Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

SEA used spear-phishing in attack on NY Times

Aug 29, 2013 1:45:00 PM By Stu Sjouwerman
A spear-phishing attack, one of the most common and oldest cyber tricks in the book, enabled hackers to hijack and modify the DNS records for several domains on Tuesday, including The New ...
Continue Reading

Cybercrime Automates Fake ID's For Spear-phishing

Aug 28, 2013 9:39:00 AM By Stu Sjouwerman
Today it was reported through several sources that a new Cybercrime-as-a-Service option is available: creation of fake scanned passports, ID cards, driver's licenses and fake scanned ...
Continue Reading

CyberheistNews Vol 3, # 35 Security-Awareness-Training-Newsletter

Aug 27, 2013 9:21:00 AM By Stu Sjouwerman
CyberheistNews Vol 3, # 35
Continue Reading

April 8, 2014: WinXPGeddon

Aug 26, 2013 4:01:00 PM By Stu Sjouwerman
If you still run Windows XP April 2014, you've got a timebomb on your hands if that system is still connected to the Internet. Stand-alone systems are a bit less of a risk.
Continue Reading

Electronic ID cards join fight against phishing attacks

Aug 26, 2013 3:59:00 PM By Stu Sjouwerman
Phishing attacks are believed to have hit 37.3 million people last year, escalating online password theft 300%. To fight back against this type of cyberattack, a team of researchers at ...
Continue Reading

New Cybercrime-as-a-Service: Unethical Pen-testing

Aug 25, 2013 3:00:00 PM By Stu Sjouwerman
I have talked about this a few times before, there is a well-developed $3 Billion underground economy specialized in cybercrime. Here is an example of a "promising" new criminal DIY ...
Continue Reading

Cyber risk weighs heavy on minds of execs

Aug 21, 2013 4:26:00 PM By Stu Sjouwerman
Tony Bradley at CSO Mag has a good analysis: " There is good news and bad new stemming from the Lloyd’s of London Risk Index 2013 report. The good news is that cyber risk is gaining more ...
Continue Reading

CyberheistNews Vol 3, 34 Security Awareness Training Newsletter

Aug 20, 2013 9:26:00 AM By Stu Sjouwerman
CyberheistNews Vol 3, # 34
Continue Reading

IT Security Is Broken Bad

Aug 18, 2013 11:48:00 AM By Stu Sjouwerman
With the TV show Breaking Bad in its last season, this seems to be a fun title. However, the topic is not all that much fun. You should realize it's not a question of when you will be ...
Continue Reading

Are Your Email Addresses On A Russian Phishing Site?

Aug 18, 2013 11:34:00 AM By Stu Sjouwerman
We are finding many U.S. commercial email addresses at the Russianemailsworld.boommer.ru website. It is really a 'staging' area for emails to be posted by the criminal underground. They ...
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

Aug 16, 2013 8:40:00 AM By Stu Sjouwerman
You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Forbes: IT Security Industry To Expand Tenfold

Aug 15, 2013 10:31:00 AM By Stu Sjouwerman
Richard Stiennon, Forbes contributor makes a stunning prediction. He claims that most organizations have woefully underspent for IT Security and now that governments around the world have ...
Continue Reading

Hackers put a bull's-eye on small business

Aug 15, 2013 10:05:00 AM By Stu Sjouwerman
Less than 500 employees? You’ve got a 20 percent chance of being hacked, and if it happens there’s a good chance your business is finished.
Continue Reading

CyberheistNews Vol 3, 33

Aug 13, 2013 9:13:00 AM By Stu Sjouwerman
CyberheistNews Vol 3, # 33
Continue Reading

We started trusting bad code from Day One

Aug 11, 2013 2:08:00 PM By Stu Sjouwerman
Vint Cerf – Photo by Charles Haynes
Continue Reading

Scam Of The Week: "Held For Ransom"

Aug 10, 2013 9:16:00 AM By Stu Sjouwerman
You should alert your users that a particularly effective scam is growing by leaps and bounds recently. It's not new, but it's bursting into mainline cybercrime these last few weeks. The ...
Continue Reading

Watching Porn on a Mobile …Risky?

Aug 8, 2013 11:26:00 AM By Stu Sjouwerman
The Internet has its own Red Light District, and it is one of the most unsafe areas you can browse. Online porn is a profitable sideline for the adult industry, but a mainline business ...
Continue Reading

CyberheistNews Vol 3, 32

Aug 6, 2013 9:46:00 AM By Stu Sjouwerman
CyberheistNews Vol 3, # 32
Continue Reading

Debate: Security Training Effective? What's Your Opinion...

Aug 3, 2013 1:35:00 PM By Stu Sjouwerman
In the August issue of SC Magazine yours truly is one of the two experts that discuss whether security training is an effective strategy in the workplace. My counterpart is Dave Aitel, ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews