Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

80% of Ransomware Victim Organizations Experience a Second Attack

Leaked Copies of Windows 11 Could Be Tempting Phishbait for Techies

Why Phishing Attacks Are So Easy, Successful and Profitable – and What to do About It

The Number of Phishing Sites in March Was Twice That of the Previous Year

KnowBe4 Makes eSecurity Planet's Best Security Awareness Training for Employees 2021 List

Credential Stuffing in the Travel and Retail Sectors

CyberheistNews Vol 11 #24 [Scam of the Week] If Your Users Are Amazon Shoppers, Heed This Prime Day Phishing Alert

Understanding Ransomware’s True Costs

[Heads Up] If You're an Amazon Prime Shopper, Heed This Prime Day Phishing Alert

Bad Security Habits During the Pandemic

Ragnar Locker Ransomware Finds Its Next Victim in Taiwan Computer Memory Manufacturer ADATA

The Number of Phishing Websites Hits an All-Time High Reaching Nearly 350% Growth

Tax Organizations Need to Focus on Cybersecurity

New BEC Phishing Attack Steals Office 365 Credentials and Bypasses MFA

Bad Cyber Hygiene: 54% Of Employees Admit They Use the Same Passwords Across Multiple Work Accounts

CyberheistNews Vol 11 #23 [Heads Up] Ransomware Attacks Run Rampant As Fujifilm Becomes the Next Victim

EA Got Social Engineered via Slack Channel and Lost 780 GB valued Millions

New “Ransomware Update” Phishing Attack Seeks to Enjoy the Same Successes as the Recent Pipeline Attack

Fax/Scan Phishing Attacks Jump Nearly 500% as Workers Return to the Office

KnowBe4 Earns 2021 Top Rated Award from TrustRadius

Deal or No Deal: The Double-edged Sword of the IT Security Bundle

Insights Into Credential Phishing

FINRA Warns U.S. Brokerage Firms of New Phishing Campaign Threatening Penalties for Non-Compliance

Ransomware Tops IBMs List of Most Observed Attack Types with Sodinokibi Maintaining the Lead

78% of CISOs Say Attacks Have Increased as a Result of More Employees Working from Home

Chinese Hacker Group Debuts After 3 Years of Testing with a Previously Unseen Backdoor Exploit

The Future Of Ransomware

CyberheistNews Vol 11 #22 [Heads Up] New Email Attack Takes a Phishing-Turned-Vishing Angle To Steal Credit Card Info

Phishing Trends Show Adult Themes Have Skyrocketed 974%

KnowBe4 Fresh Content Updates from May: Including New Mobile-First Training Modules

Ransomware Attacks Run Rampant as Fujifilm Becomes the Next Victim

[REUTERS BREAKING NEWS] U.S. to give ransomware hacks similar priority as terrorism

Everyone Has It Wrong. It Is Not Double Extortion, It Is Quintuple Extortion!

Ransomware's Impact Highlights the Threat of Social Engineering

REvil Ransomware Behind Attack on the World’s Largest Meat Producer

Fake Positive Reviews Mask Spoofed Browser Extensions

[On-Demand Webinar] Learn to Detect and Defend Against Supply Chain Attacks Before They Compromise Your Network

Use of TLS to Obfuscate Malicious C2 Communications Doubles in the Last Year

Two-Thirds of Organizations Plan to Improve Their Cybersecurity in the Wake of Devastating Ransomware Attacks

Cyber Hygiene not a Focus for Cybersecurity Leaders, Despite Being Targets of Attacks Themselves

New Ransomware Strain Epsilon Red is Reported

CyberheistNews Vol 11 #21 [Heads Up] The Cybersecurity Insurance Landscape Is Fundamentally Changing Right Now

[Heads Up] Microsoft: SolarWinds hackers spear phish govt agencies from 24 countries

New Email Attack Takes a Phishing-Turned-Vishing Angle to Steal Credit Card Info

Get Prepared Now: New Executive Order Signals Cyber Regulations in the Future

Business Email Compromise Attacks Are Evolving, Becoming More Convincing and More Expensive

New Would-Be Ransomware Attack Only Focuses on Stealing Data via the Java-Based STRAAT Malware

Call Centers Used to Distribute BazarLoader

A Popular Fraud Combo is Back: Elon Musk and Bitcoin

Cybersecurity Insurance Landscape Is Fundamentally Changing Right Now

CyberheistNews Vol 11 #20 [Heads Up] Advanced Persistent Threat Uses New Spoofed Domains in Social Engineering Attacks

UK Royal Mail Smishing Crew Nabbed By City Of London Police

[On-Demand Webinar] Setting the Trap: Crafty Ways the Bad Guys Trick Your Users to Own Your Network Featuring Kevin Mitnick

More Targeted Phishing Attacks Are Coming!

Low-Grade Ways of Bypassing Email Scanners

Ransomware-as-a-Service is Organizing, Becoming More Devastating and Costly

The FBI’s Internet Crime Complaint Center Marks Its 6 Millionth Complaint as Pace Accelerates

Credential Stuffing the Financial Services Sector

When Cryptocurrency Investments Really Are Too Good To Be True

Transparent Tribe Uses Spoofed Domains in Social Engineering Attacks

CyberheistNews Vol 11 #19 [Heads Up] Phishing Scammers Can Now Remove the ‘External Sender’ Email Warnings

[NEW PhishER Feature] Flip the Script on Phishing Emails with PhishFlip

Ransoms Increase 43% as More Ransomware Attacks Include the Threat to Leak Exfiltrated Data

Healthcare Organizations Should Expect Cyber Insurance Premiums to Increase 25 to 50% This Year

Paying the Ransom Is Not Just About Decryption

Kicking You While You’re Down: Ransomware Attacks Begin to Adopt a “Triple Extortion” Model

Ransomware Attack Demands Cause Cyber Insurance Claim Amounts to Skyrocket

New Verizon DBIR: Credentials Stolen in 85% of Social Engineering Breaches

FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials

A  New Smishing Trojan is Out and About

New QuickBooks-Themed Phishing Attack Seeks to Infect Victims with Dridex Malware

Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

Phishing Scammers Remove ‘External Sender’ Email Warnings Impersonating Internal Users

KnowBe4 Named a Leader in the Spring 2021 G2 Grid Report for Security Awareness Training

Your Organization Needs to Take Security Awareness Training More Seriously

Wine-Themed Phishing Attacks Have Turned Sour During the Pandemic

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

CyberheistNews Vol 11 #18 [Heads Up] End-User Attempt to Pirate Software Leads to Ryuk Ransomware Attack

Fake Court Order Used to Take Over Domains

[ALERT] Time to Truly Reckon with the Dark Reality of Ransomware’s Critical Costs

[On-Demand Webinar] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

Student’s Attempt to Pirate Software Leads to Ryuk Ransomware Attack

KnowBe4 Fresh Content Updates from April: Including New AI-Driven Phishing Feature

[NEW FEATURE] AI-Driven Phishing Helps Admins Deliver a Personalized Simulated Phishing Experience to Each User

Strange Chinese APT Interest in Buying Batches of AV Products

New IceID Phishing Attack Targets Website Owners Using Image Copyright Infringement as The Hook

W-2 Form Office 365 Credential Scam Creatively Uses Typeform Service to Bypass Security Checks

Cybersecurity Spend Is Now More Than 20% of the Average IT Budget As 91% of Organizations Suffering an Attack had Operations Impacted

[HEADS UP] New Malware Families Found in Phishing Campaign

Genesis Market: a Study in the C2C Economy

A Snapshot of the Ransomware Landscape

UK IT Decision Makers Fear Their Remote Workers Put Company Data at Risk for Data Breach

CyberheistNews Vol 11 #17 [Heads Up] Mobile Is Now a Big Problem: 97% of Organizations Experienced Attacks in 2020

Do Ransomware Gangs Restore Data, Even After They're Paid?

May the 4th Be With You and Your Users!

The Cost of Remediating a Ransomware Attack More than Doubles and is Quickly Approaching $2 Million

U.K. Royal Mail-related Phishing Scams Are Up 645%

Ransomware Operators Threaten to Short Victims’ Stocks

Why Should We Care About Personal Smishing Attacks?

Ransomware Demands Spike by 43% Already in 2021

[HEADS UP] Ransomware Gangs are Creating Ransomware Cartels

Scammers Target Rogers Customers With SMS Messages

Federal Reserve Chairman Jerome Powell Cites Cyberthreats as Current “Biggest Concern” to Financial Institutions

Security Culture Influenced by the Global Effects of COVID-19

Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Lazarus Group Uses New Technique to Avoid Detection

Evil Corp Tries to Work Around U.S. Treasury Sanctions Using Hades Ransomware

New Ransomware Task Force Shares Actions To Disrupt Ransomware Cyber Crime

Phishing Campaign Abuses Contact Forms

Mobile is a Problem: 97% of Organizations Experienced Mobile Attacks in 2020

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

Phishing Tactics Help Legitimate Pension Fund to Secure Meetings with Prospective Customers

The Darkside Ransomware Group Is the Dangerous Poster Child for Today’s Ransomware-as-a-Service

A Legitimate Charity Prompts Scam Imitators

FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability

Forrester TEI Study Shows KnowBe4 Can Deliver a Customer ROI of 276% with a Less Than 3-Month Payback

CyberheistNews Vol 11 #16 [Heads Up] COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

Eavesdrop on the Back-and-Forth of Negotiating with a Criminal Ransomware Organization

Currently Popular Social Engineering Tactics

COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

CyberheistNews Vol 11 #15 [HEADS UP] Recent Phishing Attacks Using PDF Files Have Skyrocketed More Than 1,000%

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

[New Benchmarking Feature] Compare Your Organization’s Security Awareness Proficiency with Other Companies in Your Industry

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

3 Ways To Protect Your Identity Online

[HEADS UP] DocuSign Issues Alert of Malicious New Hacking Tool

H Layer Credentialing Announces Security Awareness and Culture Professional (SACP)® Certification

Australian Organizations Increase Cyber Security Spend to Nearly A$5B in 2021

The Digital Workplace is a Cybersecurity Disaster!

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

New Phishing Attacks Bypass Secure Email Gateways Using Some Very Creative Methods

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Phishing Attacks Using PDF Files Have Skyrocketed

The Clop #Ransomware gang is now pressuring  customers of victims threatening that their personal, confidential data will be exposed unless a ransom is paid

The Growing WeTransfer Phishing Campaign Can Put Your Users at Risk

[HEADS UP] New Phishing Attack With .TXT Attachment Can Steal All Your Secrets

CyberheistNews Vol 11 #14 [Heads Up] Phishing Remains the Most Common Form of Attack

[Security Culture Report 2021] A Global Security Culture Perspective During a Pandemic

Key Findings From the 2021 SANS Security Awareness Report

UK Users Should Be Aware of Census-Themed Phishing Attacks

The Inside Man Season 1 Is Now Available on Amazon Prime Video

[HEADS UP] Millions of Facebook Users' Personal Information Has Been Leaked Online

Expect More Travel-Related Phishing as the Pandemic Subsides

Office 365 Phishing Kits Are Being Used in a New Attack Targeting Execs and Finance

Encryption, Exfiltration, and Extortion are the Name of the Game as PSYA Ransomware Attacks on Education Organizations Increase

FBI Warns of “Almost Certain” Deepfake Attacks Over the Next 12-18 Months

KnowBe4 Fresh Content Updates from March: Including New Optional Learning Feature for Your Users

