Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Can We Ever Truly Stop Ransomware?

A recent Class-Action lawsuit against EHR vendor Allscripts raises the question of where fault should lie when ransomware attacks are successful.
Continue Reading

FBI Warns that Business Email Compromise (CEO Fraud) is a "$12 Billion Scam"

The FBI is again warning of the threat posed by business email compromise (BEC, aka CEO Fraud) and email account compromise (EAC). Together, says the Bureau, these have cost businesses ...
Continue Reading

SANS: "Less Than Half of Cyberattacks Detected via Antivirus"

We have been saying here for a while that antivirus is dead, but SANS just confirmed it in a new report that starts with: "Companies are buying next-gen antivirus and fileless attack ...
Continue Reading

UK SMEs: Know Your Enemy. Plan Your Defense

Organizations in the UK with 250 employees or less need a solid understanding of the attack potential, methods used, and how to prepare.
Continue Reading

CyberheistNews Vol 8 #28

Continue Reading

Ransomware Mid-Year Update: It’s Worse Than Ever

We’re finally getting a look at how much ransomware attacks have been seen in the wild in the first half of 2018 – and the numbers are astounding.
Continue Reading

Another Hacking Scandal? Russians could be behind 'cyber caliphate'

The US Senate is asking the Justice Department to look into the possibility that an Islamic extremist hacking group was actually the work of the Russian government.
Continue Reading

Russian Indictment: They Used Criminal Tradecraft like Spearphishing To Hack The Democratic Party

The email arrived in Hillary Clinton’s campaign chairman John Podesta’s inbox around March 19, 2016, during the height of the presidential primaries, spoofed to look like a standard ...
Continue Reading

What Would You Like To Ask Kevin Mitnick About Social Engineering?

Here's your chance. Late August we'll do a live webinar with Kevin, and he asked me to find out what questions you have for him regarding social engineering, so we can cover them in this ...
Continue Reading

Bad guys use Google's Golang to cross-compile multi-platform malware

Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews