Stu Sjouwerman

[HEADS UP] Cybercriminals in Australia Harass Recipients with Abusive Transaction Descriptions on Bank Statements

Jun 4, 2020 4:59:41 PM By Stu Sjouwerman

There are bad guys in Australia that have given away money in order to use social engineering and harass people with abusive transaction descriptions that appear in online banking ...

[BEWARE] New Report on Doxxing Exposes Cybercriminal Trends

Jun 4, 2020 12:13:51 PM By Stu Sjouwerman

A new threat intelligence report on doxxing, researched by cybersecurity experts at Kivu, reveals that the majority of attacks occur in the U.S., with companies in the consumer sector ...

[HEADS UP] More Australian Companies Hit By Mespinoza/Pysa Ransomware

Jun 4, 2020 12:05:13 PM By Stu Sjouwerman

Two more Australian companies have been hit by attackers using the Mespinoza/Pysa Windows ransomware, the same malware that was used to take down the Australian money management firm ...

Excel Macros Bypass Your Filters and Slip in Malware Payloads

Jun 4, 2020 9:56:26 AM By Stu Sjouwerman

Researchers at Lastline warn that attackers are increasingly utilizing Excel 4[.]0 macros to deliver malware while avoiding detection by security products. Excel 4[.]0 (XL4) macros were ...

Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Jun 4, 2020 8:58:47 AM By Stu Sjouwerman

Don't click phishy links. Everyone knows that. But are your end users prepared to quickly identify today's tricky tactics being used by the bad guys? Probably not. Cybercriminals have ...

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Jun 4, 2020 8:24:05 AM By Stu Sjouwerman

Lots of new data is now just coming out of the woodwork demonstrating some of the harsh realities of having employees work from home without proper security in place.

Remote Work Isn’t Good for Corporate Security (Part 1): 6 in 10 Employee’s Online Accounts Have Been Compromised Since Working Remotely

Jun 4, 2020 8:20:45 AM By Stu Sjouwerman

Working from home has its advantages. But, according to new data, one of them isn’t keeping the organization secure.

COVID-19 Tax Refund Phishing Attacks Offering Fake U.K. Government Grants

Jun 3, 2020 9:27:48 AM By Stu Sjouwerman

Researchers at Forcepoint describe an unusual phishing attempt that purported to come from the UK’s tax office, HM Revenue and Customs (HMRC). The email itself was clearly a phishing ...

Ransomware Gangs Team Up To Form Extortion Cartel

Jun 3, 2020 9:25:20 AM By Stu Sjouwerman

Today, BleepingComputer was told by cyber intelligence firm KeLa that the Maze operators added the information and files for an international architectural firm to their data leak site.

[Heads Up] The REvil Ransomware Gang Is Now Auctioning Off Their Victim Data

Jun 2, 2020 4:39:34 PM By Stu Sjouwerman

Intrepid investigative Reporter Brian Krebs had the news first. "The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies ...

CyberheistNews Vol 10 #23 [Eye-Opener] More Than Half of Your Employees Cut Security Corners When They Work Remote

Jun 2, 2020 9:25:46 AM By Stu Sjouwerman

Phishing for Supermarket Deliveries

Jun 2, 2020 9:00:23 AM By Stu Sjouwerman

Scammers are exploiting the increased demand for online shopping by setting up spoofed supermarket websites, Teiss reports. Researchers at Mimecast recently found thirty websites ...

The Latest Ransomware Attacks Can Require a Data Breach Notification

Jun 2, 2020 8:46:46 AM By Stu Sjouwerman

Ransomware variants shifting tactics to include extortion may be cause for organizations to treat them as data breaches and, therefore, quickly notify affected parties.

Human Performance as a Risk Factor

Jun 1, 2020 8:25:33 AM By Stu Sjouwerman

Most organizations don’t place enough focus on the human elements of cybersecurity, according to Stephen A. Wilson, Dean Hamilton, and Scott Stallbaum from consulting firm Wilson Perumal ...

Supreme Court “Summons” is the Latest Phishing Attack Aimed at Stealing Your Microsoft 365 Credentials

May 30, 2020 8:31:22 AM By Stu Sjouwerman

Even the Supreme Court isn’t safe from brand impersonation in this scam intent on getting victims to click on a link to a supposed subpoena to attend a hearing.

Verizon: Phishing is the Attack Vector Most Often Seen in Data Breaches

May 30, 2020 8:28:10 AM By Stu Sjouwerman

This year’s much-anticipated Verizon Data Breach Investigations Report sheds some light on how cybercriminals use phishing to achieve their goal of stealing data.

EasyJet Becomes the Latest Victim of Data Breach Impacting 9 Million Customers

May 30, 2020 8:25:32 AM By Stu Sjouwerman

In an apparent attack intent on stealing intellectual property, EasyJet announced that their customer’s personal data had been “accessed” as part of the attack.

State Unemployment Programs Are the Latest Victim of Massive Fraud

May 30, 2020 8:22:09 AM By Stu Sjouwerman

Leveraging PII from victims in Washington, North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida, scammers from Nigeria are filing fraudulent unemployment claims.

Netwalker Ransomware Adopts an Affiliate Model to Help Increase Attacks and Profits

May 30, 2020 8:08:43 AM By Stu Sjouwerman

The ransomware formerly known as Mailto has taken a page from traditional software vendors and rebranded itself with a new affiliate-based go-to-market strategy.

[Eye-Opener] More Than Half Of Your Employees Cut Security Corners When They Work Remote

May 29, 2020 1:18:20 PM By Stu Sjouwerman

More than half of your employees are cutting corners with regards to cybersecurity while working from home, putting your organisation at risk. The coronavirus pandemic has forced all of ...

Security Awareness Training Blog

View Topics

Stu Sjouwerman

Recent Posts

[HEADS UP] Cybercriminals in Australia Harass Recipients with Abusive Transaction Descriptions on Bank Statements

[BEWARE] New Report on Doxxing Exposes Cybercriminal Trends

[HEADS UP] More Australian Companies Hit By Mespinoza/Pysa Ransomware

Excel Macros Bypass Your Filters and Slip in Malware Payloads

Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Remote Work Isn’t Good for Corporate Security (Part 1): 6 in 10 Employee’s Online Accounts Have Been Compromised Since Working Remotely

COVID-19 Tax Refund Phishing Attacks Offering Fake U.K. Government Grants

Ransomware Gangs Team Up To Form Extortion Cartel

[Heads Up] The REvil Ransomware Gang Is Now Auctioning Off Their Victim Data

CyberheistNews Vol 10 #23 [Eye-Opener] More Than Half of Your Employees Cut Security Corners When They Work Remote

Phishing for Supermarket Deliveries

The Latest Ransomware Attacks Can Require a Data Breach Notification

Human Performance as a Risk Factor

Supreme Court “Summons” is the Latest Phishing Attack Aimed at Stealing Your Microsoft 365 Credentials

Verizon: Phishing is the Attack Vector Most Often Seen in Data Breaches

EasyJet Becomes the Latest Victim of Data Breach Impacting 9 Million Customers

State Unemployment Programs Are the Latest Victim of Massive Fraud

Netwalker Ransomware Adopts an Affiliate Model to Help Increase Attacks and Profits

[Eye-Opener] More Than Half Of Your Employees Cut Security Corners When They Work Remote

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search