Enterprise Organizations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Sep 16, 2021 2:07:40 PM By Stu Sjouwerman

Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...

Probability of Experiencing a Vendor Email Compromise Attack Increases 96%

Sep 16, 2021 2:07:36 PM By Stu Sjouwerman

Vendor Email Compromise requires first taking control of a strategic email account within the victim organizations. According to new data, cybercriminals are getting really good at this.

New Phishing Attack on Microsoft 365 Users Leverages Open Redirects to Avoid Detection

Sep 16, 2021 8:55:52 AM By Stu Sjouwerman

The use of open redirects from legitimate domains makes phishing emails that much more believable and credible, obfuscating the dangerous nature of these attacks.

That's Not the US Department of Transportation, It's a Phishing Attack

Sep 16, 2021 8:55:37 AM By Stu Sjouwerman

A phishing campaign is impersonating the US Department of Transportation (USDOT), according to Roger Kay at INKY. The campaign is targeting infrastructure contractors who are eager to bid ...

Brute Force Attacks are on the Rise as June sees a 671% increase

Sep 16, 2021 8:55:00 AM By Stu Sjouwerman

With nearly one-third of all organizations targeted in a single week and just above one-quarter on the average, attempts to access externally facing resources is growing in popularity and ...

Researchers Discover Vulnerability Used for Deception and SSID Stripping

Sep 15, 2021 8:55:42 AM By Stu Sjouwerman

Researchers at AirEye have discovered a vulnerability in the way in which devices connect to wireless networks that could allow an attacker to trick a user into connecting to a malicious ...

U.S. Cyber Command General Promises 'Surge' To Fight Ransomware Attacks

Sep 15, 2021 7:08:10 AM By Stu Sjouwerman

The Hill reported 9/14/2021: "Gen. Paul Nakasone, the head of U.S. Cyber Command and director of the National Security Agency (NSA), is working to “surge” efforts to respond to the ...

Register for the Cybersecurity Virtual Summit KB4-CON EMEA Today!

Sep 15, 2021 6:00:00 AM By Stu Sjouwerman

We’re thrilled to host our first KB4-CON Cybersecurity Virtual Summit specifically for EMEA (Europe, the Middle East and Africa). At this one-of-a-kind event you’ll hear world-renowned ...

CyberheistNews Vol 11 #36 [EYE OPENER] The Number Of Daily Ransomware Attacks Skyrockets Nearly 1,000% In 2021

Sep 14, 2021 9:54:34 AM By Stu Sjouwerman

Social Media as Artillery Preparation for Spear Phishing

Sep 14, 2021 9:18:49 AM By Stu Sjouwerman

Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...

Business Email Compromise Scam takes New Hampshire Town for $2.3 Million

Sep 13, 2021 11:39:52 AM By Stu Sjouwerman

Social engineering is at the heart of this attack, where scammers successfully tricked a town into redirecting not just one but several bank transfers.

Ransomware Resurrection? REvil Servers Come Back Online

Sep 13, 2021 11:39:33 AM By Stu Sjouwerman

After months of what was thought to be the retirement of the REvil ransomware gang, REvil-related systems and Tor sites popped up on the Dark Web last week.

Blame it on the Lizard Brain

Sep 13, 2021 8:45:18 AM By Stu Sjouwerman

People need to work to overcome their inherent biases in order to avoid falling for social engineering attacks, according to Heidi Mitchell at the Wall Street Journal.

A Master Class on Cybersecurity: Roger Grimes Teaches Data-Driven Defense

Sep 13, 2021 8:00:00 AM By Stu Sjouwerman

Even the world’s most successful organizations have significant weaknesses in their cybersecurity defenses, which today’s determined hackers can exploit at will. There’s even a term for ...

Wanting to Stream the Italian Grand Prix This Weekend? It Might Be a Scam.

Sep 10, 2021 8:46:11 AM By Stu Sjouwerman

With so many fans worldwide wanting to watch the race online, cybercriminals have stepped up to meet the demand with fraudulent websites intent on stealing credit card details.

Five Signs of Social Engineering

Sep 9, 2021 4:58:21 PM By Roger Grimes

Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...

A Look at Phishing Keywords

Sep 9, 2021 10:37:52 AM By Stu Sjouwerman

Researchers at Expel offer a useful list of the top keywords used in phishing emails. First on the list is the word “invoice,” which is a general term that will be relevant to most ...

The Number of Daily Ransomware Attacks Increase Nearly 1000% in 2021

Sep 8, 2021 4:06:28 PM By Stu Sjouwerman

New analysis of cyberattack data by security vendor Fortinet sheds light on not only how much ransomware is really being experienced, but who’s being attacked the most.

The Amount of Weekly New Phishing URLs Has Grown Nearly 2.5x Since 2020

Sep 8, 2021 4:06:10 PM By Stu Sjouwerman

The increase in remote users mixed with a lack of adjusting to cloud-based security services likely created the perfect opportunity for cybercriminals.

BEC, Fraud, and Ransomware Attacks Are All on the Rise and Costing More Than Ever

Sep 8, 2021 4:05:54 PM By Stu Sjouwerman

New data from cyber insurer Coalition puts the spotlight on not only how much worse attacks are getting, but claim data paints the picture that organizations just aren’t ready.