Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

French Hospital Crippled by Ransomware

Patient care at a large hospital in northern France has suffered considerably after a major ransomware attack at the weekend, according to local reports. The University Hospital Center ...
Continue Reading

A massive international email scam netted $3 million worth of top-secret US military equipment

In a recent case first reported by Quartz, a crew of international cyber criminals allegedly convinced an unidentified US defense contractor to send them millions of dollars worth of ...
Continue Reading

It's Happening The World Over: $300K Lost To Phone Scammer

A woman in Singapore lost $300,000 to a scammer posing as a Singtel customer service employee, according to the Straits Times. The scammer told the victim he would fix some problems with ...
Continue Reading

An Australian Watering Hole (but in Canberra, not the Outback)

The Australian Federal Parliament suffered a malware infection earlier this year after some users fell victim to a watering hole attack, the Australian Broadcasting Corporation (ABC) ...
Continue Reading

Cybercriminal Gang, Silent Starling, Creates New ‘Vendor Email Compromise’ Category

New attacks focus on organizations with global supply chains looking to trick a supplier’s customers into paying fake invoices and have already impacted 500 organizations worldwide.
Continue Reading

Malware Delivered Via Fake Browser Updates Are Back and are More Sophisticated Than Ever

Leveraging vulnerable website content management platforms, these attacks seek to trick users into installing malware under the guise that their web browser is out-of-date.
Continue Reading

Now HERE is an interesting Phishing Campaign!

It's a phishing campaign against phishing campaigns! :-D It's a public service program that educates organizations and societies globally on the greatest cyber risk of all - the falsehood ...
Continue Reading

Ransomware Attack Hits Louisiana State Servers

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team. The incident appears to have ...
Continue Reading

A Look at Election Influence And Social Engineering

Attempts to influence elections are by no means new, but highly targeted online advertising requires people to think about social engineering in the form of political messaging in a new ...
Continue Reading

Will You Get Spoofed During The Holidays? Try the Free Domain Spoof Test to Win $500 Amazon Gift Card!

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain? Now they can launch a "CEO fraud" spear phishing attack ...
Continue Reading

Real Estate Scams Have Gone Global. Bad Guys Caused Tens of Thousands of Dollars Damage Down Under

Scammers hijacked a total of $70,000 by imitating an Australian settlement agent’s email address, and then tricking two property buyers into sending the money to the wrong account, Perth ...
Continue Reading

Malicious Actors the World Over Endorse This One Security Practice

If you're working the trenches in your organization's IT department, then one of your more consistently annoying headaches involves passwords. Users and their passwords are the ongoing ...
Continue Reading

[Heads-Up] Scam Of The Week: Thousands Of Hacked Disney+ Accounts Are Already For Sale On Criminal Sites

Apart from me, guess who has been anticipating the Disney+ channel?
Continue Reading

Get Your Hands On KnowBe4's Important 2020 Security Threats and Trends Survey Results *First*

Once a year, KnowBe4 runs its Security Threats and Trends Survey. We’re polling IT and Security executives, administrators and professionals like yourself on what technology and business ...
Continue Reading

A Majority of Organizations Experience Breaches Despite a Majority Saying They Are Prepared to Defend Against Them

The mismatch of signals by IT organizations shows a potential overestimation on IT’s part about its ability to prevent and protect against new cyberthreats.
Continue Reading

IT Budgets Are on the Rise in Part Due to Organizational Concerns for Security

Security remains a primary driver as organizations work to establish budgets that keep IT cutting edge, competitive, and secure, according to new data from Spiceworks.
Continue Reading

Interested in cybersecurity law and policy?

Check out “Caveat,” the CyberWire's newest weekly podcast addressing cybersecurity law and policy, with a particular focus on surveillance and digital privacy. This podcast is hosted by ...
Continue Reading

Half of M&A Cyber Audits Uncover Undisclosed Breaches That Derail Deals

Cybersecurity diligence performed prior to a merger or acquisition often uncovers weaknesses in an organization’s security stance, which can spell doom for the company being purchased and ...
Continue Reading

SIM Card Attack May Affect Over 1 Billion Mobile Phones Worldwide

Using SMS messaging, attackers can use phishing tactics to hijack mobile devices using a legacy piece of SIM code, called the S@T Browser, to execute commands as part of a more ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews