-your-new-human-risk-management

Quotes of the Week  

“Those who cannot remember the past are condemned to repeat it.”
– George Santayana – Thinker (1863 – 1952)


“Life shrinks or expands in proportion to one’s courage.”
– Anais Nin – Author (1903 – 1977)


Thanks for studying CyberheistNews

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-43-north-korean-it-worker-threat-ten-critical-updates-to-your-hiring-process

Safety Information

Cybercriminals Exploit Curiosity within the U.S. Presidential Election

Prison menace actors are focusing on customers in the USA with social engineering assaults that impersonate U.S. presidential candidates and their campaigns, in line with a brand new report from Fortinet.

Crooks are peddling phishing kits designed to simply spin up phishing pages focusing on each Trump and Harris supporters. “In one recent post, we observed an interesting project featuring phishing pages designed to impersonate political leaders Donald Trump and Kamala Harris,” the researchers write.

“The [threat actor] is providing two separate phishing kits for $1,260 every—one focusing on Donald Trump supporters and the opposite focusing on Kamala Harris supporters. These kits are designed to reap private info, together with names, addresses, and bank card (donation) particulars.

“The consequences of these phishing threats are significant, as they can lead to the widespread theft of personal information, including names, addresses, and credit card details. This puts individuals at risk of financial fraud and undermines trust in the political process.”

The researchers have additionally noticed over a thousand domains which may be utilized in election-themed phishing assaults.

“More than 1,000 new potentially malicious domains have been registered since the beginning of 2024 that follow particular patterns and incorporate election- related content and candidates, suggesting that threat actors are leveraging the heightened interest surrounding the election to lure unsuspecting targets and potentially conduct malicious activities,” Fortinet says.

Fortinet recommends worker coaching as a layer of protection towards social engineering assaults. “Conduct regular training sessions for election officials, political campaign staff, and volunteers to educate them about the risks of phishing attacks,” the researchers write.

“Raise awareness about common phishing tactics, such as deceptive emails and fake websites, and teach employees how to identify and report suspicious emails.”

KnowBe4 permits your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.

Fortinet has the story:
https://www.fortinet.com/company/about-us/newsroom/press-releases/2024/fortinet-fortiguard-labs-observes-darknet-activity-targeting-the-2024-united-states-presidential-election

FBI Warns Scammers Are Concentrating on Legislation Companies for Phony Debt Collections

The U.S. FBI warns that scammers try to trick regulation companies into transferring cash as a part of a phony debt assortment scheme.

The rip-off “may focus on any type of representation where a lawyer is hired to assist in the transfer or collection of money, e.g. real estate, collection matters, collaborative law agreements in family matters, etc.”

The schemes sometimes take the next steps:

  • A regulation agency is contacted concerning illustration in an alleged debt assortment matter by what seems to be a reliable potential consumer (“the Creditor”)
  • The regulation agency agrees to assist and sends a requirement letter to the alleged debtor (“Debtor”)
  • The Debtor instantly agrees to pay the debt and sends what seems to be a legitimate cashier’s test to the regulation agency
  • The regulation agency deposits the test into their consumer belief account and transfers the worth to the Creditor by way of wire, much less any authorized charges agreed upon
  • The regulation agency’s financial institution then discovers that the test is definitely fraudulent and the belief account is charged again the worth of the test
  • As a result of the wire has already been despatched to the Creditor, the regulation agency is left to endure the monetary loss

The FBI outlines some suggestions to assist organizations keep away from falling for these scams:

  • “Be suspicious of requests or stress to take motion shortly. Plenty of potential victims had been capable of efficiently establish the fraudulent test by adhering to insurance policies which required a delay or maintain on the funds till affirmation that the debtor’s test had certainly cleared into their consumer belief accounts.
  • Think about extra monetary safety procedures, comparable to two-step verification or phone calls (topics are likely to want written correspondence), to confirm transaction particulars and id info, previous to wiring funds.
  • Contact your monetary establishment instantly and request that they contact the monetary establishment the place any wire switch was despatched to find out if it is ready to be recalled or the funds frozen within the deposit account.”

New-school safety consciousness coaching offers your group an important layer of protection towards social engineering assaults. KnowBe4 empowers your workforce to make smarter safety selections each day.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/scammers-targeting-law-firms-for-phony-debt-collections

What KnowBe4 Clients Say

“Whats up Stu, good to listen to from you! Is that this a sort of phishing take a look at?

Really I’ve simply constructive feedback in regards to the platform, because it’s precisely what we had been searching for, that could be a utterly autonomous coaching platform with every kind of serving to options inside together with reviews for our HR.

Uncommon to seek out this sort of completeness in merchandise, if not developed or led by those that skilled the identical wants, within the subject.

Thanks and finest regards, Grazie e buon lavoro.”

– V.E., IT Infrastructure Supervisor

The ten Attention-grabbing Information Objects This Week

Cyberheist ‘Fave’ Hyperlinks

This Week’s Hyperlinks We Like, Ideas, Hints and Enjoyable Stuff

Recent articles

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Goal Victims

An ongoing phishing marketing campaign is using copyright infringement-related...

5 Most Widespread Malware Strategies in 2024

Ways, methods, and procedures (TTPs) kind the muse of...

Showcasing the SuperTest compiler’s check & validation suite | IoT Now Information & Studies

House › IoT Webinars › Showcasing the SuperTest compiler’s...

Cisco Releases Patch for Essential URWB Vulnerability in Industrial Wi-fi Programs

î ‚Nov 07, 2024î „Ravie LakshmananVulnerability / Wi-fi Expertise Cisco has launched...

Canada Orders TikTok to Shut Down Canadian Operations Over Safety Considerations

î ‚Nov 07, 2024î „Ravie LakshmananNationwide Safety / Social Media The Canadian...