Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[LIVE WEBINAR] Hacking Your Organization: 7 Steps Bad Guys Use to Take Total Control of Your Network

The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end ...
Continue Reading

UK Mid-Sized Firms Lost £30bn to CyberAttacks in 2018

Phil Muncaster at InfoSec Mag reported that "Cybersecurity incidents have cost UK mid-market firms a combined £30bn over the past year as automated attacks become the norm, according to ...
Continue Reading

Is ‘REvil’ the New GandCrab Ransomware?

Brian Krebs wrote: "The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned ...
Continue Reading

NEW SANS Whitepaper: Automating Response to Phish Reporting

As part of his SANS Technology Institute Master's degree, Geoffrey Parker recently published a whitepaper called Automating Response to Phish Reporting that got an A, was made a gold ...
Continue Reading

An Amazon Phishing Scam Hits Just In Time For Prime Day

Amazon has confirmed that Prime Day 2019 will begin at 12 a.m. PT on Monday, July 15 and conclude at 11:59 p.m. PT on Tuesday, July 16.
Continue Reading

TrickBot Malware May Recently Have Hacked 250 Million Email Accounts

Endgadged reported that "TrickBot malware may recently have stolen as many as 250 million email accounts, including some belonging to governments in the US, UK and Canada. The malware ...
Continue Reading

[Heads-up] New Ransomware Strain Targets NAS Devices

ITPro Today reported: "The eCh0raix ransomware uses a brute-force credential attack to gain access to data stored in QNAP NAS devices.
Continue Reading

Pay or Not Pay the Ransom? What’s Your Opinion?

The debate over whether to pay or not to pay the ransom once your system is encrypted is heating up. Yesterday, the US Conference of Mayors approved a resolution coming down in favor of ...
Continue Reading

Effects of Ransomware Don’t End With the Ransom

A Florida city is still struggling to recover from a ransomware attack two weeks after the city paid the ransom, according to the New York Times. The attack began after a city employee ...
Continue Reading

U.S. Coast Guard Warns Shipping Industry on Cybersecurity. Are You Next?

Kim Nash wrote in the WSJ Cybersecurity newsletter: "Avast! Pirates are getting better with cyber weapons on the high seas, WSJ Pro’s James Rundle reports. Maritime freight operators must ...
Continue Reading

Brand-New Ransomware Simulator Tool Now with Two New Ransomware Scenarios

The bad guys are continuing to evolve their approach to evading detection. That’s why we’ve updated our Ransomware Simulation tool “RanSim” to include two new ransomware scenarios!  These ...
Continue Reading

Homeland Security Warning About Phishing As A Threat to 2020 Elections

The US Department of Homeland Security is warning state election officials that phishing attacks are one of the greatest threats to watch out for as the 2020 elections approach.
Continue Reading

Automated Tailored EBAY Spam Campaign Leads to Risky Sites

Automated spam on eBay is spreading tailored phishing messages offering to promote users’ products, and the links the spammers share can lead to dangerous websites, according to Paul ...
Continue Reading

Cybersecurity Remains a Top Priority During M&A Diligence

M&A is no longer just about revenue, assets, and intellectual property; many organizations are increasingly worried about cybersecurity posture and risk, requiring appropriate diligence.
Continue Reading

The Stock Market Doesn’t React Well to Data Breaches

The latest data from UK-based research firm, Comparitech, shows that organizations who suffer a data breach continue to suffer in the stock market well after.
Continue Reading

British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

U.K.-based airline British Airways (BA) is facing a record fine of £183 million ($229 million) after suffering a cyberattack in September last year. The U.K. Information Commissioner’s ...
Continue Reading

Scam Of The Week: Microsoft OneNote Audio Note Phishing Emails

Phishing scammers are coming up with more innovative methods to convince their targets to provide login credentials. Such is the case with a new OneNote Audio Note phishing campaign that ...
Continue Reading

Phishing And Impersonation Attacks Balloon in South Africa

South African companies saw an increase in phishing attacks containing malicious links or attachments in the past year. This is according to Mimecast’s 2019 State of ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews