Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

[HEADS UP] LastPass Warns of a ‘CEO’ Deepfake Phishing Attempt

Password manager software developer LastPass warned that one of its employees was targeted by a social engineering attack that used an audio deepfake which impersonated the company’s CEO.

Fortunately, the (trained) employee grew suspicious and avoided falling for the attack. You can count on the fact that other password manager software companies are attacked as well. Tell your supply chain to train their staff.

Mike Kosak, Senior Principal Intelligence Analyst at LastPass, explained in a blog post, “In our case, an employee received a series of calls, texts, and at least one voicemail featuring an audio deepfake from a threat actor impersonating our CEO via WhatsApp.

“As the attempted communication was outside of normal business communication channels and due to the employee’s suspicion regarding the presence of many of the hallmarks of a social engineering attempt (such as forced urgency), our employee rightly ignored the messages and reported the incident to our internal security team so that we could take steps to both mitigate the threat and raise awareness of the tactic both internally and externally.”

LastPass warns that the technology to create deepfakes is now widely available, so these types of attacks will likely continue to increase. Increasing awareness of these techniques is a crucial defense against these attacks.

“Deepfakes use generative artificial intelligence to leverage existing audio and/or visual samples to create a new and unique recording of a targeted individual saying or doing whatever the creator has programmed the deepfake tool to fabricate,” LastPass says.

“Deepfakes are often associated with political misinformation and disinformation campaigns, but the combination of the increased quality of deepfakes and the increased availability of the technology used to create them (there are now numerous sites and apps openly available that allow just about anyone to easily create a deepfake) has long been a concern of the private sector as well.”

Blog post with links:

A Look at Foreign Influence Operations Focused on the U.S. Elections

Our friends at The Cyberwire wrote: “Microsoft has published a report on foreign influence operations focused on the 2024 U.S. elections, finding that ‘Russian efforts are focused on undermining U.S. support for Ukraine while China seeks to exploit societal polarization and diminish faith in U.S. democratic systems.’

Over the past two months, Microsoft has observed at least seventy Russian threat actors using traditional and social media to peddle disinformation surrounding the war in Ukraine.

Microsoft also found that Russia, China and Iran have all used generative AI to support their influence campaigns, although “fears that sophisticated AI deepfake videos would succeed in voter manipulation have not yet been borne out.”

The researchers believe that simpler AI-enhanced content will be more effective than fully AI-generated content.

Separately, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI) issued an advisory yesterday on election interference.

The advisory notes that “the People’s Republic of China (PRC), the Russian Federation, and the Islamic Republic of Iran continue to be the primary nation-state actors leveraging influence operations exploiting perceived sociopolitical divisions to undermine confidence in U.S. democratic institutions and shaping public perception toward their interests.”

I strongly recommend you step your users through this training module that I personally contributed to:

Spot and Stop the Spread of Disinformation

Distinguishing real from made-up information, especially online, is getting more and more difficult. Disinformation is the intentional creation of false information and has far reaching consequences. This module explores disinformation, how to identify it, and how to protect yourself and your organization from it. ModStore Search term: “Disinformation”

Link to Blog post:



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.