Craig Hale at Techradar reported: "A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale. 

Here is a 3-minute article that we suggest you copy/paste and send to all your users as part of your ongoing security culture campaign. "The holiday season is a time when people are especially vulnerable to scams. This is because they are busy and often have their guard down. Criminals take advantage of this by circulating fake e-gift cards, posing as charities, targeting specific demographics, and so on. In this 3-min article, we will discuss Google's five most popular scams being circulated this holiday season. So if you want to be aware of the social engineering dangers lurking online, then keep reading!1) E-gift card scams: 2) Charities3) Demographic Targeting4) Subscription renewals5) Crypto scamsWith the holiday season in full swing, so are gift card and prize scams. These scammers will often lie about being a known contact of yours to try and get you to buy them a gift card, or they may offer an amazing prize in exchange for your credit card information. If you receive any suspicious emails like this from someone claiming to be your friend, make sure to confirm it with them through another method before doing anything further. And as always, if something seems too good to be true, it probably is.Be wary of scammers and phishing attempts; they actually worsen during the holiday season. This would not only hurt those who fall for the scams, but also charities that could've benefited from donations. For example, an attacker may pretend to be associated with a charity related to current events or one with a familiar name. If someone contacts you asking for money via personal email or another method, beware that it might be fraudulent.With more people shopping online and sharing personal information this holiday season, scammers are taking advantage by targeting consumers with fraud that seems more realistic. For example, you might get an email from what  looks like your child's school PTA about a holiday fundraiser. But if you click on the link in the email, it could take you to a fake website where you're asked to enter sensitive information like your credit card number or Social Security Number. These types of scams can be difficult to identify because they seem so personalized. But if you're aware of potential threats and know what to look for, you can help protect yourself against them.Scammers love to target people at the end of the year, and one particularly nasty version of these emails spoofs antivirus services. They lure victims with promises of improved security, but if you take a closer look at the sender’s email address, you can usually spot these scams pretty easily. 

This statistic is alarming and underscores the importance of having a robust cybersecurity program in place. According to the Ponemon Institute, the average cost of a data breach is $3.8 million. This means that organizations need to do everything they can to protect their data and keep their networks secure.

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to distribute malicious installers for legitimate applications, including TeamViewer, Microsoft Teams, Adobe Flash Player, Zoom, and AnyDesk. The phishing campaign leads to the installation of ransomware and information-stealing malware.

Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real thing.