Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Vaccine Research Companies are the Target of New Ransomware Attacks

The U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN) warns financial organizations to be aware of campaigns actively targeting vaccine companies.
Continue Reading

68% of Organizations Experiencing One Cyberattack Experience a Second Within 12 Months!

New data from cybersecurity vendor CrowdStrike shows just having security technologies in place won’t prevent one… let alone two… cyberattacks.
Continue Reading

Healthcare Sees Double the Increase in the Amount of Ransomware Attacks Since November

With an average of 626 ransomware attacks weekly on healthcare organizations, it’s evident that the bad guys are stepping up their tactics and focus where they believe the money to be.
Continue Reading

Google Finds an Alarming Thousands of Phishing Sites Everyday in 2020

Google discovered a record number of phishing sites in 2020, according to researchers at AtlasVPN. The researchers cite Google’s Transparency Report, which says the search giant detected ...
Continue Reading

Employees Are Too Trusting of Workspace Tools

A study by Avanan has found that users tend to trust workplace communication tools such as Microsoft Teams, Slack, and Google Hangouts, even though these platforms are subject to many of ...
Continue Reading

How Crime Pays, Ransomware Edition

The Ryuk ransomware operators have raked in more than $150 million from their attacks, researchers at Advanced Intelligence and HYAS have found. The researchers describe how these ...
Continue Reading

How to Spot the (Phish) Hook

Users should act as quickly as possible after they realize they’ve fallen for a phishing attack, according to Mallika Mitra at Money. The faster your IT department can contain a malware ...
Continue Reading

Discover 5 Major Threats to Your Digital Supply Chain and How to Reduce Your Vendor Risk

You’ve heard that vendor dependencies are ripe for malicious abuse and you have read the stories where vendors were used to exploit and infiltrate their customers. Your organization’s ...
Continue Reading

Email Scammers Impersonate U.S. Government Agencies Offering Pandemic Financial Assistance

Taking advantage of people in their time of need, these bottom feeders of the cybercriminal world promise assistance and, instead, collect personal details to make a buck.
Continue Reading

It’s Time for Organizations to Begin Propping Up the Human Firewall

Modern thinking about a comprehensive cybersecurity strategy includes a holistic approach that equally involves your users as a “human element” within your cyber defenses.
Continue Reading

Fake Scandal Video Serves Malware

Researchers at Trustwave warn that a phishing campaign is attempting to deliver malware via a file for a fake scandal video with 'Trump' included in the title. The file is a Java Archive ...
Continue Reading

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven ...
Continue Reading

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

The NYT just reported the next revelation regarding the SolarWinds hack.  The Russian FSB may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic.
Continue Reading

KnowBe4 Wins Multiple 2021 "Best of" Awards From TrustRadius

KnowBe4 is proud to be recognized by TrustRadius in the first-ever “Best of” Awards for usability, customer support, and feature set in the Security Awareness Training software category.
Continue Reading

PayPal Phishing: “Your Account is Limited”

A PayPal smishing campaign is trying to trick users into handing over their credentials and personal information, BleepingComputer reports. The text messages state, “PayPal: We've ...
Continue Reading

[HEADS UP] Australian Cyber Security Centre is Being Used in Malware Campaign

A warning was recently issued by the Australian Government of cybercriminals impersonating the Australian Cyber Security Centre (ACSC) to infect with malware.
Continue Reading

Welcome to The InfoSec Neighborhood!

It looks like KnowBe4 has a new cybersecurity “neighbor” here in Tampa, helping create an even larger presence of tech companies headquartered in Florida.
Continue Reading

It Looks Like Chinese Cybercriminal Group APT27 May Be Shifting to Ransomware Attacks

The perceived change in cyberattack tactics for this well-known group of hackers may mean more trouble as APT27’s talents usually reserved for espionage are focused on ransomware.
Continue Reading

A Close Look at a Banking Scam

A phishing campaign is targeting customers of Portugal’s Banco Millennium BCP (Portuguese Commercial Bank), according to Tomas Meskauskas at PCRisk. The emails inform recipients that ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews