Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Leaving Windows 7 in Production Puts You at High Risk of Ransomware Attack

Microsoft end-of-support for Windows 7 means systems will remain unpatched, creating an opportunity for future ransomware attacks to wreak havoc.
Continue Reading

Business Disruption is the Prominent Result for All Cyberattacks

New data from security vendor CrowdStrike shows that the bad guys are getting better at avoiding detection and are having a substantial financial impact on operations.
Continue Reading

Defending Against Ransomware is a Team Effort

Ransomware operators have grown very skilled in targeting exactly what will compel an organization to pay up, according to Andrew Brandt, principal researcher at Sophos. On the ...
Continue Reading

[Heads-up] The Evil Ryuk Ransomware Strain Now Uses Wake-on-Lan To Encrypt Your *Offline* Devices

You must have heard of RYUK before. It's one of the most nasty, evil ransomware strains attributed to the North Korean state sponsored cyber criminals. They are an APT—Advanced Persistent ...
Continue Reading

Hackers Request Aging Reports to Identify Their Next CEO Fraud Victims for Them

Rather than attempt to hack user credentials and gain access to Accounts Payable applications, hackers are now impersonating the CFO and obtaining all the detail they need to launch a ...
Continue Reading

Nemty Ransomware Creators Plan to Post Stolen Data of Non-Payors to Blog

In a twist to the newest ransomware tactic where data is stolen and then encrypted, the folks behind Nemty are going to use a blog to publish victims data if they don’t pay.
Continue Reading

Kiwi Drivers Phished with Bogus License Renewals

The New Zealand Transport Agency (NZTA) has warned of an ongoing email phishing campaign using fake vehicle license renewal reminders, 1 News reports. The emails appear legitimate and ...
Continue Reading

TrickBot Hackers Have Created the Ultimate “On the Fly” Update Backdoor

The newly-created “PowerTrick” backdoor leaves malware ready to accept new commands and victim organizations perpetually in danger of the next thing the malware’s creators can think of.
Continue Reading

You Should Be Scared of the Latest Strains of Phobos Ransomware

In an unusual twist, it’s not actually the ransomware itself that makes the newer forms of Phobos so frightening; it’s the people behind the attacks that will have you worried.
Continue Reading

Travelex Warns Customers: Watch Out For Phishing Or Telephone Scams In Aftermath of Ransomware Attack

A little more than two weeks ago on New Year’s Eve, Foreign Currency services supplier Travelex was hit by a Sodinokibi (REvil)  Ransomware attack.  It has yet to recover and its web ...
Continue Reading

Nobel Laureates Get Scammed, Too

Nobel Prize-winning economist and New York Times Opinion columnist Paul Krugman appears to have been taken in by a phishing scam, Business Insider reports. In a tweet that’s since been ...
Continue Reading

New SNAKE Ransomware is an Attack Mix of Obfuscation, Encryption, and Corporate Disruption

Beware! This new targeted attack variant of ransomware is smart, sophisticated, and does a lot more than just encrypt files.
Continue Reading

Hackers Target the Special Olympics of New York and Use them to Launch Phishing Attacks

This latest attack demonstrates how cybercriminals can leverage one organization as merely a part of a larger phishing campaign to scam countless individuals out of credentials or money.
Continue Reading

Fast Work By Cops Recovers $710,000 After CEO Fraud Attack Hits Long Island County Government

Finally some good news. Newsday reports that in record time, Nassau County, New York, recovered $710,000 that was transferred to scammers who were impersonating an existing county vendor.
Continue Reading

New Languages Added to KMSAT Learner Experience

Late Friday, the product team added 6 new languages to the KMSAT Learner Experience bringing the total number to 21 languages supported. The new languages include:
Continue Reading

[New Ransomware Threat] Now Cyber Criminals Demand Ransom From The PATIENTS After A Plastic Surgery Clinic Data Breach

Just when you thought it could not get any worse... it did. Criminal hackers are now demanding that all the patients of Florida provider Richard Davis, MD pay a ransom to prevent the ...
Continue Reading

Texas School District Loses $2.3 Million In BEC Scam

Texas’s Manor Independent School District was the victim of a costly 2.3 million dollar Business Email Compromise (BEC) scam in November of 2019.
Continue Reading

Auto Dealership Becomes Latest Victim of Ransomware Attack Costing Up to $500,000

The opening of a seemingly benign email from a coworker by an unsuspecting employee set in motion an attack that brought operations to a halt and resulted in some costly remediation. The ...
Continue Reading

Microsoft Sues Hacker Group for Data Theft of Highly Sensitive Information

A new recently unsealed lawsuit against a North Korean hacker group shows how even the largest companies can be successfully attacked by phishing.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews