CyberheistNews Vol 15 #09 [NEW] KnowBe4 Interviews a Faux North Korean Worker

[NEW] KnowBe4 Interviews a Faux North Korean Worker

By Roger Grimes

You’d assume with all the worldwide press we have now acquired due to our public announcement of how we mistakenly employed a North Korean faux worker in July 2024, adopted by our a number of public shows and a whitepaper on the topic, that the North Korean faux workers would keep away from making use of for jobs at KnowBe4.

You’d be unsuitable.

It’s apparently not of their workflow to lookup the corporate they’re making an attempt to idiot together with the phrases ‘North Korea faux workers’ earlier than they apply for jobs.

We get North Korean faux workers making use of for our distant programmer/developer jobs on a regular basis. Generally, they’re the majority of the candidates we obtain. This isn’t uncommon today. This is similar with many corporations and recruiter companies I speak with. In case you are hiring remote-only programmers, listen just a little bit greater than common.

Recapping the North Korean Faux Worker Trade

In brief, North Korea has hundreds of North Korean workers deployed in a nation-state-level industrial scheme to get North Koreans employed in international nations to gather paychecks till they’re found and fired.

[Note: Due to UN sanctions, it is illegal to knowingly hire a North Korean employee throughout much of the world.]

To perform this scheme, North Korean residents apply for remote-only programming jobs provided by corporations all over the world. The North Koreans apply utilizing all the conventional job-seeking websites and instruments {that a} common applicant would avail, reminiscent of the corporate’s personal job hiring web site and devoted job websites like Certainly[.]com.

The North Koreans work as a part of bigger groups, typically consisting of dozens to over 100 faux candidates. They’re normally situated in nations outdoors of North Korea which can be pleasant to North Koreans, reminiscent of China, Russia, and Malaysia.

It is because North Korea doesn’t have a adequate infrastructure (e.g., Web, electrical energy, and many others.) to finest maintain this system, and it’s straightforward for adversarial nations to detect and block North Korean Web visitors.

[CONTINUED] On the KnowBe4 weblog, a really attention-grabbing learn!:
https://weblog.knowbe4.com/our-interview-of-a-north-korean-fake-employee

Ridiculously Straightforward AI-Powered Safety Consciousness Coaching and Phishing

Phishing and social engineering are the #1 cyber menace to your group. 68% of all information breaches are attributable to human error.

Be a part of us for a reside demonstration of KnowBe4 in motion. See how we safeguard your group from refined social engineering threats utilizing probably the most complete human threat administration platform.

Get a take a look at THREE NEW FEATURES and see how straightforward it’s to coach and phish your customers.

• NEW! Synthetic Intelligence Protection Brokers permits you to personalize safety coaching, cut back admin burden, and elevate your human threat administration technique
• NEW! SmartRisk Agent supplies actionable information and metrics that will help you decrease your group’s human threat rating
• NEW! Particular person Leaderboards are a enjoyable method to assist improve coaching engagement by encouraging pleasant competitors amongst your customers
• Sensible Teams permits you to use workers’ habits and person attributes to tailor and automate phishing campaigns, coaching assignments, remedial studying and reporting
• Full Random Phishing routinely chooses totally different templates for every person, stopping customers from telling one another about an incoming phishing take a look at

Learn the way practically 70,000 organizations have mobilized their finish customers as their human firewall.

Date/Time: TOMORROW, Wednesday, March 5 @ 2:00 PM (ET)

Save My Spot!
https://information.knowbe4.com/en-us/kmsat-demo-3?partnerref=CHN2

Viral however Weak: The Hidden Dangers of Cybersecurity Misinformation on Social Media

By Martin Kraemer

It is no shock that 18–29-year-olds are turning to social media for cybersecurity data. As digital natives, this age group naturally gravitates towards platforms the place data is quick, accessible, and consistently up to date.

However how successfully are they absorbing these quick snippets—and are they prone to share it ahead? Extra importantly, what occurs if that cybersecurity data is inaccurate?

How do folks eat cybersecurity data?

In our latest report, “Cybersecurity Data Sharing as an Component of Sustainable Safety Tradition”, Dr. William Seymour, Lecturer in Cybersecurity at King’s School London and I discovered that whereas employers stay a key supply of cybersecurity data throughout all age teams, respondents additionally often relied on:

• social media (age group 18–29)
• web sites (age group 30-39 and 60-69)
• direct sharing (age group 40-49)
• broadcasts and podcasts (age group 50-59) as extra sources of data

One conclusion from this analysis was that onward sharing of cyber data amongst colleagues, household and buddies is a optimistic cyber behavior that creates a robust safety tradition at work and at dwelling. However one factor we don’t handle is what occurs when even these with the perfect intentions find yourself spreading false or dangerous recommendation.

Social Media Pitfalls: Misinformation at Your Fingertips

From the character of the content material to gaps in regulation, a number of components contribute to cybersecurity misinformation on social media platforms like Instagram, TikTok, and even LinkedIn:

• Oversimplified Content material
• Echo Chambers and Algorithm Bias
• Publicity to Fraudulent Schemes
• Restricted Supply Credibility
• Absence of Oversight
• Prioritization of Virality Over Accuracy

[CONTINUED] on the KnowBe4 Weblog with hyperlinks:
https://weblog.knowbe4.com/viral-but-vulnerable-the-hidden-risks-of-cybersecurity-misinformation-on-social-media

[Case Study] How Personalised Safety Transforms Endeavour Mining’s Cyber Protection

With 98% of social engineering assaults coming through e-mail, personalised safety defenses and coaching are essential. These tailor-made methods are the simplest method to cut back human threat and shield your folks, organizations and information.

Achieve insights from business leaders on this webinar that includes a hearth chat between Alexis Ternoy, CIO at Endeavour Mining, and Sudeep Venkatesh, SVP World Buyer Implementation and Success at KnowBe4. Find out how Endeavour Mining is revolutionizing its strategy to cybersecurity with personalised safety of their struggle towards human threat.

Be a part of us to discover:

• Key human threat traits shaping cybersecurity in 2025
• Rising e-mail safety threats and find out how to fight them
• Why Endeavour Mining changed their present e-mail safety and coaching platforms with KnowBe4
• How KnowBe4 delivers personalised e-mail safety and coaching to decrease human threat
• Actual-world outcomes and ROI achieved by Endeavour Mining

Do not miss this chance to remodel your group’s safety defenses. Register now to learn the way personalised safety can dramatically cut back your human threat.

Date/Time: Wednesday, March 12 @ 2:00 PM (ET)

Save My Spot:
https://information.knowbe4.com/case-study-endeavour-mining?partnerref=CHN

[Warning] Russian Menace Actors Are Focusing on Sign Accounts With Malicious QR Codes

A number of Russian state-sponsored menace actors are utilizing QR code phishing (quishing) to compromise Sign accounts, in accordance with researchers at Google’s Menace Intelligence Group.

The QR codes are designed to grant entry to the account through Sign’s Linked Units function.

“Probably the most novel and broadly used method underpinning Russian-aligned makes an attempt to compromise Sign accounts is the abuse of the app’s respectable ‘linked units’ function that allows Sign for use on a number of units concurrently,” the researchers clarify.

“As a result of linking an extra system sometimes requires scanning a fast response (QR) code, menace actors have resorted to crafting malicious QR codes that, when scanned, will hyperlink a sufferer’s account to an actor-controlled Sign occasion.

“If profitable, future messages will likely be delivered synchronously to each the sufferer and the menace actor in real-time, offering a persistent means to listen in on the sufferer’s safe conversations with out the necessity for full-device compromise.”

These phishing assaults are at the moment focusing on people associated to the conflict in Ukraine, however Google warns that this method will probably be adopted by extra menace actors to focus on folks all over the world.

“Sign’s recognition amongst frequent targets of surveillance and espionage exercise—reminiscent of army personnel, politicians, journalists, activists, and different at-risk communities—has positioned the safe messaging utility as a high-value goal for adversaries looking for to intercept delicate data that would fulfill a spread of various intelligence necessities,” the researchers write.

“Extra broadly, this menace additionally extends to different widespread messaging functions reminiscent of WhatsApp and Telegram, that are additionally being actively focused by Russian-aligned menace teams utilizing comparable strategies.”

Google says customers ought to “train warning when interacting with QR codes and net assets purporting to be software program updates, group invitations, or different notifications that seem respectable and urge speedy motion.”

KnowBe4 empowers your workforce to make smarter safety selections day by day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human threat.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/warning-russian-threat-actors-are-targeting-signal-accounts-with-malicious-qr-codes

Do Customers Put Your Group at Danger with Browser-Saved Passwords?

Is the recognition of password dumpers, malware that enables cybercriminals to seek out and “dump” passwords your customers save in net browsers, placing your group in danger?

KnowBe4’s Browser Password Inspector (BPI) is a complimentary IT safety device that permits you to analyze your group’s threat related to weak, reused and outdated passwords your customers save in Chrome, Firefox and Edge net browsers.

BPI checks the passwords discovered within the browser towards energetic person accounts in your Lively Listing. It additionally makes use of publicly accessible password databases to establish weak password threats and reviews on affected accounts so that you can take motion instantly.

With Browser Password Inspector you possibly can:

• Search and establish any of your customers which have browser-saved passwords throughout a number of machines and whether or not the identical passwords are getting used
• Rapidly isolate password safety vulnerabilities within the browser and simply establish weak or high-risk passwords getting used to entry your group
• Higher handle and strengthen your group’s password hygiene insurance policies and safety consciousness coaching efforts

Get your ends in a couple of minutes!

Discover Out Now:
https://information.knowbe4.com/browser-password-inspector-chn

[Announcing] Audiocasts – A New Podcast-Like Coaching Content material Kind

We’re very excited to announce the addition of audiocasts, a brand new content material kind now accessible within the ModStore to assist strengthen your safety tradition via an enticing audio format.

This new content material kind takes benefit of the favored media format, podcasts. Audiocasts are totally different from podcasts (thus the marginally totally different title) in that they aren’t accessible through a podcast app however could be assigned as obligatory or elective coaching like all of our different widespread content material sorts.

They’re learning-focused, moderately than simply for leisure, and so much shorter than your common podcast – most are beneath ten minutes. They monitor completion (similar to our video modules) when somebody has listened to the episode and never simply fast-forwarded to the top. Options embrace a full, built-in transcript and our customary entry for keyboard-only controls.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/announcing-audiocasts-a-new-podcast-like-training-content-type?

Let’s keep secure on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: KnowBe4 Named #1 Safety Product and #2 Total Software program Product in G2’s 2025 Finest Software program Awards:
https://weblog.knowbe4.com/knowbe4-named-1-security-product-and-2-overall-software-product-in-g2s-2025-best-software-awards

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-15-09-new-knowbe4-interviews-a-fake-north-korean-employee

Phishing Assault Results in Lateral Motion in Simply 48 Minutes

Researchers at ReliaQuest have printed a report on a phishing breach within the manufacturing sector that went from preliminary entry to lateral motion in simply 48 minutes. The attackers started by swamping customers with spam emails, then posed as tech assist and provided help in stopping the flood of spam.

“To realize entry into the group’s community, the menace actor used social engineering and end-user manipulation,” the researchers write. “Greater than 15 customers had been focused with a flood of spam emails. Subsequent, the menace actor despatched a Groups message utilizing an exterior ‘onmicrosoft.com’ e-mail handle.

“These domains are easy to arrange and exploit the Microsoft branding to seem respectable. The menace actor posed as an IT help-desk worker, probably pretending to help customers with the flood of emails that was stopping them from working—a typical tactic utilized by ransomware teams like Black Basta.”

After this, the attackers contacted the focused workers through Microsoft Groups and satisfied them to make use of the Home windows device Fast Help to grant the attackers distant entry to the pc.

