Now LinkedIn DMs Goal Your Execs

Trusted Platform however Similar Outdated Phish: Now LinkedIn DMs Goal Your Execs

A phishing marketing campaign is abusing LinkedIn non-public messages to focus on executives and IT employees, in line with researchers at ReliaQuest. The messages try to trick victims into opening an archive file, which is able to set up a reliable pentesting instrument.

“A important factor of this assault was using a reliable, open-source Python script designed for pentesting,” ReliaQuest says. “Counting on publicly out there instruments means much less effort for attackers and permits them to cut back prices and detection dangers—all whereas reducing the technical barrier to entry.”

The researchers stress that the abuse of reliable instruments makes the marketing campaign extra more likely to bypass safety defenses.

“On this marketing campaign, attackers used WinRAR and Python, however comparable techniques may prolong to different extensively used instruments, similar to PowerShell,” the researchers write. “These instruments are integral to day by day operations, making it impractical for organizations to dam them solely.

“This highlights the continuing problem of distinguishing between reliable exercise and malicious habits, leaving organizations susceptible to comparable assaults.

“What’s extra, as organizations more and more depend on social media platforms for enterprise and advertising functions, these channels create new assault surfaces. Workers managing company social media accounts or participating on these platforms are uncovered to phishing makes an attempt in environments with minimal safety controls.”

Workers want to take care of a wholesome sense of suspicion throughout all on-line platforms to keep away from falling for social engineering assaults.

“This marketing campaign serves as a reminder that phishing is not confined to e-mail inboxes,” the researchers write. “Phishing assaults happen over various channels like social media, engines like google and messaging apps—platforms that many organizations nonetheless overlook of their safety methods.

“Social media platforms, particularly these often accessed on company units, present attackers with direct entry to high-value targets like executives and IT directors, making them invaluable to cybercriminals.”

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/warning-a-linkedin-phishing-campaign-is-targeting-executives

Cyber CSI 2.0: Phishing Forensics within the Age of AI and Deepfakes

The phishing arms race has entered a harmful new part. Outdated detection strategies not work in 2026. AI-generated phishing emails now mimic writing kinds completely. Deepfake voice and video calls impersonate your CEO with ease. Even “protected” platforms like Microsoft Groups and guarded domains aren’t bulletproof.

Be part of Roger A. Grimes, CISO Advisor at KnowBe4, for a recent take a look at fashionable phishing forensics. Roger will present you the most recent instruments and strategies to catch high-tech social engineering earlier than it hits your community.

On this session, you will learn to:

• Dissect AI-generated phishing emails and spot the delicate clues that reveal machine-crafted deception
• Perceive what DMARC truly protects (and what it does not), plus how attackers bypass it
• Use sensible strategies to establish pretend voice calls and video impersonations, and analyze phishing makes an attempt via Microsoft Groups, Slack, SMS (smishing), voice calls (vishing) and social media
• Prepare your customers to identify and report phishing makes an attempt

Get contained in the thoughts of a hacker and grasp the forensic expertise that separate compromised organizations from protected ones, plus earn CPE for attending!

Date/Time: TOMORROW, Wednesday, February 11 @ 2:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/cyber-csi-2.0-phishing-forensics?partnerref=CHN2

Attackers Can Use LLMs to Generate Phishing Pages in Actual Time

Researchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) assault approach during which menace actors may use AI instruments to generate malicious JavaScript in actual time on seemingly innocuous webpages.

“As soon as loaded within the sufferer’s browser, the preliminary webpage makes requests for client-side JavaScript to in style and trusted LLM purchasers (e.g., DeepSeek and Google Gemini, although the PoC could possibly be efficient throughout quite a lot of fashions),” the researchers write.

“Attackers can then trick the LLM into returning malicious JavaScript snippets utilizing rigorously engineered prompts that circumvent security guardrails. These snippets are then assembled and executed within the browser’s runtime to render a completely purposeful phishing web page. This leaves behind no static, detectable payload.”

Whereas reliable AI instruments have measures to forestall misuse, the researchers discovered that they may rephrase their prompts to trick the AI into performing malicious actions.

“The assault’s success hinged on cautious immediate engineering to bypass the LLM’s built-in safeguards,” the researchers write. “We discovered easy rephrasing was remarkably efficient. As an illustration, a request for a generic $AJAX POST operate was permitted, whereas a direct request for ‘code to exfiltrate credentials’ was blocked.

“Moreover, indicators of compromise (IoCs) as an example Base64-encoded exfiltration URLs is also hidden throughout the immediate itself to maintain the preliminary web page clear.”

Unit 42 provides, “The dynamic nature of this assault, together with runtime meeting within the browser, makes it a formidable protection problem. This assault mannequin creates a novel variant for each sufferer. Every malicious payload is dynamically generated and distinctive, transmitted over a trusted area.”

Risk actors are at all times discovering new methods to bypass safety applied sciences. AI-powered safety consciousness coaching may give your group an important layer of protection in opposition to social engineering assaults that slip previous your technical defenses.

Over 70,000 organizations worldwide belief the KnowBe4 HRM+ platform to strengthen their safety tradition and scale back human threat.

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/attackers-can-use-llms-to-generate-phishing-pages-in-real-time

Automate Incident Response and Maximize SOC Effectivity

Your safety workforce is drowning in alerts, and threats are slipping via. With SOC groups going through greater than 4,400 day by day alerts, over 40% of that are false positives, the overwhelming majority of organizations are drowning in backlogs.

The end result? A five-hour response hole that leaves threats sitting in your staff’ inboxes for days or perhaps weeks. Cease playing with unaddressed alerts with know-how that collapses the time-to-containment from hours to minutes.

Throughout this demo, you will uncover how PhishER Plus eliminates the harmful vulnerability window between menace detection and containment by combining triple-validated menace intelligence with human oversight:

• Speed up Response instances with AI-powered automation that lets you code customized guidelines in plain-English, scale back handbook e-mail evaluation time by as much as 99%, and eliminates alert fatigue
• Leverage unmatched menace intelligence from 13+ million world customers, KnowBe4 Risk Analysis Lab, and main third-party integrations, catching zero-day threats that bypass SEGs and different ICES defenses
• Keep full visibility and management over AI-driven selections with PhishML Insights, eliminating black-box uncertainty and decreasing false positives that waste $875K yearly
• Take away threats mechanically from all mailboxes with World PhishRIP earlier than customers can work together with them, eliminating the chance of staff in any other case falling for the assault
• Convert actual assaults into focused coaching alternatives with PhishFlip, reinforcing vigilant worker habits whereas showcasing safety consciousness gaps

Uncover how PhishER Plus prospects obtain 650% ROI throughout the first 12 months. Remodel your staff into your most respected defenders whereas assembly SOC effectivity targets.

Date/Time: Wednesday, February 18 @ 2:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/phisher-demo-2?partnerref=CHN

Report: One in Ten UK Corporations Wouldn’t Survive a Main Cyberattack

A brand new survey by Vodafone Enterprise discovered that greater than 10% of corporations within the UK would possible exit of enterprise in the event that they had been hit by a significant cyber incident, similar to a ransomware assault, Infosecurity Journal reviews.

Moreover, 71% of enterprise leaders imagine no less than one among their staff would fall for a convincing phishing assault, and fewer than half (45%) of organizations have ensured that each one of their staff have acquired fundamental cyber consciousness coaching.

The most typical the reason why leaders imagine their employees would fall for phishing emails are “a ignorance and coaching; employees being ‘too busy’; and the absence of clear protocols for verifying and flagging suspicious messages.”

Respondents additionally mentioned their staff reuse their work password for almost a dozen private accounts, vastly growing the chance of phishing and credential-stuffing assaults. If an attacker manages to steal a password for a private account, then they’ll take a look at that password in opposition to the consumer’s work account.

Multifactor authentication can add a layer of protection in opposition to stolen passwords, however MFA may also be bypassed through social engineering.

“The ballot paints a troubling image of insufficient disaster preparedness, poor password practices and employees susceptibility to phishing scams – all of which depart companies uncovered to cyber-crime,” Vodafone says.

“With almost two thirds of enterprise leaders (63%) reporting that their group’s threat of cyber-attack has risen over the previous 12 months, password reuse stays significantly prevalent. Employers estimate that, on common, employees use their work password for as much as 11 different private accounts, together with social media and relationship websites.”

AI-powered safety consciousness coaching may give your group an important layer of protection in opposition to social engineering assaults.

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/report-one-in-ten-uk-companies-wouldnt-survive-a-major-cyberattack

[Live Demo] Cease Inbound and Outbound E mail Threats

With over 376 billion emails despatched day by day, your group faces unprecedented dangers from Enterprise E mail Compromise (BEC), misdirected delicate communications and complicated AI-driven phishing assaults.

