Being savvy about cybersecurity doesn’t mean just knowing the big trends. You also need to stay on top of new tricks and tactics that hackers are using to target people and organizations. Study up on these three emerging threats so you can stay ahead of attempted cyberattacks.
Conversation hijacking. It may look like your colleague is engaging with you and your coworkers, but in reality, it’s a hacker taking advantage of someone who’s already been exploited to score an even bigger kill. Speaking to ZDNet, Don Maclennan, senior vice president of engineering and product at Barracuda Networks, noted that the secret to this attack is research. “Once they gain access to the account, attackers will spend time reading through conversations, researching their victims, and looking for any deals or valuable conversations they can insert themselves [into],” he said. A related tactic involves domain impersonation, in which an attacker uses a domain that looks similar to your own.
OAuth-based phishing. If you use a Microsoft-based cloud service, you’re going to want to keep an eye on this one. As CPO Magazine recently reported, such attacks look like credible add-ins to Office 365, but they allow unfettered access to an entire account until the user realizes the account has been compromised. “The usefulness of a captured Office 365 user logon to an attacker is only valuable until the logon’s owner realizes they’ve been compromised, and their password is changed,” Stu Sjouwerman, founder and CEO of KnowBe4, told the magazine.
Please select this link to read the complete article from Associations Now.