Risky security behaviors are being sought to be reduced by KnowBe4's new SecurityCoach service, which provides human detection and response, as well as real-time security coaching, reports SiliconAngle.
SecurityCoach has been developed to harness the human factor in cybersecurity, which has been crucial in social engineering techniques, including phishing and spear-phishing attacks. Existing security stacks are being used by SecurityCoach to facilitate real-time coaching campaign configurations in a bid to allow immediate delivery of alerts related to detected security events, according to KnowBe4.
"With SecurityCoach, we are introducing a new product category that automates the delivery of real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture," said KnowBe4 CEO Stu Sjouwerman.
SecurityCoach was revealed only about a month following KnowBe4's announcement of its acquisition by private equity firm Vista Equity Partners in a $4.6 billion deal.
Attackers have been leveraging the new "file archive in the browser" phishing technique that enables the creation of realistic phishing pages masquerading as legitimate file archive software, with hosting on a .ZIP domain further establishing the legitimacy of the scheme, reports The Hacker News.
BleepingComputer reports that recent phishing attacks by the QBot malware operation, also known as Qakbot, have involved the exploitation of a DLL hijacking flaw in the Windows 10 WordPad executable "write.exe."
Microsoft credentials targeted new phishing attacks with RPMSG files New phishing attacks involving compromised Microsoft 365 accounts and encrypted restricted permission message, or RPMSG, files, are being leveraged by threat actors to facilitate the stealthy exfiltration of Microsoft credentials, according to BleepingComputer.