Cybersecurity Top Risk Consideration In Board Room

Dec 31, 2014 2:23:30 PM By Stu Sjouwerman

The Wall Street Journal polled its readers and asked them to rate the top compliance issues of 2014. The answers were very interesting!

Schneier: Sony Hackers May Have Had Inside Help

Dec 31, 2014 1:11:22 PM By Stu Sjouwerman

Well-known IT Security guru Bruce Schneier commented on recent discoveries related to the Sony Hack. First of all, an analysis of the timestamps on some of the leaked documents shows that ...

Defense In Depth: Your Answer To Social Engineering

Dec 31, 2014 1:04:36 PM By Stu Sjouwerman

Organizations defend their networks on each of the six levels in the green graph you see. End-user Internet Security Awareness Training resides in the outer layer: ‘Policies, Procedures, ...

New ransomware called "extortionware" in 2015? Not so much...

Dec 30, 2014 4:17:00 PM By Stu Sjouwerman

TK Keanini, CTO, Lancope wrote a 2015 Predictions editorial over at SC Magazine. He said he expects more malware like CryptoLocker and CryptoWall over the next 12 months, but also ...

A new strain of "ransomware" is striking

Dec 30, 2014 3:02:49 PM By Stu Sjouwerman

Mitch Lipka of CBS Moneywatch wrote:

2015 Crystal Ball / Three Scams To Warn Your Users About

Dec 30, 2014 9:23:00 AM By Stu Sjouwerman

CyberheistNews Vol 4 #51 Dec 30, 2014 2015 Crystal Ball / Three Scams To Warn Your Users About During my 15-year stint as the editor of WServerNews, I always started the year with a ...

Three Scams To Warn Your Users About

Dec 29, 2014 9:54:00 AM By Stu Sjouwerman

It's the holidays and the bad guys are working overtime. There are three scams you want to warn your users about. Remember the Phil Esterhaus character in Hill Street Blues? To begin ...

Security Awareness Training in 2015

Dec 25, 2014 10:45:53 AM By Stu Sjouwerman

Lance Spitzner at the SANS Securing The Human program and I have a lot in common; we evangelize effective security awareness training and we both drive a Tesla. In his 22 December 2014 ...

Cybercrime group steals millions from Russian banks and targets US

Dec 25, 2014 9:26:00 AM By Stu Sjouwerman

This is actually quite interesting, hackers that are successful inside Russia, as normally these guys are shut down by the FSB in a heartbeat. It must be that they are outside of the ...

Nine Data Breaches That Cost Someone Their Job

Dec 25, 2014 8:44:43 AM By Stu Sjouwerman

Following last year’s big announcement of not just Target’s data breach but executive job loss, CSO lays out 9 data breaches resulting in job loss. They compare Target alongside other ...

Sony Pictures Cyber Attack TIMELINE

Dec 24, 2014 12:07:39 PM By Stu Sjouwerman

This Sony Pictures Cyber Attack TIMELINE by the www.databreachtoday.com site is quite interesting.

Announcing InfoSec World 2015

Dec 23, 2014 5:42:00 PM By Stu Sjouwerman

MIS Training Institute (MISTI) and their esteemed Advisory Board are excited to present the InfoSec World 2015 Conference & Expo. KnowBe4's CyberheistNews is a Media Sponsor for the ...

Phishing Attack on German Steel Factory System Caused Massive Damage

Dec 23, 2014 3:06:00 PM By Stu Sjouwerman

Hackers breached security of a German steel mill's network and caused considerable damage by manipulating the controls of a blast furnace. The attackers gained access to the network ...

CyberheistNews Vol 4 #49 Dec 23, 2014

Dec 23, 2014 9:18:00 AM By Stu Sjouwerman

Lessons Learned From The Sony Pictures Hack Bruce Schneier reminded me of an old but very relevant concept in IT Security. There are two types of attacks: opportunistic and targeted. And ...

Scam of The Week: LinkedIn Greeting Cards Carrying Malware

Dec 22, 2014 4:37:00 PM By Stu Sjouwerman

System admins hold the keys to the kingdom. The NSA is actively hunting for system admin credentials. A popular way to get you to click on something that installs zero-day malware on your ...

Malware Used To Wipe Sony's Drives Was Quick And Dirty

Dec 22, 2014 9:44:20 AM By Stu Sjouwerman

It's still not clear (and it may never be discovered) how the Democratic People's Republic of (North) Korea (DPRK) hackers came in, perhaps they used all available threat vectors since ...

Staples: 6-Month Malware Breach, 1.16 Million Cards

Dec 20, 2014 11:36:00 AM By Stu Sjouwerman

Office supply chain Staples Inc. today finally acknowledged that a malware intrusion by hackers this year at some of its stores resulted in a credit card breach. The company now says some ...

Lessons Learned From The Sony Pictures Hack

Dec 20, 2014 10:37:00 AM By Stu Sjouwerman

Bruce Schneier reminded me of an old but very relevant concept in IT Security. There are two types of attacks: opportunistic and targeted. And then you can characterize attackers on two ...

Malicious links: Spammers change malware delivery tactics

Dec 18, 2014 5:58:56 PM By Stu Sjouwerman

Symantec just put this out and I thought you might be interested. They are seeing a lot of hackers using Upatre and Ponik malware over the last couple of months, delivered by spam email ...