The human factor, concerned within the overwhelming majority of knowledge breaches, contributes to email-based threats that value organizations like yours thousands and thousands yearly.

Uncover how one can cease as much as 97% extra assaults and uncover 10x extra potential information breaches in your Microsoft 365 setting earlier than they occur.

Be part of our stay demo to see how KnowBe4’s Cloud E mail Safety seamlessly integrates into Microsoft 365 to reinforce its native safety whereas offering the instruments wanted to establish dangerous communications earlier than they result in breaches.

See KnowBe4’s Cloud E mail Safety in motion as we present you tips on how to:

• Defend your group in opposition to subtle inbound threats together with BEC, provide chain assaults and ransomware
• Forestall pricey outbound errors with real-time alerts that cease misdirected emails and unauthorized file sharing
• Implement data limitations that hold you compliant with {industry} laws
• Detect and block information exfiltration makes an attempt earlier than delicate data leaves your group
• Customise incident response workflows to match your safety workforce’s wants

Strengthen your safety posture with AI-native clever e-mail safety that reduces human-activated threat and safeguards your group from inbound and outbound threats.

Date/Time: Wednesday, February 18 @ 1:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/ces-demo-month-2?partnerref=CHN

OpenClaw’s AI-Abilities Market Turns Right into a Malware Pipeline

Agent safety simply crossed from “theoretical” to “headline-grade operational threat.” New analysis and protection stack up round OpenClaw’s talent market getting used as a malware distribution channel and leaking secrets and techniques (API keys and creds).

In just some weeks, OpenClaw (the open-source AI “agent” that may execute terminal instructions and connect with e-mail, calendars and cloud providers) surged previous 100,000 GitHub stars, drawing two million weekly guests, and is now being packaged as hosted situations.

However the identical autonomy that makes it helpful is now a safety legal responsibility. Sources warned that default or poorly secured OpenClaw deployments, particularly these uncovered to the general public web, face elevated dangers of hacking and information leaks, urging organizations to audit publicity and tighten id and entry controls.

The larger alarm is ClawHub, its talent market. Investigations discovered attackers importing expertise masquerading as productiveness instruments or crypto apps, then utilizing social engineering to get customers to run obfuscated terminal instructions that fetch infostealers.

With OpenClaw typically granted broad machine permissions, a single malicious talent can learn information, execute scripts and harvest browser passwords, crypto pockets keys, SSH logins and API credentials.

In the meantime, Snyk reported {that a} scan of almost 4,000 expertise discovered roughly 7% contained flaws that would expose delicate credentials—displaying that even “non-malicious” expertise can leak secrets and techniques.

Agent safety requires curated + permissioned agent ecosystems: verified publishers, code signing, automated secret scanning, sandboxing and runtime permission prompts that implement least privilege. On this world, “expertise” aren’t cute add-ons. They’re executable supply-chain parts that demand governance.

Let’s keep protected on the market.

Heat regards,

Stu Sjouwerman, SACP
Government Chairman
KnowBe4, Inc.

PS: [NEW] Your KnowBe4 Product Roadmap – See what’s subsequent for KnowBe4’s industry-leading HRM+ platform:
https://www.knowbe4.com/merchandise/product-roadmap

PPS: Your KnowBe4 Recent Content material Updates from January 2026:
https://weblog.knowbe4.com/your-knowbe4-fresh-content-updates-from-january-2026

You may learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-16-05-trusted-platform-but-same-old-phish-now-linkedin-dms-target-yourexecs

The Phishing-as-a-Service Economic system is Thriving

Commodity phishing platforms are actually a central part of the cybercriminal financial system, in line with researchers at Flare. These platforms enable menace actors of all talent ranges to hold out superior assaults at scale.

“Fashionable kits typically embrace superior options similar to reverse proxy, real-time MFA bypass, dynamic brand substitute, bot detection, Telegram exfiltration and automatic sufferer monitoring, making them one of the crucial extensively used and scalable instruments within the cybercrime ecosystem,” Flare says.

“A more moderen evolution of this mannequin is Phishing-as-a-Service (PhaaS), the place operators promote subscriptions to ready-made phishing infrastructures, so prospects by no means contact the underlying code. Such service typically contains internet hosting providers, lures, dashboards and automated updates.

“This turns phishing right into a scalable, low-skill, high-impact service financial system, dramatically growing the amount and class of world phishing campaigns.”

Customers have to be made conscious of evolving social engineering strategies, since these superior assaults have gotten the norm.

