The Cyber Awareness Round-up 5/2/2025
Bob's Business | The Cybersecurity Culture Company
Award-winning, industry-leading cybersecurity awareness and phishing campaigns to reduce risk in every organisation.
Hello from Bob’s Business! We’ve made it through a long, dark January, and we’re now onto our second month of 2025, which means our second resource pack of the year!
This month it’s Safer Internet Day - recognised globally on 11 February. The aim is to raise awareness of the importance of staying safe while on the internet, and equipping people with the tools needed that go beyond just cybersecurity.
In this edition we’ll be delving into some of the latest stories in cybersecurity including a 6 year phishing attack on schools & organisations, malicious PDFs, the cybersecurity skills gap & North Korean hackers targeting job seekers.?
A sophisticated phishing campaign has been targeting users of Microsoft's Active Directory Federation Services (ADFS) for at least six years, according to Abnormal Security.
The campaign, affecting over 150 organisations primarily in education, healthcare, government, and technology, uses social engineering tactics to steal login credentials and MFA codes.? Victims receive convincing phishing emails disguised as IT security updates, leading them to fake ADFS login pages.? While the attackers remain unidentified, they are likely financially motivated.
Although Microsoft recommends migrating to the more secure Entra ID, many organisations, especially in education and healthcare, face barriers to upgrading. Even with Entra ID, similar phishing attacks are possible. Abnormal Security recommends shortening the lifespan of session tokens and MFA codes, and blocking known phishing domains associated with the campaign as mitigation strategies.??
A new and concerning phishing campaign is targeting mobile users with malicious PDF files delivered via SMS messages. These attacks impersonate the United States Postal Service (USPS) and employ sophisticated techniques to conceal harmful links within the PDFs. Unlike typical phishing attempts, these malicious PDFs aren't using standard methods for embedding links, making them harder for traditional security software to detect. Mobile devices are particularly vulnerable due to limited visibility into file contents before opening, increasing the risk of users unknowingly clicking on these dangerous links.
领英推荐
Stay vigilant and avoid clicking on links in unexpected SMS messages, especially those claiming to be from the USPS or other similar organisations. If you're unsure about a message's legitimacy, contact the supposed sender directly through a verified channel. Protecting your data requires constant awareness and caution in the face of evolving phishing tactics.
The cybersecurity skills gap continues to be a significant and growing threat to organisational resilience worldwide. As cyberattacks become more sophisticated and frequent, the demand for skilled cybersecurity professionals far outstrips the available talent pool. This shortage leaves organisations vulnerable to breaches, data loss, and operational disruption. Addressing this gap is crucial for maintaining business continuity and protecting sensitive information. Organisations must prioritise investing in training and development programs to upskill existing employees and attract new talent to the cybersecurity field.?
Proactive measures, such as robust security awareness training for all staff and partnerships with educational institutions, are essential to building a strong cybersecurity posture and mitigating the risks associated with this widening skills gap. Failing to address this issue will only increase the likelihood and impact of cyberattacks in the future.
State-sponsored North Korean hackers are employing a deceptive tactic to spread malware: fake job interviews. These sophisticated attacks target both potential employers and software developers, luring them with seemingly legitimate job opportunities. The malware being deployed, known as FlexibleFerret, is particularly concerning as it has been shown to evade detection by Apple's built-in security software.
This campaign highlights the increasing sophistication of state-sponsored cyberattacks and the need for heightened vigilance, even in seemingly innocuous situations like online job applications. Be wary of unsolicited interview requests, especially those involving unusual file downloads or requests for sensitive information early in the process. Verify the legitimacy of any job offer directly with the company through official channels before engaging in any further steps. This incident serves as a reminder that cybersecurity is everyone's responsibility, and staying informed about evolving threats is crucial for protecting yourself and your organisation.
Get in touch
If you have any questions or would like to discuss further, please reach out. Our team is ready to provide engaging and cost-effective solutions to make your staff your strongest defence.
Contact us at [email protected], and our team will be ready to help you.