Stu Sjouwerman

Chinese Antivirus Vendor Tied to Part of a Decade-Long Hacking Spree

Sep 24, 2020 11:04:01 AM By Stu Sjouwerman

Members of the hacking group “Apt41” were charged by the U.S. Department of Justice for hacking more than 100 victims globally with one of its members running AV vendor Anvisoft.

Cyberattacks Targeting State and Local Government Increase by 50%

Sep 24, 2020 11:00:25 AM By Stu Sjouwerman

State, local, tribal, and territorial government agencies and municipalities are under attack. Observations and data from security vendor BlueVoyant highlight the attacks and the results.

60% of the US Workforce Will Be Working Remotely by 2024 (and That’s a Problem)

Sep 24, 2020 10:57:20 AM By Stu Sjouwerman

The latest data from analyst firm IDC shows massive growth in the remote workforce in the coming years – something that puts organizations at greater risk for a cyberattack.

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Sep 24, 2020 10:29:04 AM By Stu Sjouwerman

Yesterday at the end of the day, I was called by our PR team who got alerted by tech support about a Twitter post that was going viral. Turns out a custom phishing test created by one of ...

Abusing App Engine to Automate Phishing

Sep 24, 2020 8:30:09 AM By Stu Sjouwerman

Attackers can abuse a feature in Google App Engine to generate unlimited phishing URLs, BleepingComputer reports. Security researcher Marcel Afrahim found that App Engine URLs that ...

Which Users in Your Organization Put You at Risk?

Sep 24, 2020 7:00:00 AM By Stu Sjouwerman

October is National Cybersecurity Awareness Month, so it's a perfect time to fortify your human firewall. Start by identifying which users may be putting your organization at risk before ...

KnowBe4 Receives a 2020 Tech Cares Award

Sep 23, 2020 11:24:32 AM By Stu Sjouwerman

Sticking to our values continues to pay off, as we have recently received a Tech Cares award from TrustRadius. This is a brand-new award crafted to celebrate organizations that have ...

Five Alarming Approaches to Extortion

Sep 23, 2020 8:30:10 AM By Stu Sjouwerman

People should familiarize themselves with common forms of extortion in order to avoid falling victim to these attacks, according to Amer Owaida at ESET. Ransomware might be the most ...

Credential Stuffing to Stuff the Ballot Box

Sep 22, 2020 10:20:17 AM By Stu Sjouwerman

Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...

CyberheistNews Vol 10 #39 CrowdStrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

Sep 22, 2020 9:29:36 AM By Stu Sjouwerman

The Critical Need to Improve Your Compliance Processes

Sep 22, 2020 7:00:00 AM By Stu Sjouwerman

You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary ...

Credential Stuffing Used Against Financial Services

Sep 21, 2020 8:27:15 AM By Stu Sjouwerman

A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.

Your Organization Through the Eyes of an Attacker

Sep 21, 2020 7:00:00 AM By Stu Sjouwerman

The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organization and users, devising the perfect plan to infiltrate ...

[Announcement] KnowBe4 ModStore: New Series "Security Snapshots" from Twist & Shout

Sep 19, 2020 9:58:36 AM By Stu Sjouwerman

They've made you laugh. They've made you cry. You know and love them! Twist & Shout are here once again with a series of 12 stand-alone security micro-dramas! These Security Snapshots are ...

Bitcoin Millionaire Loses $16 Million to a Compromised Wallet and Simple Social Engineering

Sep 18, 2020 7:01:00 AM By Stu Sjouwerman

This brief tale of misfortune shows how unpatched software and letting your guard down – especially when $16 million is on the line – can be all that’s needed for a successful scam.

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Sep 18, 2020 7:00:00 AM By Stu Sjouwerman

This newly-released report is the result of a collaborative effort by cybersecurity authorities in Australia, Canada, New Zealand, the United Kingdom, and the United States.

Crowdstrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

Sep 16, 2020 10:26:18 AM By Stu Sjouwerman

According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half ...

When Phishing And Disinformation Meet

Sep 16, 2020 8:49:42 AM By Stu Sjouwerman

The Insider reported that QAnon is co-opting a USPS phishing scam, and claim the Vishing text messages are linked to human trafficking. "A viral [text] phishing scheme is targeting people ...

How to Become a Harder Target From Malicious Threat Actors

Sep 16, 2020 8:30:35 AM By Stu Sjouwerman

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding threat actors associated with China’s Ministry of State ...

[NEW PhishER Feature] Remove, Inoculate, and Protect Against Email Threats Faster With PhishRIP

Sep 16, 2020 7:00:00 AM By Stu Sjouwerman

Your users are likely already reporting potentially dangerous emails in some fashion within your organization. The increase of this email traffic can present a new problem!

Security Awareness Training Blog

View Topics

Stu Sjouwerman

Recent Posts

Chinese Antivirus Vendor Tied to Part of a Decade-Long Hacking Spree

Cyberattacks Targeting State and Local Government Increase by 50%

60% of the US Workforce Will Be Working Remotely by 2024 (and That’s a Problem)

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Abusing App Engine to Automate Phishing

Which Users in Your Organization Put You at Risk?

KnowBe4 Receives a 2020 Tech Cares Award

Five Alarming Approaches to Extortion

Credential Stuffing to Stuff the Ballot Box

CyberheistNews Vol 10 #39 CrowdStrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

The Critical Need to Improve Your Compliance Processes

Credential Stuffing Used Against Financial Services

Your Organization Through the Eyes of an Attacker

[Announcement] KnowBe4 ModStore: New Series "Security Snapshots" from Twist & Shout

Bitcoin Millionaire Loses $16 Million to a Compromised Wallet and Simple Social Engineering

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Crowdstrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

When Phishing And Disinformation Meet

How to Become a Harder Target From Malicious Threat Actors

[NEW PhishER Feature] Remove, Inoculate, and Protect Against Email Threats Faster With PhishRIP

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search