CEO And CFO Fired After Aerospace Company Grounded By CEO Fraud

May 31, 2016 1:06:27 PM By Stu Sjouwerman

Here is a great way for C-level execs to lose their job: allow your company to become the victim of CEO Fraud. That happened to the CEO and CFO of FACC, part of both Airbus' and Boeings' ...

CyberheistNews Vol 6 #22 It's Here. Nasty Ransomware That Spreads Like A Worm.

May 31, 2016 9:46:51 AM By Stu Sjouwerman

CryptoWall, Locky, and Cerber Are Today's Top 3 Ransomware Threats

May 30, 2016 9:39:15 AM By Stu Sjouwerman

US cyber-security firm Fortinet reports that, between April 1, 2016, and May 15, 2016, the top five most prevalent ransomware families were in this order: CryptoWall (41.04%), Locky ...

New Strain Of Cerber Ransomware Being Offered As RaaS On Russian Hacking Forum

May 30, 2016 7:04:48 AM By Stu Sjouwerman

Security Researchers at Forcepoint discovered that a Russian hacking forum on the dark web is selling the Cerber ransomware as a RaaS (Ransom-as-a-service). This is a new form since ...

Are North Koreans The Bad Guys Behind Brazen Cyberheists?

May 29, 2016 9:52:24 AM By Stu Sjouwerman

In March, we posted a story about a cyberheist where hackers tried to steal a cool 1 Billion dollars from the Bangladesh Central Bank, but a simple typo thwarted most of their attempt. ...

The Nightmare of Exploits Past. How Phishing Attacks Use Old Vulnerabilities

May 28, 2016 11:57:16 AM By Stu Sjouwerman

By Eric Howes, KnowBe4's Principal Lab Researcher Remember .PIF files? If you're like us, the extension probably rings a bell somewhere deep in the dustiest recesses of your mind -- the ...

Scam Of The Week: Summer Olympics Canceled in Rio

May 28, 2016 10:29:28 AM By Stu Sjouwerman

Heads-up! There is a spike in phishing attacks with Summer Olympics themes, and in the coming months the bad guys are going to be all over this. Kaspersky Labs researchers are reporting ...

Microsoft Alert: ZCryptor Ransomware With Worm Feature

May 27, 2016 9:56:04 AM By Stu Sjouwerman

Microsoft released an alert about a new ransomware strain called ZCryptor, which works like a worm and spreads via removable and network drives. The MalwareForMe blog reported this first ...

Shields Up! New DMA Locker V4 Unleashes Major Ransomware Assault

May 25, 2016 5:10:28 PM By Stu Sjouwerman

DMA Locker is an excellent example of cybercrime's furious speed of innovation. Version 1 showed up in January 2016, and V2 a month later, but the implementation of the encryption ...

Massive Locky Ransomware Campaign Targets Amazon Users

May 25, 2016 3:20:34 PM By Stu Sjouwerman

Comodo Threat Research Labs just posted an alert that a massive campaign of phishing emails have been sent with a spoofed "from" address: auto-shipping@amazon.com. The subject is “Your ...

CyberheistNews Vol 6 #21 [ALERT] This New Ransomware Strain Adds DDoS Bot Causing More Damage

May 23, 2016 8:38:51 AM By Stu Sjouwerman

[ALERT] Cerber Ransomware Strain Adds DDoS Bot Causing More Damage

May 22, 2016 2:12:49 PM By Stu Sjouwerman

Excuse my French, but Holy S#!+, some ransomware developers have created a new evil way to monetize their operations by adding a DDoS component to their malicious payloads. Security ...

Scam Of The Week: LinkedIn Email Change Your Password

May 21, 2016 10:33:05 AM By Stu Sjouwerman

You probably remember the 2012 LinkedIn data breach. It was a big deal because something like 6.5 million user account passwords were posted online, but LinkedIn never confirmed the final ...

"What methodologies does KnowBe4 use in developing our training?"

May 20, 2016 4:27:44 PM By Stu Sjouwerman

Someone interested in using our integrated platform for training and phishing asked us: ""What methodologies does KnowBe4 use in developing our training?" We use the ARCS Model. ARCS is ...

What does a "Human Firewall" look like, anyway?

May 20, 2016 3:38:11 PM By Stu Sjouwerman

By Eric Howes, KnowBe4's Principal Lab Researcher So you've subscribed to Security Awareness Training that includes training modules as well as simulated phishing campaigns for your ...

We just received the ultimate in weird nested malware

May 20, 2016 11:05:37 AM By Stu Sjouwerman

Last night a customer sent us a phish via the KnowBe4 Phish Alert Button ( free download here) that must win some kind of award for the longest chain of required user interactions -- all ...

How To Stop Your Ex-Girlfriend Sending Nude Photos To A Fake Facebook Profile

May 20, 2016 8:14:37 AM By Stu Sjouwerman

In a case of sophisticated social engineering, a fraudster created a fake profile of actor Vincent Gallo. He then proceeded to engage in a 2-month long scam, flirting online and sending ...

TeslaCrypt Gives Up and Releases Master Decryption Key

May 19, 2016 4:52:39 PM By Stu Sjouwerman

Larry Abrams from the Bleepingcomputer site noted: "In a surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few ...

