KnowBe4, a cybersecurity platform, has unveiled its new Threat Labs initiative aimed at addressing and mitigating human-targeted cyber threats.
This initiative is dedicated to in-depth research and analysis of email-based threats and phishing attacks, leveraging a combination of expert insight and crowdsourced intelligence.
The skills of cybersecurity researchers and analysts at KnowBe4 Threat Labs are tasked with identifying and analyzing the latest phishing methodologies. They also develop proactive strategies to counter these evolving threats.
The first publication report from KnowBe4 Threat Labs, titled “Using Genuine Business Domains to Harvest Credentials,” kept details of a sophisticated phishing campaign that targets multiple organizations to exfiltrate Microsoft credentials. In this campaign, threat actors used a compromised domain along with its subdomains, utilized bulk email services, and took benefit of an open redirect vulnerability. This multi-faceted strategy was designed to avoid detection mechanisms and enhance the success rate of phishing attempts.
“KnowBe4 Threat Labs is a momentous step forward in providing actionable intelligence on emerging cyber risks related to human risk management,” said Dr. Martin Kraemer, security awareness advocate, KnowBe4. “This intelligence is based on continuous monitoring and in-depth investigations of the global threat landscape.”
“KnowBe4 Threat Labs will specialize in topic areas related to social engineering, phishing, and human-factor security,” said Jack Chapman, head of threat intelligence at Egress, a KnowBe4 company. “It will help to empower organizations to strengthen their security posture through cutting-edge research and timely threat analysis.”
