Paying the Ransom Is Not Just About Decryption

May 14, 2021 1:02:38 PM By Roger Grimes

I just read that a well-known pipeline company paid $5M to the ransomware hacker group. And despite that, they are still having to use their backups because the decryption process is too ...

Kicking You While You’re Down: Ransomware Attacks Begin to Adopt a “Triple Extortion” Model

May 14, 2021 9:11:24 AM By Stu Sjouwerman

New tactics spotted by security researchers at CheckPoint indicate a growing pattern by ransomware gangs to use additional extortion actions to increase revenues and ensure payment.

Ransomware Attack Demands Cause Cyber Insurance Claim Amounts to Skyrocket

May 14, 2021 9:10:29 AM By Stu Sjouwerman

The perfect storm of large enterprises, cyber insurance policies, successful ransomware attacks, and ransom demands in the tens of millions now consistently result in seven-figure claim ...

New Verizon DBIR: Credentials Stolen in 85% of Social Engineering Breaches

May 13, 2021 10:52:28 AM By Stu Sjouwerman

Verizon’s latest data breach report puts a spotlight on one of the largest and most unpredictable risk factors in your cybersecurity strategy – your users.

FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials

May 13, 2021 8:56:37 AM By Stu Sjouwerman

The US Federal Bureau of Investigation has sent out a private industry notification (PIN) warning that cybercriminals are using search engine ads and search results to spread phishing ...

A New Smishing Trojan is Out and About

May 12, 2021 9:49:21 AM By Stu Sjouwerman

Researchers at Pradeo have observed a new Android malware campaign that uses text messages asking victims to pay a small fee for a delivery. The messages contain a link that will install ...

New QuickBooks-Themed Phishing Attack Seeks to Infect Victims with Dridex Malware

May 12, 2021 8:18:57 AM By Stu Sjouwerman

Purporting to be invoices and payment reminders, this new campaign targets users of the popular accounting software to install the banking trojan on its victims endpoints.

Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

May 12, 2021 8:18:54 AM By Stu Sjouwerman

New data from Mimecast shows how email-based threats are not only the greatest perceived concern, but are proving to be the reason for increased experienced attacks.

Phishing Scammers Remove ‘External Sender’ Email Warnings Impersonating Internal Users

May 12, 2021 8:18:49 AM By Stu Sjouwerman

With little more than some CSS and HTML coding, a security researcher demonstrates how easy it is to eliminate security warnings placed on email messages by security products.

KnowBe4 Named a Leader in the Spring 2021 G2 Grid Report for Security Awareness Training

May 12, 2021 8:00:00 AM By Stu Sjouwerman

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.

Your Organization Needs to Take Security Awareness Training More Seriously

May 11, 2021 4:08:50 PM By Roger Grimes

Your organization needs to take security awareness training (SAT) more seriously. I mean truly serious, really serious, and not relegated to some quasi-, semi-serious status that the vast ...

Wine-Themed Phishing Attacks Have Turned Sour During the Pandemic

May 11, 2021 12:45:30 PM By Stu Sjouwerman

Scammers took advantage of people’s desire to order wine online during the pandemic, Decanter reports. Researchers at Recorded Future disclosed in a recent report that wine-related ...

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

May 11, 2021 12:00:00 PM By Stu Sjouwerman

According to Bleeping Computer, Microsoft reported that a large business email compromise (BEC) campaign has targeted dozens of organizations. The industries targeted varied from real ...

CyberheistNews Vol 11 #18 [Heads Up] End-User Attempt to Pirate Software Leads to Ryuk Ransomware Attack

May 11, 2021 10:02:40 AM By Stu Sjouwerman

Fake Court Order Used to Take Over Domains

May 11, 2021 9:00:39 AM By Stu Sjouwerman

Motherboard reports that a scammer used a phony court order to trick a domain registrar into giving them control over a domain that posted links to dark web drug markets. The scammer then ...

[ALERT] Time to Truly Reckon with the Dark Reality of Ransomware’s Critical Costs

May 11, 2021 8:26:43 AM By Perry Carpenter

By now, I’m sure you’ve already been inundated with all the news about the US’s largest gasoline pipeline being shut down and restarted because of a ransomware attack. As reported by the ...

[On-Demand Webinar] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

May 10, 2021 10:00:00 AM By Stu Sjouwerman

Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap ...

Student’s Attempt to Pirate Software Leads to Ryuk Ransomware Attack

May 7, 2021 8:45:52 AM By Stu Sjouwerman

Bleeping Computer recently reported that a student attempted to pirate expensive data visualization software, which resulted in a Ryuk ransomware attack.

KnowBe4 Fresh Content Updates from April: Including New AI-Driven Phishing Feature

May 7, 2021 8:40:27 AM By Stu Sjouwerman

Here are important fresh content updates and new features to share with you that happened in the month of April.

[NEW FEATURE] AI-Driven Phishing Helps Admins Deliver a Personalized Simulated Phishing Experience to Each User

May 6, 2021 4:50:21 PM By Stu Sjouwerman

We are excited to announce the availability of KnowBe4’s new AI-Driven Phishing feature. The KnowBe4 phishing platform now leverages machine learning to recommend and deliver informed and ...

Security Awareness Training Blog

View Topics

Paying the Ransom Is Not Just About Decryption

Kicking You While You’re Down: Ransomware Attacks Begin to Adopt a “Triple Extortion” Model

Ransomware Attack Demands Cause Cyber Insurance Claim Amounts to Skyrocket

New Verizon DBIR: Credentials Stolen in 85% of Social Engineering Breaches

FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials

A New Smishing Trojan is Out and About

New QuickBooks-Themed Phishing Attack Seeks to Infect Victims with Dridex Malware

Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

Phishing Scammers Remove ‘External Sender’ Email Warnings Impersonating Internal Users

KnowBe4 Named a Leader in the Spring 2021 G2 Grid Report for Security Awareness Training

Your Organization Needs to Take Security Awareness Training More Seriously

Wine-Themed Phishing Attacks Have Turned Sour During the Pandemic

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

CyberheistNews Vol 11 #18 [Heads Up] End-User Attempt to Pirate Software Leads to Ryuk Ransomware Attack

Fake Court Order Used to Take Over Domains

[ALERT] Time to Truly Reckon with the Dark Reality of Ransomware’s Critical Costs

[On-Demand Webinar] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

Student’s Attempt to Pirate Software Leads to Ryuk Ransomware Attack

KnowBe4 Fresh Content Updates from April: Including New AI-Driven Phishing Feature

[NEW FEATURE] AI-Driven Phishing Helps Admins Deliver a Personalized Simulated Phishing Experience to Each User

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search