I simply could not resist this vanity plate

Dec 18, 2014 5:34:05 PM By Stu Sjouwerman

Hackers Spear-phish ICANN And Compromise DNS Zone System

Dec 18, 2014 3:58:00 AM By Stu Sjouwerman

It does not get any worse than this. Or better than this, if you are a criminal hacker. Domain-name management organization ICANN announced it has been hacked and its DNS zone ...

[InfoGraphic] The Most Used InfoSec Words In 2014

Dec 17, 2014 9:32:23 AM By Stu Sjouwerman

We took almost 25,000 Hackbusters #infosec articles from 100+ feeds in 2014 and tabulated the hot topics. This "word-cloud" infographic is the result! What's Really The #1 Hot InfoSec ...

New Ransomware called KEYHolder from CryptorBit Cybergang

Dec 16, 2014 3:04:08 PM By Stu Sjouwerman

Bleeping Computer had the scoop again: " A new ransomware has been released called KEYHolder that is from the same developers of CryptorBit . Like CryptorBit, this infection encrypts your ...

CyberheistNews Vol 4 #48 Spike In Hoax News Spreading Malware

Dec 15, 2014 4:46:00 PM By Stu Sjouwerman

CyberheistNews Vol 4 #48 Dec 16, 2014

Breaking News 2 New Ransomware Strains

Dec 15, 2014 9:31:00 AM By Stu Sjouwerman

#1 OphionLocker The first one is a new strain of ransomware named OphionLocker. It encrypts your data using strong open source Crypto++ Elliptical Curve Cryptography and then ransoms the ...

Experts: The Human Factor Key Challenge To Information Security

Dec 13, 2014 1:18:29 PM By Stu Sjouwerman

The lack of awareness and understanding of risks is one of the biggest challenges to information security, according to a panel of experts. Research showed that 93% of data breaches ...

Ransomware Beats APT In Terms Of Severe Impact

Dec 13, 2014 12:37:00 PM By Stu Sjouwerman

MalwareBytes Research showed that in the year 2014, 82% of companies were attacked online. Their research also showed that browser vulnerabilities will be the biggest challenge going ...

Phishing Quiz: Can You Spot A Scam? Don't Be So Sure

Dec 13, 2014 12:06:39 PM By Stu Sjouwerman

Phishing Quiz: Can You Spot A Scam? Don't Be So Sure CBSNews wrote: "Phishing emails have gotten so convincing that even the experts can be taken in by a well-crafted fake. That's what ...

Scam Of The Week: Spike In Hoax News Spreading Malware

Dec 13, 2014 10:20:00 AM By Stu Sjouwerman

The year 2014 has seen a boom on hoax news stories, as these are particularly successful social engineering tactics used by hackers to get people to click on links, and worse, share the ...

Ransomware on National Public Radio: To Pay Or Not To Pay?

Dec 9, 2014 11:30:07 AM By Stu Sjouwerman

Aarti Shahani, the tech reporter of National Public Radio created a compelling story about the scourge of ransomware that is taking over America. The title of the story is:

eWeek Alerts IT Pros About Self-Replicating Ransomware

Dec 9, 2014 11:00:00 AM By Stu Sjouwerman

Wayne Rash at eWeek picked up on the virRansom news and explained to his readers that this is a nasty new hybrid ransomware strain that needs to be protected against rather sooner than ...

CyberheistNews Vol 4 #47 New Hybrid Ransomware Replicates Like A Virus

Dec 9, 2014 9:41:00 AM By Stu Sjouwerman

Heads Up! New Hybrid Ransomware Replicates Like A Virus Here is a powerful piece of ammo to get (more) IT Security budget. SophosLabs labs' blog reported about a new Ransomware strain ...

How Was Sony Pictures Hacked?

Dec 8, 2014 7:21:00 AM By Stu Sjouwerman

Kevin Mandia, who was hired as the forensics expert wrote in a letter to Sony's CEO that the breach was unprecedented, well-planned and carried out by an "organized group". It's the most ...

Phishing Lessons Learned in 2014? Employee Training Matters

Dec 6, 2014 11:33:51 AM By Stu Sjouwerman

Our friends at Wombat created a good summary why security awareness training is a must these days. Why?

Top 10 InfoSec Pain Points

Dec 6, 2014 11:07:00 AM By Stu Sjouwerman

Shipping Problem Phishing Attacks Here Is How They Look

Dec 6, 2014 8:35:12 AM By Stu Sjouwerman

Last CyberheistNews issue, we warned that Black Friday and Cyber Monday were behind us, and that criminal hackers have a "scam calendar" which focuses on major shopping events exactly ...

Heads Up! Nasty New Hybrid Strain: The AIDS of Ransomware

Dec 5, 2014 6:54:00 PM By Stu Sjouwerman

Here is a powerful piece of ammo to get (more) IT Security budget.

Sony The First To Be Hit With Destructive Payload

Dec 2, 2014 9:34:34 AM By Stu Sjouwerman

Sony has been hacked several times, and should have learned their lesson a while ago, but no. This time it is really bad though. Late yesterday the FBI warned U.S. business that the ...

Savvy Hackers Use Spearphishing to steal Wall Street M&A info

Dec 1, 2014 8:02:00 PM By Stu Sjouwerman

What if you knew beforehand about mergers and acquisitions, and could trade with that inside information? Well that's been going on for more than a year.

Security Awareness Training Blog

View Topics

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews