Stu Sjouwerman

[Heads Up] The Chinese Have Likely Hacked Your Exchange Email Server

Mar 6, 2021 9:48:40 AM By Stu Sjouwerman

What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulns? On March 2, Microsoft released emergency security updates to plug four security holes ...

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

Mar 5, 2021 4:05:06 PM By Stu Sjouwerman

The latest tale of an organization falling victim to a business email compromise attack on their credit card processor highlights how very specific the scenario needs to be to see a ...

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Mar 5, 2021 4:02:18 PM By Stu Sjouwerman

The latest Data on BEC scams shows how the bad guys are using a mix of gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money.

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Mar 5, 2021 4:00:12 PM By Stu Sjouwerman

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage.

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Mar 5, 2021 3:57:51 PM By Stu Sjouwerman

While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, VEC has been around for some time and now seems to be going mainstream.

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Mar 5, 2021 3:55:42 PM By Stu Sjouwerman

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals.

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

Mar 5, 2021 10:52:44 AM By Stu Sjouwerman

Intrepid investigative cyber security reporter Brian Krebs has some interesting news. He said: "Over the past few weeks, three of the longest running and most venerated Russian-language ...

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

Mar 5, 2021 9:31:10 AM By Stu Sjouwerman

Here are important fresh content updates and new features to share with you that happened in the month of February.

[ALERT] New Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Mar 4, 2021 6:43:06 PM By Stu Sjouwerman

A recent 2020 report we just discovered confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. We are pleased that the somewhat older ...

Most Phishing Emails Are After Credentials

Mar 4, 2021 8:22:48 AM By Stu Sjouwerman

57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last ...

POTRAZ Warns of Phishing Scams

Mar 3, 2021 9:42:20 AM By Stu Sjouwerman

The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has issued a warning regarding an increase in email and SMS phishing attacks, the Chronicle reports. Dr. Gift ...

CyberheistNews Vol 11 #09 [Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

Mar 2, 2021 9:45:14 AM By Stu Sjouwerman

Universal Health Services Becomes Next Victim of Ryuk Ransomware, Costing $67 Million

Mar 2, 2021 8:54:36 AM By Stu Sjouwerman

Fortune 500 hospital and health care service provider Universal Health Services (UHS) recently became victim to Ryuk ransomware in September 2020.

By Their Poor Idiomatic Control Shall Ye Know Them

Mar 2, 2021 8:24:52 AM By Stu Sjouwerman

A new phishing campaign is impersonating Zoom in order to steal users’ Outlook credentials, according to researchers at GreatHorn. The attackers are using phishing URLs that spoof Zoom’s ...

Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

Mar 2, 2021 8:00:00 AM By Stu Sjouwerman

Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than ...

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

Mar 1, 2021 10:39:15 AM By Stu Sjouwerman

The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no ...

New York State Education Department Warns of Phishing Campaign

Mar 1, 2021 9:55:30 AM By Stu Sjouwerman

The New York State Education Department (NYSED) released an advisory warning that scammers are impersonating its employees in an attempt to steal social security numbers and money. The ...

Phishing Attacks Double in 2020 While Carrying the Highest Month of Attacks on Record

Mar 1, 2021 9:32:45 AM By Stu Sjouwerman

The latest data from the Anti-Phishing Working Group (AWPG) shows massive gains in phishing attacks in Q4 of last year, quantifying the growth and setting the expectation of what’s to ...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

Mar 1, 2021 9:32:30 AM By Stu Sjouwerman

This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets.

Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks

Mar 1, 2021 9:32:10 AM By Stu Sjouwerman

New data from phishing detection vendor Inky highlights which brands are most often used by cybercriminals in phishing attacks that will give them the edge needed for a successful phish.

Security Awareness Training Blog

View Topics

Stu Sjouwerman

Recent Posts

[Heads Up] The Chinese Have Likely Hacked Your Exchange Email Server

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

[ALERT] New Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Most Phishing Emails Are After Credentials

POTRAZ Warns of Phishing Scams

CyberheistNews Vol 11 #09 [Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

Universal Health Services Becomes Next Victim of Ryuk Ransomware, Costing $67 Million

By Their Poor Idiomatic Control Shall Ye Know Them

Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New York State Education Department Warns of Phishing Campaign

Phishing Attacks Double in 2020 While Carrying the Highest Month of Attacks on Record

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search