“The menace actor then used Groups to name at the least two customers and satisfied them to open the remote-access device Fast Help, be a part of a distant session, and grant management of their machines,” the researchers write. “Fast Help, native to Home windows hosts, is commonly utilized in these assaults as a result of attackers can simply persuade customers to open it and be a part of a distant session utilizing a code.

“On this incident, one person granted the menace actor management of their machine for over 10 minutes, giving the menace actor ample time to progress their assault.”

ReliaQuest notes that this social engineering method can bypass safety filters because it tips the person into performing a malicious motion with out clicking a hyperlink or downloading an attachment. The assault additionally makes use of respectable instruments to achieve entry, moderately than malware.

“This tactic of utilizing e-mail spam as an alternative of malicious hyperlinks or attachments is especially efficient as a result of the emails themselves aren’t inherently malicious, leaving safety instruments with nothing to detect,” the researchers write.

“Furthermore, the top person does not have to work together with the e-mail instantly. As a substitute, the flood of spam makes the goal’s inbox unusable, giving the menace actor a believable motive to pose as IT workers providing to resolve the problem.

“This low-tech however extremely efficient methodology permits menace actors to achieve preliminary entry and persuade customers to grant them management of their machines. Given its success, it is probably that different menace teams will undertake this method within the close to future.”

KnowBe4 allows your workforce to make smarter safety selections day by day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human threat.

Ars Technica has the story:
https://arstechnica.com/safety/2025/02/notorious-crooks-broke-into-a-company-network-in-48-minutes-heres-how/

Shield Your self from Job Termination Scams

ESET warns of a wave of phishing assaults informing workers that they have been fired or let go. The emails are designed to make the person panic and act shortly to see in the event that they’ve really misplaced their job.

If a person falls for the assault, they’re going to be tricked into downloading malware or handing over their login credentials.

“Social engineering techniques utilized in phishing intention to create a way of urgency within the sufferer, in order that they act with out pondering issues via first,” the researchers write. “And you may’t get extra pressing than a discover informing you that you’ve got been dismissed. It might arrive within the type of an e-mail from HR, or an authoritative third-party outdoors the corporate.

“It could inform you that your companies are not required. Or it might declare to incorporate particulars about your colleagues which can be too arduous to withstand studying. The tip purpose is to steer you to click on on a malicious hyperlink or open an attachment, maybe by claiming that it contains particulars of severance funds and termination dates.”

ESET says customers ought to be looking out for the next crimson flags related to phishing assaults:

• An uncommon sender handle that does not match the said sender. Hover your mouse over the “from” handle to see what pops up. It could be one thing fully totally different, or it might be an try and mimic the impersonated firm’s area, utilizing typos and different characters (e.g., m1crosoft[.]com, @microsfot[.]com)
• A generic greeting (e.g., ‘pricey worker/person’), which is definitely not the tone a respectable termination letter would take
• Hyperlinks embedded within the e-mail or attachments to open. These are sometimes a tell-tale signal of a phishing try. In the event you hover over the hyperlink and it does not look proper, all of the extra motive to not click on
• Hyperlinks or attachments that do not open instantly, however request you to enter logins. By no means achieve this in response to an unsolicited message
• Pressing language. Phishing messages will all the time attempt to rush you into making a rash determination
• Misspellings, grammatical or different errors within the letter. These have gotten rarer as cybercriminals undertake generative AI instruments to put in writing their phishing emails, however they’re nonetheless price searching for

Going ahead, be in your guard for AI-aided schemes the place scammers might use deepfake audio and video likenesses of precise folks (that of your boss, maybe) to trick you into giving up confidential company data.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/protect-yourself-from-job-termination-scams

What KnowBe4 Clients Say

Nice job making issues go proper! Unsolicited shout-out for Les D.

“I’ve labored with Les D a number of instances already and it has been an exquisite expertise, and my confidence in KnowBe4 has been restored. Thanks a lot in your help on this matter. I’m as soon as once more a really blissful buyer.”

– R.A., Data Techniques Supervisor