Many organizations’ ongoing enthusiasm for incorporating artificial intelligence (AI) is leaving them open to sophisticated and carefully planned cyber-attacks. Cybersecurity company Mandiant, a Google subsidiary, has issued an urgent warning for companies to be wary of downloading AI tools from unvetted websites.
The US Federal Bureau of Investigation (FBI) has issued a joint advisory warning of a new tactic being used by North Korean intelligence-gathering cyber group Kimsuky. The warning is squarely aimed at think tanks, academic institutions, non-profit organizations, and members of the media in Western countries. Despite North Korea’s previous reliance on revenue from international crime to finance its weapons and military programs, the FBI reports that Kimsuky’s role is intelligence gathering.
Kimsuky exploits an improperly configured Domain Name System (DNS) to mimic legitimate email senders and hack targeted individuals. Without properly configured DNS Domain-based Message Authentication, Reporting, and Conformance (DMARC) policies, malicious hackers can send spoofed emails as if they came from a legitimate domain’s email exchange.
Security Discovery researchers and the Cybernews team discovered the largest data leak ever recorded, containing 26 billion records predominantly stolen from major social media platforms and government agencies.
Dubbed “The Mother of All Breaches”, the 12 terabytes of compromised records were stolen most notably from Tencent QQ (1.5B), Weibo (504M), MySpace (360M), Twitter (281M), LinkedIn (251M), AdultFriendFinder (220M), among government agency data from the United States, Brazil, Germany, the Philippines, Turkey, among others.
Revealed in a presentation at last month’s Black Hat Middle East and Africa conference, was a corporate information leak tactic targeting Saudi Arabian workers using fraudulent LinkedIn profiles.
The LinkedIn attacks start with fraudulent accounts pretending to be Muslim women in their 20s who say they work in Southeast Asia. Once the connection is made, attempts to harvest sensitive corporate information through long, seemingly legitimate professional conversations ensue.
LinkedIn has become a byword for respectability and overall security. But all that has started to change, with the growing attention of cybercriminal gangs, firstly with false flags and, more recently, directly taking control of targeted individual LinkedIn accounts.
The attack allowed bad actors to lock LinkedIn users out of their accounts and resulted in ransom demands to allow users to access their accounts again. The ongoing attacks caused LinkedIn account inquiries to spike by 5000%. The full report is available on Cyberint’s website.
Editorial Team
