Scam Service Attempts to Bypass Multi-factor Authentication

May 16, 2024 12:54:05 PM By Stu Sjouwerman

A scam operation called “Estate” has attempted to trick nearly a hundred thousand people into handing over multi-factor authentication codes over the past year, according to Zack ...

Black Basta Ransomware Uses Phishing Flood to Compromise Orgs

May 16, 2024 12:54:01 PM By Roger Grimes

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack.

Phishing and Pretexting Dominate Social Engineering-Related Data Breaches

May 15, 2024 11:15:31 AM By Stu Sjouwerman

New data shows that despite the massive evolution of the cybercrime economy, threat actors are sticking with the basics in social engineering attacks, with a goal at stealing data.

FBI Warns of AI-Assisted Phishing Campaigns

May 15, 2024 11:15:28 AM By Stu Sjouwerman

The US Federal Bureau of Investigation’s (FBI’s) San Francisco division warns that threat actors are increasingly using AI tools to improve their social engineering attacks.

“Unknown” Initial Attack Vectors Continue to Grow and Plague Ransomware Attacks

May 14, 2024 2:30:08 PM By Stu Sjouwerman

Trend analysis of ransomware attacks in the first quarter of this year reveals a continual increase in the number of "unknown" initial attack vectors, and I think I might understand why.

Attackers Leveraging XSS To Make Phishing Emails Increasingly Evasive

May 14, 2024 2:30:02 PM By Stu Sjouwerman

Attackers are exploiting Reflected Cross-Site Scripting (XSS) flaws to bypass security filters, according to a new report from Vipre. This technique allows attackers to send benign links ...

CyberheistNews Vol 14 #20 Verizon: Nearly 80% of Data Breaches Involve Phishing and the Misuse of Credentials

May 14, 2024 9:00:00 AM By Stu Sjouwerman

Alert: Nova Scotians Hit by Surge of Sophisticated Spear Phishing Scams

May 14, 2024 8:37:34 AM By Stu Sjouwerman

The Royal Canadian Mounted Police (RCMP) in Nova Scotia is warning of spear phishing attacks that impersonate company managers. The scammers text company employees requesting a payment to ...

New Research: Number of Successful Ransomware Attacks Rise 29% in a Just One Year

May 14, 2024 8:37:31 AM By Stu Sjouwerman

New analysis of Q1’s ransomware attacks uncovers a single group responsible for the majority and discusses what makes them so successful.

Reality Hijacked: Deepfakes, GenAI, and the Emergent Threat of Synthetic Media

May 13, 2024 8:00:00 AM By Stu Sjouwerman

"Reality Hijacked" isn't just a title—it's a wake-up call. The advent and acceleration of GenAI is redefining our relationship with 'reality' and challenging our grip on the truth.

[Beware] Ransomware Targets Execs' Kids to Coerce Payouts

May 13, 2024 7:00:00 AM By Stu Sjouwerman

Just when you think bad actors cannot sink any lower, they find a way to. In a recent chilling evolution of ransomware tactics, attackers are now also targeting the families of corporate ...

Google’s Multi-Party Approval Process Is Great, but Not Unphishable

May 10, 2024 1:49:20 PM By Roger Grimes

Like most observers, I celebrated Google’s recent announcement on April 9th about new multi-party approvals for a handful or so of common actions accomplished by super admins in Google ...

Ransomware Detection Time Shortens by 44% as Organizations Attempt to Keep Up with Attackers

May 10, 2024 1:49:17 PM By Stu Sjouwerman

New data shows organizations are improving their ability to detect and respond to ransomware attacks, but is it fast enough to make a difference and stop attacks?

Phishing-as-a-Service Platform LabHost Disrupted by Law Enforcement Crackdown

May 10, 2024 8:43:26 AM By Stu Sjouwerman

One of the largest phishing-as-a-service platforms, LabHost, was severely disrupted by law enforcement in 19 countries during a year-long operation that resulted in 37 arrests.

Digital Doppelgängers: AI-Generated Celeb Fashion Takes Over the Met Gala on Social Media

May 10, 2024 8:43:22 AM By Stu Sjouwerman

The Met Gala, fashion's biggest night, was not just the A-list attendees who stole the spotlight—digital imposters in the form of AI-generated superstars sent social media into a frenzy.

Arizona Election Workers Battle Against Deepfake Threats in New AI Defense Drill

May 10, 2024 8:43:19 AM By Stu Sjouwerman

In the quest to secure the integrity of elections, Arizona election workers have taken a groundbreaking step by participating in a first-of-its-kind drill meant to defend against a new ...

[Must Read] How Boeing Battled a Whopping $200M Ransomware Demand

May 10, 2024 6:49:49 AM By Stu Sjouwerman

Boeing recently confirmed that in October 2023, it fell victim to an attack by the LockBit ransomware gang, which disrupted some of its parts and distribution operations. The attackers ...

[Breaking] The News Is Increasingly Broken. Surge Of Inaccurate AI News Stories

May 9, 2024 2:30:57 PM By Stu Sjouwerman

Keeping up to date what is happening is crucial in IT, but the reliability of the news you consume is facing a growing threat.

Phishing Reports in Switzerland More Than Doubled Last Year

May 8, 2024 2:14:41 PM By Stu Sjouwerman

Switzerland’s National Cyber Security Centre (NCSC) received more than 30,000 reports of cyber incidents in the second half of 2023, more than double the amount received in the second ...

9 in 10 Organizations Paid At least One Ransom Last Year

May 8, 2024 2:14:37 PM By Stu Sjouwerman

New analysis of cyber attacks shows ransomware attacks are running far more rampant than previously thought, with half of organizations blaming poor cyber hygiene.

Security Awareness Training Blog

View Topics