Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Stu Sjouwerman

Recent Posts

Twitter Takes Down Over 32,000  Nation State Accounts Involved in Disinformation Campaigns

Jun 16, 2020 3:14:08 PM By Stu Sjouwerman
Manipulation/disinformation campaigns are running rampant on social media and Twitter just took action -- again. "Disinformation" is a form of propaganda honed into an art form by Russia. ...
Continue Reading

CyberheistNews Vol 10 #25 [Eye Opener] "For a long time I've had a gap in my O365 security. PhishRIP is amazing and solves the problem."

Jun 16, 2020 10:17:38 AM By Stu Sjouwerman
Continue Reading

BEC Isn't Back; It Never Left

Jun 16, 2020 8:27:32 AM By Stu Sjouwerman
Business email compromise (BEC) attacks aren’t new, but they’re growing increasingly effective, according to Zeljka Zorz at Help Net Security. Zorz cites an article from BakerHostetler, ...
Continue Reading

Another Bitcoin Scam, with Bogus SpaceX on the Side

Jun 15, 2020 8:24:13 AM By Stu Sjouwerman
Scammers took over three popular YouTube channels and used them to impersonate the official SpaceX channel to generate cryptocurrency, according to Lisa Vaas at Naked Security. The ...
Continue Reading

Fraudsters Are Exploiting Newborns and Recently Deceased People

Jun 12, 2020 9:21:12 AM By Stu Sjouwerman
Criminals are crafting detailed fake identities using data belonging to newly born and recently deceased people, according to Sanjay Gupta, Vice President, Global Head of Products and ...
Continue Reading

Australian Beverage Manufacturer Shutdown IT Systems After Cyberattack

Jun 12, 2020 8:50:29 AM By Stu Sjouwerman
A cyberattack forced Australian beverage manufacturer Lion to shut down its IT system, interrupting manufacturing and orders, the company disclosed on June 9.
Continue Reading

Japan CERT: 75% of BEC Email Scams Involve the Forgery of an Invoice from a Business Partner

Jun 11, 2020 4:59:28 PM By Stu Sjouwerman
New research from the Japan Computer Emergency Response Team provides needed insight into what tactics and methods are used as part of Business Email Compromise scams.
Continue Reading

Multifactor Authentication Versus Credential Stuffing?

Jun 11, 2020 12:51:34 PM By Stu Sjouwerman
You shouldn’t assume multi-factor authentication will protect your accounts from credential stuffing attacks, according to Gerhard Giese at Akamai. Credential stuffing is a type of ...
Continue Reading

Sharp Increase Of Phishing "From" Dutch Tax Authority

Jun 11, 2020 12:28:15 PM By Stu Sjouwerman
The Dutch Tax Authority saw a sharp increase in reports of phishing emails and text messages made to look like they came from the Tax Authority since the start of the coronavirus crisis. ...
Continue Reading

Maze Ransomware “Cartel” Adds More Ransomware Gangs to its Data Leak Platform

Jun 10, 2020 8:27:16 AM By Stu Sjouwerman
It’s one thing if you’re up against one ransomware cybercriminal group. But what happens when they start acting like the good guys and joining forces?
Continue Reading

Pretexting Defined

Jun 10, 2020 8:23:00 AM By Stu Sjouwerman
Pretexting is a social engineering tactic in which an attacker attempts to gain information, access, or money by tricking a victim into trusting them, according to Josh Fruhlinger at CSO ...
Continue Reading

[HEADS UP] Recent Phishing Attack in Germany Hits Coronavirus Task Force

Jun 9, 2020 11:28:26 AM By Stu Sjouwerman
An ongoing phishing attack has been targeting executives of a company working to provide the German coronavirus task force with protective gear. The company is multinational and more than ...
Continue Reading

CyberheistNews Vol 10 #24 [Heads Up] Remote Work Isn’t Good for Corporate Security. 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Jun 9, 2020 9:41:58 AM By Stu Sjouwerman
Continue Reading

The Enduring Threat of Ransomware During COVID-19

Jun 9, 2020 8:53:41 AM By Stu Sjouwerman
Ransomware attacks continue to blight organizations of all sizes and sectors. The number of incidents involving ransomware reported to Beazley Breach Response (BBR) Services in the first ...
Continue Reading

[EXCLUSIVE] Indian Cyber Firm Spied on Investors and Politicians Across the Globe

Jun 9, 2020 8:51:41 AM By Stu Sjouwerman
A little-known Indian IT firm offered its phishing services to help clients spy on more than 10,000 email accounts over a period of seven years.
Continue Reading

Why BEC Punches Above Its Weight

Jun 9, 2020 8:27:09 AM By Stu Sjouwerman
Business email compromise (BEC) attacks are particularly insidious because they don’t use malware payloads or malicious URLs. That’s a reminder from Evan Reiser, CEO and co-founder of ...
Continue Reading

Hurricane Season Means Disaster-Related Scams

Jun 9, 2020 7:00:00 AM By Stu Sjouwerman
June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber ...
Continue Reading

Security Awareness is the Biggest Security Challenge for Remote Workforces

Jun 8, 2020 11:41:03 AM By Stu Sjouwerman
As the dust from enabling employees to work remotely has settles, new data from security vendor PulseSecure highlights where remote security has been – and still is – a challenge.
Continue Reading

Why People Don't Learn (It's Not Always Their Fault)

Jun 8, 2020 8:27:48 AM By Stu Sjouwerman
IT and security managers often fail to understand how well their employees actually absorb cybersecurity training, according to a survey from Mimecast and Forrester Consulting. The survey ...
Continue Reading

May Content Update: Including New When You Report, We Get Stronger Video Series

Jun 5, 2020 8:00:00 AM By Stu Sjouwerman
Check out new training content added to the KnowBe4 ModStore in the month of May.
Continue Reading
Subscribe

Search Our Blog


Ransomware Has Gone Nuclear Webinar

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews