Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

CrowdStrike: "Russian Hackers Attack DC Think Tanks With Phishing Emails"

Aug 31, 2016 8:13:02 AM By Stu Sjouwerman
The Wall Street Journal reported this morning that "A Russian hacking group linked to a series of computer intrusions at the Democratic National Committee and other organizations is now ...
Continue Reading

Two New KnowBe4 Phishing Categories: Scam Of The Week and Reported Phishes of the Week

Aug 29, 2016 5:29:02 PM By Stu Sjouwerman
KnowBe4's Templates Mistress Katie has added two new categories to the System Templates: 1) SCAM OF THE WEEK - this will act as an optional weekly newsletter for you to send to your ...
Continue Reading

CyberheistNews Vol 6 #35 Heads-Up! Voice Message Notification Email Warning Could Be Ransomware

Aug 29, 2016 9:50:18 AM By Stu Sjouwerman
Continue Reading

IT Security Is A Protoscience, Think 19th Century Chemistry

Aug 28, 2016 2:39:14 PM By Stu Sjouwerman
So I get the Andreessen Horowitz newsletter. It has a topic called "Security is a protoscience (and more on 'so you want to work in security') - Michal Zalewski" I'm intrigued so I click ...
Continue Reading

KnowBe4's Field Guide to Macro Warning Screens

Aug 26, 2016 5:29:11 PM By Stu Sjouwerman
Earlier this week today we assisted several companies that were hit by ransomware. Although companies and organizations hit by ransomware can usually pinpoint the source or employee ...
Continue Reading

Ransomware & Voicemail Notifications, Redux

Aug 26, 2016 1:18:45 PM By Stu Sjouwerman
Several days ago we posted about a new ransomware campaign pushing Cerber through malicious ZIP files attached to voicemail-themed phishing emails. Fast on the heels of that campaign ...
Continue Reading

Here is a Real DDoS Plus Ransomware Extortion Attack

Aug 26, 2016 11:05:24 AM By Stu Sjouwerman
One of our customers received the following email today. It's a clear extortion attempt, they are threatening to execute a combined DDoS and Cerber ransomware attack. These bad guys claim ...
Continue Reading

Heads-up! Voice message notification email warning could be ransomware

Aug 24, 2016 2:13:01 PM By Stu Sjouwerman
Don't play voicemail messages from suspicious sources. Example displayed in MS Outlook. Image credit: SANS ISC.
Continue Reading

How Highly Personalized Ransomware Attacks Are Getting

Aug 23, 2016 11:40:48 AM By Stu Sjouwerman
CyberheistNews Subscriber Stuart Sanders sent me this: "A friend of mine in Melbourne Australia has been whacked by several crypto attacks on his clients in the last week. He supports ...
Continue Reading

CyberheistNews Vol 6 #34 [ALERT] Cerber Ransomware Plague Earns 2 Mil With Just 0.3% Victims Paying Up

Aug 22, 2016 9:44:09 AM By Stu Sjouwerman
Continue Reading

Cerber Ransomware Plague Earns 2 Mil With Just 0.3% Victims Paying Up

Aug 21, 2016 8:38:48 AM By Stu Sjouwerman
A new report by Check Point software's researchers showed that Cerber's Ransomware-as-a-Service (RaaS) affiliate program is a success with more than 160 participants at current count, and ...
Continue Reading

Clinton Foundation Gets Spear-Phished By Russians, Hires FireEye To Investigate

Aug 18, 2016 7:38:18 AM By Stu Sjouwerman
REUTERS just reported that the Clinton charitable foundation hired the security firm FireEye to examine its network after seeing indications they might have been hacked by Russians, ...
Continue Reading

FireEye warns 'massive' Locky ransomware campaign hits America

Aug 18, 2016 6:43:52 AM By Stu Sjouwerman
The dangerous Locky ransomware is being hurled at a variety of industries, healthcare being the number one target, according to FireEye researcher Ronghwa Chong. We have talked about ...
Continue Reading

New Feature: 2-Factor Authentication

Aug 17, 2016 4:36:29 PM By Stu Sjouwerman
All user accounts may now be enabled to require MFA (multi-factor authentication) [also called 2FA, 2 Factor Authentication]. Once configured and enabled for an account the system will ...
Continue Reading

KnowBe4 Debuts at #139 on Inc 500 List of America’s Fastest Growing Private Companies

Aug 17, 2016 8:42:58 AM By Stu Sjouwerman
I have some exciting news: KnowBe4 made it in the Inc 500! To start off with, a very big thank you to all our customers who understood the need to manage the ongoing problem of social ...
Continue Reading

I was interviewed by DARKReading at BlackHat [VIDEO]

Aug 15, 2016 5:01:52 PM By Stu Sjouwerman
While at BlackHat, the editorial team from DARKReading wanted to know more about what we were doing at KnowBe4. This was a fun, relaxed 15 minutes where we chatted about problems like ...
Continue Reading

The Ultimate Pop-up Phishing Warning Message

Aug 15, 2016 4:54:20 PM By Stu Sjouwerman
'Just weeks after she started preparing opposition research files on Donald Trump’s campaign chairman Paul Manafort last spring, Democratic National Committee consultant Alexandra Chalupa ...
Continue Reading

CyberheistNews Vol 6 #33 Ransomware Roundup: Fresh Strains And New Nasty Features

Aug 15, 2016 9:43:01 AM By Stu Sjouwerman
Continue Reading

PokemonGo Ransomware installs Backdoor Account and Spreads to other Drives

Aug 14, 2016 10:43:11 AM By Stu Sjouwerman
With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new Hidden-Tear ransomware discovered ...
Continue Reading

Hitler ransomware just deletes files instead of encrypting them

Aug 14, 2016 10:19:30 AM By Stu Sjouwerman
Security experts detected and analyzed a new threat, the Hitler ransomware, that doesn’t encrypt files but simply deletes them. Larry Abrams at Bleepingcomputer commented: " It looks like ...
Continue Reading

Scam Of The Week: New Social Security Account Fraud

Aug 13, 2016 3:27:36 PM By Stu Sjouwerman
Bad guys are abusing the Social Security Administration's (SSA) online service called My SocialSecurity Account in two ways: A phishing scam which encourages employees to create an ...
Continue Reading

July 2016 Ransomware Roundup: New Strains And New Nasty Features

Aug 13, 2016 11:08:17 AM By Stu Sjouwerman
The ransomware market is rapidly maturing, we start seeing upgraded strains and rebranded versions sold cheaply in the Dark Web. And mainstream media have finally glommed on after years ...
Continue Reading

When the Bad Guys Go to Ransomware B-School

Aug 12, 2016 1:17:13 PM By Stu Sjouwerman
By Eric Howes, KnowBe4 Principal Lab Researcher. As we have documented numerous times in this space over the past few years, the bad guys have proven to be relentless innovators, ...
Continue Reading

CyberheistNews Vol 6 #32 Scary Stuff And Hot Security Products At Black Hat And DEF CON

Aug 8, 2016 9:55:22 AM By Stu Sjouwerman
Continue Reading

The Latest from Black Hat 2016: Ransomware By the Numbers

Aug 4, 2016 4:07:30 PM By Stu Sjouwerman
The annual Black Hat security conference always produces a wealth of interesting papers, presentations, talks, live demos, and security news. This year's Black Hat USA 2016 event, which ...
Continue Reading

CyberheistNews Vol 6 #31 [ALERT] Scam Of The Week: Illegal Game of Thrones Download Phishing Attack

Aug 2, 2016 9:32:04 AM By Stu Sjouwerman
*|CyberHeistNews|*
Continue Reading

Yes, that email is really from Paypal. And, yes, it's really malicious.

Aug 1, 2016 7:36:36 PM By Stu Sjouwerman
Score another one for the bad guys, who have yet again demonstrated their seemingly inexhaustible ability to concoct new methods to exploit legitimate services in order to bypass existing ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews