Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Nuclear Ransomware 3.0: It Is About To Get Much Worse

Oct 27, 2021 4:28:01 PM By Roger Grimes
If you think ransomware is bad, it is about to get much, much worse. What will ransomware gangs do? Just everything.
Continue Reading

Cybercriminals are using Craigslist email notifications to send phishing links

Oct 27, 2021 9:16:47 AM By Stu Sjouwerman
Cybercriminals are using Craigslist email notifications to send phishing links, according to Roger Kay at INKY. The emails contain links to download a document with malicious macros.
Continue Reading

CyberheistNews Vol 11 #42 [EYE OPENER] Why Security Awareness Testing Alone Isn't Enough

Oct 26, 2021 9:41:20 AM By Stu Sjouwerman
Continue Reading

Russian SolarWinds Hackers Newly Attack Supply Chain With Password-Spraying and Phishing

Oct 26, 2021 9:38:10 AM By Stu Sjouwerman
Researchers at Microsoft have observed an attack phishing campaign by Russia’s SVR that’s targeting resellers and managed service providers. Microsoft tracks this threat actor as ...
Continue Reading

New Ransomware Variant Brings with it the Dawn of the Era of “Quintuple-Extortion”

Oct 26, 2021 8:44:23 AM By Stu Sjouwerman
A ransomware gang with a new variant is trailblazing us towards the future of ransomware by making threats that go well beyond the simple ransom transactions of yesterday.
Continue Reading

Perry Carpenter Interviews with Safety Detectives

Oct 26, 2021 8:44:02 AM By Stu Sjouwerman
Our very own Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, recently interviewed with Aviva Zacks of Safety Detectives.
Continue Reading

Celebrity Hacks and the Frenzy of Renown

Oct 25, 2021 10:50:10 AM By Stu Sjouwerman
Avast offers a look at incidents in which celebrities have been the victim of social engineering attacks. The firm notes that while celebrities are higher profile targets, attackers use ...
Continue Reading

Phishing Campaign Targets Organizations in India and Afghanistan

Oct 21, 2021 9:31:57 AM By Stu Sjouwerman
A threat actor based in Pakistan is targeting entities in India and Afghanistan with malware-laden websites, according to researchers at Cisco Talos.
Continue Reading

New Impersonation Attack Demonstrates That Threat Actors Don’t Need to Get the Logo Correct

Oct 20, 2021 10:15:50 AM By Stu Sjouwerman
A new trend in social engineering and impersonation emerges as cybercriminals take advantage of a user’s inability to properly identify fake corporate logos in phishing attacks.
Continue Reading

Cybercriminal Group SnapMC Takes a Page from Ransomware Gangs in Data Breach-Turned-Extortion Attacks

Oct 20, 2021 10:15:40 AM By Stu Sjouwerman
New analysis of attacks shows threat actors that traditionally focus on stealing data are now utilizing extortion as their monetization strategy, converging tactics with ransomware ...
Continue Reading

Deepfake Technology is Cloning a Voice from the C-Suite

Oct 20, 2021 10:15:27 AM By Stu Sjouwerman
Criminals used deepfake technology to steal $35 million from a company in the United Arab Emirates, Forbes reports. The attackers used “deep voice” technology to spoof the voice of a ...
Continue Reading

U.S. Government Says To Avoid Phishing-Resistant MFA

Oct 20, 2021 10:15:13 AM By Roger Grimes
The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is ...
Continue Reading

Why Security Awareness Testing Alone Isn’t Enough

Oct 19, 2021 1:33:12 PM By Stu Sjouwerman
Here is a story from one of our customers who wants to help other organizations like you strengthen their cybersecurity practices. Find out about the important lessons they learned when ...
Continue Reading

CyberheistNews Vol 11 #41 [EYE OPENER] Two-Thirds of Organizations Have Been a Target of Ransomware

Oct 19, 2021 9:34:19 AM By Stu Sjouwerman
Continue Reading

1 in 3 IT Organizations Have no Cyberattack Incident Response Plan

Oct 19, 2021 8:21:20 AM By Stu Sjouwerman
Despite increases in ransomware attacks, ransom amounts and how often payments are made, new data shows organizations aren’t responding in kind and putting response plans in place.
Continue Reading

Ex-Bank of America Employee Charged with Business Email Compromise Money Laundering

Oct 19, 2021 8:21:16 AM By Stu Sjouwerman
A three-person team – including a personal banker at Bank of America – have been indicted for reportedly being behind a BEC scam that took 5 companies for over $1.1 Million.
Continue Reading

We Are Official Guinness World Records Holders!

Oct 18, 2021 1:02:59 PM By Stu Sjouwerman
It gives us great pleasure to announce that Eskenzi PR, KnowBe4 and OneLogin now hold the Guinness World Records® title for the Most views of a cybersecurity lesson video on YouTube in 24 ...
Continue Reading

Iranian Phishing Campaigns Are Running Rampant

Oct 18, 2021 8:45:54 AM By Stu Sjouwerman
Researchers at Google’s Threat Analysis Group (TAG) are tracking phishing campaigns by the Iranian threat actor APT35 (also known as Charming Kitten). The attackers used compromised ...
Continue Reading

Two-Thirds of Organizations Have Been a Target of Ransomware

Oct 15, 2021 11:08:47 AM By Stu Sjouwerman
The latest data reveals ransomware’s pervasiveness throughout every industry, size, and type of organization, confirming its’ place as the number one cyberthreat today - and a glaring ...
Continue Reading

U.S. Treasury Puts Out New Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments

Oct 14, 2021 3:13:42 PM By Stu Sjouwerman
An update to the October 2020 advisory, the U.S. Treasury warns companies to mitigate ransomware attacks rather than paying ransoms to threat actors that pose a threat to national ...
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews