Let's give you a quick update about all the major things that happened in the cybersecurity world recently!
Phishing attacks that utilize Microsoft Visio files in a two-step process pose a significant risk.?
Researchers have noted a concerning increase in two-step phishing attacks using trusted platforms like DocuSign and SharePoint to deliver harmful content. Attackers now exploit Microsoft Visio files, normally for creating diagrams, to hide malicious URLs. They send compromised emails with these Visio files from hacked accounts to seem legitimate. Inside, misleading “View Document” buttons lead victims to fake Microsoft login pages when clicked while holding the "Ctrl" key. This scheme targets organizations worldwide, aiming to steal user credentials through a fraudulent login interface.??
?
North Korean Cybercriminals Acquire $10 Million Through AI-Powered Fraud and Malware on LinkedIn??
The North Korea-linked threat actor, Sapphire Sleet, has stolen over $10 million in cryptocurrency via social engineering campaigns over six months, Microsoft reports. They create fake LinkedIn profiles as recruiters and job seekers to generate revenue for North Korea. Active from at least 2020, Sapphire Sleet is linked to APT38 and BlueNoroff. In November 2023, Microsoft noted they set up fake skills assessment portals and impersonated recruiters from firms like Goldman Sachs, leading targets to malware through a controlled site. Additionally, North Korean IT workers are using AI to create job application images and testing voice-changing software.?
?
AI Granny Outsmarts Scam Callers by Mimicking Elderly Victims, Exposing Fraudulent Tactics???
Virgin Media O2's AI model “Daisy” combats scam calls by providing false information, wasting scammers' time as part of their "Swerve the Scammers" campaign. The initiative encourages customers to verify callers and report suspicious activity, delaying fraudsters by up to 40 minutes. Scam victim Amy Hart points out that 69% of Brits face scams, underscoring anyone can be targeted.?
Daisy frustrates scammers with long stories about family and knitting. Murray Mackenzie, Director of Fraud at Virgin Media O2, confirms their commitment to tackling scams with AI spam detection and caller ID services. Last year, they blocked 89 million fraudulent texts.?
?
Chinese hackers preparing for conflict, US cyber official says??
The U.S. cyber chief has alerted that Chinese hackers are gearing up for potential conflict, citing rising tensions over espionage and intellectual property theft. He emphasized the need for heightened vigilance and cybersecurity to combat potential attacks.?
Morgan Adamski, executive director of U.S. Cyber Command, said Chinese-linked cyber operations are aimed at gaining an advantage in case of a major conflict with the U.S.?
The U.S. has long accused China of stealing data from American organizations, and this warning underscores the persistent threat posed by Chinese hackers and the necessity for enhanced cybersecurity measures.?
Trevonix Partner Insights
?Ping Identity's YOUniverse 2024 Celebrates the Future of Identity?
?
??
Ping Identity's YOUniverse 2024 was a pivotal event focused on the future of identity management. It gathered industry leaders and innovators to discuss current trends and challenges. The event facilitated collaboration and knowledge-sharing, helping organizations navigate identity management complexities. Attendees looked forward to engaging keynotes, interactive sessions, and networking opportunities with peers??
Saviynt becomes a participant in the AWS ISV Accelerate program.?
?
Saviynt, has joined the AWS ISV Accelerate program, enhancing its ability to optimize offerings on AWS for secure cloud identity management. This partnership underscores Saviynt's commitment to improving security and compliance for cloud organizations. With access to AWS resources, Saviynt aims to innovate and deliver more secure solutions, solidifying its role as a trusted cloud security partner.?
?
?
?Trevonix Insights???
?Trevonix was a sponsor at the esteemed PingYouniverse 2024 London event.?
-We showcased our latest innovations to industry experts.?
?The event was a fantastic platform for networking, engaging in discussions about the future of technology, and demonstrating how our solutions enhance business operations. Our team thoroughly enjoyed connecting with attendees and building relationships with potential partners.?
?
?Transforming Identity Management- Our latest Solutions showcased at PingYouniverse'24
SME Spotlight?
Attending the European leg of the Ping Youniverse events was both exciting and enlightening.
Andre Durand’s keynote presentation stood out with its passion and focus. Among the many points he discussed regarding the Ping roadmap, his commitment to advancing a standard for authorization was particularly striking. As he stated, "We pushed for a standard for authentication, and now we will push for a standard for authorization." Establishing such a standard is essential to create a consistent framework for managing authorization, moving away from proprietary solutions. At Trevonix, we are eager to support this initiative, recognizing its potential to benefit the entire industry.
Another key takeaway was the growing significance of Digital Identity and Digital Credentials. The concept of a Digital Wallet promises to revolutionize identity management by potentially merging identity and payments. I had the pleasure of presenting alongside Darrell Geusz, Product Lead for Ping Neo, on this topic during the London event.
The integration of AI into the product roadmap is another fascinating area to watch, especially as AI continues to reshape our daily lives. While AI advancements, such as deepfakes, pose challenges to trust, leveraging AI to counter these threats will be crucial.
Lastly, the event was enriched by numerous engaging conversations with customers about the pressing identity challenges they face. Discussing how Trevonix can support them on this journey was both fulfilling and insightful. We are excited to collaborate with them and for the Trevonix team to contribute meaningfully to their success.
Secure Bytes: Tips from Trevonix
Read our recent Blogs?