Cybercrime Skyrocketed in the US by 55%

IRS Warns of Phishing for Dot EDU Email Users

FBI's Newly Release Internet Crime Report Shows Cybercrime has Ramped Up in 2020

Recent Phishing Scams that Managed to Bypass Email Security Filters

UK Report Warns of Ransomware Being the 'Perfect Storm'

There Is No Herd Immunity in the Digital World

Ubiquiti Cyber Attack Details Depict a Far More Disastrous Scenario Than Let On

What Is The Reason That Older Users Often Have Problems Using Technology?

CyberheistNews Vol 11 #13 [EYE OPENER] Mom Charged in Deepfake Cheerleading Plot

Aussie TV Network Taken Off Air by Ransomware

Data Breach at Dutch Auto Shops Puts 7,3 Million Car Owners at Risk

Phishing Remains the Most Common Form of Attack

Average Ransoms Triple while Ransomware Incident Response Costs Pile On

REvil Ransomware Now Helps with Extortion by Offering to Call the Victim’s Contractors and the Media

Security Awareness is the Key to Cybersecurity Behavior Change

New Release: 2021 Remote Workforce Security Report

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

[UPDATE] What is SOAR? What Are The Pros And Potential Pitfalls?

Forensically Investigating Phishing To Better Protect Your Organization

Avoid Being Influenced by Instagram Scams

KPMG: Cyber Security Risk Is Now No. 1 Threat To Growth

A Can of Phishbait: from Surveys to Rule Changes to Your Boss's Boss

Nation-State Hacking 2.0: Why Your Organization is Now at Risk from this Evolving Threat

Spoofing Tailored to Financial Departments

Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday

CyberheistNews Vol 11 #12 [Eye Opener] Make No Mistake, This Changes Everything: Nation-State 2.0

Insurers are Warned of Cyber Risk Growth and are Provided a New Cyber Insurance Risk Framework from the New York Department of Financial Services

A Tale of Two Ransomware Variants: Two Ends of the Ransomware Attack Spectrum

Not Your Father's Tech Support Scam

Many Ways To Hack MFA

FBI Warns that PYSA Ransomware is Targeting Schools

[NEW FEATURE] Enhance Your Users’ Learning Experience with Optional Learning

Mom Charged in Deepfake Cheerleading Plot

Another Tax Season, Another Opportunity for Scams

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Losses Exceed $4.2 Billion

[EYE-OPENER] USA CISA Advisory on Trickbot Campaigns: Phishing Training For Employees

Ransomware Attacks Are Growing More Costly and Effective by the Day

Cybercrime Officially Has Its Own Global Ecosystem

Make No Mistake, This Changes Everything: Nation-State 2.0

Give Me £1,000 to Stop Calling You

[THIS IS UGLY] A Hacker Got All My Texts for $16

6 Advanced Email Phishing Attacks

CyberheistNews Vol 11 #11 [AN IMPORTANT] NIST Update That You Should Be Aware Of

FBI Warns Against Deepfakes' Potential for Social Engineering

Beware: Lots of COVID-19 Vaccine-Related Attacks Are Active and Looking for Their Next Victim

Exchange Exploit Attempts Surge Sixfold as Ransomware Lands

The Evolving Cybercriminal Market Has Given Birth to Impersonation-as-a-Service as Attackers Seek to Impersonate at Scale

[On-Demand Webinar] Avoiding Business Email Compromise Phishing Scams During Tax Season

The Most Commonly Spoofed Business-Related Applications in a Phishing Campaign

Microsoft Exchange Server hacks ‘doubling’ every two hours | ZDNet

NIST Updates You Should Be Aware About

[Security Alert Webinar] The Microsoft Exchange Mass Hack Is a Huge Security Risk For All Organizations and What You Can Do About It

Get the latest about social engineering

Subscribe to CyberheistNews