“The intelligence right here about subtle phishing kits reveals that consumer coaching should evolve,” the researchers write. “Telling customers ‘examine the URL bar’ is not enough when kits can spoof the browser window convincingly.

“Safety consciousness applications ought to embrace examples of AiTM and BitB and advise issues like ‘If an MFA immediate or login seems at an uncommon time, be skeptical even when it appears regular.’ Additionally emphasize using password managers, since they could be a backstop in opposition to pretend kinds.

“To raised practice your group in opposition to the most recent phishing tips (like QR code phishing, AiTM, BitB home windows), incorporate them into phishing simulations for workers, to inoculate them considerably and measure threat.”

AI-powered safety consciousness coaching may give your group an important layer of protection in opposition to social engineering assaults. Over 70,000 organizations worldwide belief the KnowBe4 HRM+ platform to strengthen their safety tradition and scale back human threat.

Weblog publish with hyperlinks:
https://weblog.knowbe4.com/the-phishing-as-a-service-economy-is-thriving

Phishing Marketing campaign Tells Customers Their Cloud Storage Will Be Deleted

BleepingComputer reviews {that a} main phishing marketing campaign is telling customers that they should renew their cloud storage subscriptions or else their information will likely be deleted.

“Primarily based on quite a few emails seen by BleepingComputer, the marketing campaign has escalated over the previous few months, with folks receiving a number of variations of the rip-off every day, all showing to be despatched by the identical scammers,” BleepingComputer says “The messages all try to create a way of urgency by claiming a cost downside or storage difficulty have to be resolved instantly, or folks’s information will likely be deleted or blocked.”

If the consumer clicks the hyperlink within the e-mail, they’re going to be taken to a webpage that impersonates a preferred cloud service, similar to Google Drive or Microsoft’s OneDrive.

“After clicking the replace storage button, as an alternative of being taken to a reliable cloud providers web page, you’re redirected to affiliate marketing online pages selling unrelated merchandise,” BleepingComputer says. “Merchandise promoted on this phishing marketing campaign embrace VPN providers, little-known safety software program and different subscription-based choices with no connection to cloud storage.

“The pages finally result in checkout kinds designed to gather bank card particulars and generate affiliate income for the menace actors behind the marketing campaign. Sadly, many individuals who obtain these emails could not notice they’re scams and buy a product they do not want, considering it can resolve the pretend cloud storage points.”

Customers needs to be cautious of scare techniques designed to make them act shortly. Main cloud providers will wait months or years earlier than deleting your information in the event you cease making funds.

“Official cloud suppliers don’t ship emails that result in storage scans or third-party safety or VPN merchandise to resolve billing points,” BleepingComputer says. “Moreover, most reliable cloud storage suppliers will block entry to your further storage if you fail to make a cost, quite than deleting your information instantly.”

AI-powered safety consciousness coaching may give your staff a wholesome sense of skepticism.

BleepingComputer has the story:
https://www.bleepingcomputer.com/information/safety/cloud-storage-payment-scam-floods-inboxes-with-fake-renewals/

What KnowBe4 Clients Say

“Only a fast notice to say/commend Kim G. on what a stellar job she did at present on our launch/implementation name. This is a crucial consumer of ours who’re very technical/detailed and Kim is the right match for that workforce. I do know that this consumer feels cared for and is assured on this launch. It’s vastly appreciated. Have an awesome remainder of your day and an exquisite weekend!”

– M.L., Consumer Success Consultant

“I needed to move on constructive suggestions about Erika. I completely love having her as our CSM! She goes above and past to tell me of latest options, she has even constructed instance reviews for me to study from and is so fast to answer to my each e-mail!

“It began with a easy e-mail to know why our phishing simulation quantity appeared off final month. She instantly recognized the trigger and opened a ticket for me with all the mandatory particulars!

“I went on to ask her a query on tips on how to rerun the marketing campaign in opposition to those who had the e-mail bounce, and he or she actually gave me step-by-step directions with screenshots. Her consideration to element and responsiveness is unreal.

“I really belief her and worth her experience. Her persona and demeanor go a good distance alongside together with her willingness to assist. It’s a main bonus that she has a lot data and if she doesn’t have the reply she ensures I get help from help. She even follows up afterward to see how my expertise was!!

“I’m certain you knew how nice she is, however I needed to supply this suggestions anyway! She is a uncommon discover!”

– O/A., IT Safety and Compliance