Organizations are increasingly concerned about high-profile employees’ information being exposed on the deep and dark web. The CrowdStrike Counter Adversary Operations team is often asked to find fake social media accounts and personally identifiable information (PII) that might be exposed. Impersonations and leaked PII can unravel lives and ruin the reputations of individuals … [Read more...] about Protecting Employees’ Sensitive Data on the Web
employees
Purging your company’s LinkedIn page of fake employees
Among social networks, LinkedIn holds a rather unique position. The platform is designed for communication among professionals, which automatically implies contact with new people, almost complete transparency of user information, as well as a fairly high degree of trust in total strangers. The downside of this is the relative ease of creating plausible fake profiles. For … [Read more...] about Purging your company’s LinkedIn page of fake employees
How scammers swindle money out of new employees
The first few days in a new workplace are commonly packed with team meetings, trainings, onboarding sessions, and so on. Much ado with little understanding of what’s going on. At the same time there are certain “rituals” that many new hires go in for these days — one of which being posting on social media (most commonly, but not exclusively, on LinkedIn) about starting a new … [Read more...] about How scammers swindle money out of new employees
Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data
The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net. The threat actors allegedly claim to have obtained the personal data associated with five million … [Read more...] about Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data
Researchers Detail New Malware Campaign Targeting Indian Government Employees
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications," Zscaler ThreatLabz researcher … [Read more...] about Researchers Detail New Malware Campaign Targeting Indian Government Employees
Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack
Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary … [Read more...] about Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack
Your employees are everywhere. Is your security?
Embracing security resilience for the hybrid work era Hybrid work is here to stay. According to our survey, only 9 percent of the global workforce plans to return to the office full time. Employees have become accustomed to working from home and on-the-go, and modern organizations will need to keep up with this shift to retain much-needed talent. While flexibility has become … [Read more...] about Your employees are everywhere. Is your security?
U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond. "The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, … [Read more...] about U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
GootLoader Hackers Targeting Employees of Law and Accounting Firms
Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is a stealthy initial access malware, which after getting a foothold into the … [Read more...] about GootLoader Hackers Targeting Employees of Law and Accounting Firms
Hackers Target Defense Contractors’ Employees By Posing as Recruiters
The United States Cybersecurity and Infrastructure Security Agency (CISA) has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies.Dubbed 'BLINDINGCAN,' the advanced remote access trojan acts as a backdoor when installed on compromised … [Read more...] about Hackers Target Defense Contractors’ Employees By Posing as Recruiters