Tech Support Scammers start locking Windows PCs

May 19, 2016 10:27:06 AM By Stu Sjouwerman

Tech support scammers have come up with a new way to trick users into sharing their payment card information: screen lockers showing fake Windows alerts telling users that their Windows ...

[ALERT] Fraudsters Steal Tax, Salary Data From ADP. Are Employees At Risk?

May 18, 2016 10:33:03 AM By Stu Sjouwerman

It turns out that HR giant ADP, which provides payroll, tax and benefits administration for more than 640,000 companies, was vulnerable to an ID theft scam. The criminal hackers made off ...

CyberheistNews Vol 6 #20 [ALERT] New Evil Android Phishing Trojans Empty Your Bank Account

May 16, 2016 8:53:58 AM By Stu Sjouwerman

Scam Of The Week: Bogus IT Security Company Websites

May 15, 2016 3:46:50 PM By Stu Sjouwerman

Tech Support Scams are nothing new, but the bad guys are furiously innovating and there is a new variation you need to warn your users about. A few years ago this started out with bogus ...

This Has Been A Crazy Week In Ransomware

May 14, 2016 3:04:08 PM By Stu Sjouwerman

That's what Larry Abrams from Bleepingcomputer started out with yesterday, and he was right! We have had six new ransomware strains, one new RaaS (Ransomware-as-a-Service) and one major ...

What Is The #1 Cause Of Healthcare Data Breaches?

May 14, 2016 10:00:51 AM By Stu Sjouwerman

As a new story about hospital ransomware or a stolen laptop containing PHI seemingly emerges every day, it comes as no surprise that healthcare data breaches have steadily increased in ...

Poll Results: "Should Someone Who Falls For A W-2 Phishing Attack Be Fired?"

May 14, 2016 9:15:38 AM By Stu Sjouwerman

It's an interesting question, because the specific circumstances were explained in an article about this particular incident. There were 186 answers to this poll, and here are the results ...

Ransomware and CEO Fraud Dominate 2016

May 13, 2016 11:31:13 AM By Stu Sjouwerman

An interesting Q1-16 threat report from the folks at Proofpoint. Every day, they analyze more than 1 billion email messages, hundreds of millions of social media posts, and more than 150 ...

New Petya Comes Loaded with Double-Barrel Ransomware Attack

May 13, 2016 10:04:42 AM By Stu Sjouwerman

A new twist on the Petya ransomware and how it now uses a backup ransomware attack. Remember, Petya is a new type of ransomware that doesn’t encrypt specific files but makes the entire ...

New evil android phishing trojans empty your bank account

May 12, 2016 7:29:31 AM By Stu Sjouwerman

Infragard warned that the FBI has identified two Android malware families, SlemBunk and Marcher, actively phishing for specified US financial institutions’ customer credentials. The ...

Congress warned about cybersecurity after attempted ransomware attack on House

May 11, 2016 1:20:13 PM By Stu Sjouwerman

In an email provided to TechCrunch, the House technology service desk warned representatives of increased ransomware attacks on the House network. The email warns that attackers are ...

CyberheistNews Vol 6 #19 Scam Of The Week: Hidden Dangers Of HTML Attachments

May 10, 2016 9:18:20 AM By Stu Sjouwerman

InfoSec Analyst: "We Make People Suck At IT Security"

May 7, 2016 2:02:37 PM By Stu Sjouwerman

IT Security analyst Ben Tomhave calls himself an infosec obsessive and I admire his insightful analyses when they appear. This time he commented on the recent attacks that followed the ...

Prince Death Overdose Caught On Video! Stolen out of a spear phishing attack?

May 7, 2016 11:07:32 AM By Stu Sjouwerman

Our CTO was picking up some groceries and saw this at the check-out, stolen straight out of a spear phishing email... or was it? LOL.

The Hidden Dangers of .HTML Attachments

May 7, 2016 4:00:00 AM By Stu Sjouwerman

By Eric Howes, KnowBe4's Principal Lab Researcher Over the past six to nine months .DOC and .JS file attachments have dominated the news surrounding the rise in phishing attacks. The ...

Troy, Mich Investment Firm Loses $500,000 in CEO Fraud

May 6, 2016 11:37:18 AM By Stu Sjouwerman

An employee at a Troy, Mich., investment firm fell for a CEO Fraud attack and was social engineered into transferring almost $500,000 to a Hong Kong bank. The error was noticed eight days ...

New KnowBe4 Feature: Vulnerable Browser Plugin Detection

May 5, 2016 4:08:39 PM By Stu Sjouwerman

How Can I See If My Users Have Vulnerable Browser Plugins Installed? Within your console, you can automatically detect what vulnerable plugins any clickers on your phishing tests have ...

CyberheistNews Vol 6 #18 [ALERT] Ransomware explodes in 2016. Here is the new roundup!

May 2, 2016 8:42:36 AM By Stu Sjouwerman

Verizon 2016 Data Breach Report: "Phishing Tops The List Of Increasing Concerns"

May 1, 2016 12:50:25 PM By Stu Sjouwerman

Verizon yearly does a comprehensive report on security and data breaches. It is excellent ammo to get budget approval for new-school security awareness training. Why? Hundreds of security ...

Security Awareness Training Blog

View Topics

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews