Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

More Companies Start Reporting Their Ransomware Infections As The Expensive Data Breaches They Are

Larry Abrams at Bleepingcomputer correctly observed: "Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and ...
Continue Reading

If you don’t meet the CMMC specifications, you will no longer be able to compete for the DoD’s business

The Cybersecurity Maturity Model Certification (CMMC) is a new US Department of Defense (DoD) standard for implementing best practices throughout the defense industrial base, which ...
Continue Reading

KnowBe4’s Q2 2020 Year-Over-Year Sales Grow 25%

We announced on July 2nd that 2020's second quarter was 25% higher in sales than Q2 2019, and that we are nearing a staff of 1,000 and 33,000+ customers worldwide.  KnowBe4 continues on a ...
Continue Reading

New ‘WastedLocker’ Ransomware Released by Evil Corp

The group associated with the Zeus trojan, Locky and BitPaymer looks to have debuted a new ransomware and have already seen massive distribution of it in the wild.
Continue Reading

Half of all Remote Employees Aren’t the Slightest Bit Prepared for Cyberattacks

New data from IBM suggests that employees, their devices, training, and organizational policies are all lacking when it comes making sure remote workers don’t become a victim of ...
Continue Reading

Microsoft 365 Phishing Attacks Masterfully Use Brand Name Sites to Establish Legitimacy

New voicemail phishing scam uses legitimate branded domains from companies like Samsung and Adobe to facilitate redirects to compromised websites intent on stealing credentials.
Continue Reading

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

As attacks on the C-Suite decline, new data shows that employees in finance department roles are critical to the success of shifts in attack campaign strategy.
Continue Reading

June Content Update: Including New Roger Grimes Video Series on Data-Driven Defense

Here are a few important content updates to share with you for the month of June.
Continue Reading

Looking for Binge-Worthy Viewing Options This Summer?

Looking for some binge-worthy watching this summer? We've got just what you're looking for! Check out this innovative new security awareness video series called ‘The Inside Man’.
Continue Reading

Elections In Russia Mean 16 More Years Of Job Security For InfoSec Pros

Russian voters have overwhelmingly backed a ploy by President Vladimir Putin to rule until 2036 in a referendum. 
Continue Reading

See Ridiculously Easy Security Awareness Training and Phishing

Join us for a live demo on Security Awareness Training and phishing in action!
Continue Reading

A "Secure DNS" Scam: an Upgrade that's a Downgrade

A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...
Continue Reading

COVID-19 Related Phishing Scams Target Passport Details

The Coronavirus phishing scams have only gotten more aggressive and targeted now than ever before, InfoSecurity Magazine reports. Now researchers at Griffin Law are tracking self-employed ...
Continue Reading

Australia Spending Nearly $1 Billion on Cyberdefense as China Tensions Rise

The NY Times reported some surprising numbers: "Officials promised to recruit at least 500 cyberspies and build on the country’s offensive capabilities to take the online battle overseas. ...
Continue Reading

Phishing in Irish Streams

Netflix is warning users in Ireland to be on the lookout for another phishing campaign that’s impersonating the streaming service, reports. The emails inform recipients that ...
Continue Reading

It's the Best of 2020! Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better  Protect Your Organization

Roger Grimes' lesson on how to forensically examine phishing emails received the highest viewer rating of any webinar so far this year. In case you missed it, make sure to watch this ...
Continue Reading

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?
Continue Reading

New Sextortion Method Uses Social Engineering and Doxing To Identify and Target Victims

According to the SANS Internet Storm Center, cybercriminals are engaging their victims online, using social engineering tactics to collect needed details to extort money.
Continue Reading

New Dropbox-Based Pandemic Relief Payment Scam Targets U.K. Microsoft 365 Users, Bypassing Email Security

Using a Dropbox Transfer page, this new scam presses all the urgency buttons while eluding detection as being malicious in an effort to steal the victim’s online credentials.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews