Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Stu Sjouwerman

Recent Posts

Ransomware Attack Causes School 'District-Wide Shutdown'

Oct 30, 2019 6:51:58 AM By Stu Sjouwerman
A ransomware attack hitting Las Cruces Public Schools forced the district to shut down the entire computer system to contain the infection.
Continue Reading

Vishing, from (not) the Bank

Oct 30, 2019 5:59:59 AM By Stu Sjouwerman
We saw yesterday how phishing affects the financial sector. Here we see another, related trend: impersonation attacks that purport to be from the victim’s bank.
Continue Reading

CyberheistNews Vol 9 #44 [INFOGRAPHIC] The 2019 Third Quarter Top-Clicked Phishing Email Subjects From KnowBe4

Oct 29, 2019 3:06:41 PM By Stu Sjouwerman
Continue Reading

[NEW FEATURE] KnowBe4 Assessments Help Gauge Proficiency of Your Users in Security Awareness and Sentiment Towards Security Culture

Oct 29, 2019 8:56:36 AM By Stu Sjouwerman
Social engineering attacks continue to be the leading cause of compromised networks and data breaches. Today, organizations of all sizes are susceptible to these attacks and are ...
Continue Reading

A Recent Spate Of Spear Phishing Attacks Is Targeting The Financial Industry

Oct 29, 2019 6:45:30 AM By Stu Sjouwerman
Phishing attacks are getting harder to spot, especially as more attackers realize the value of targeted, well-crafted phishing attacks, according to Johannes Ullrich, the dean of research ...
Continue Reading

Phishing Attack Targets Humanitarian Organizations

Oct 28, 2019 7:01:01 AM By Stu Sjouwerman
Researchers at Lookout have discovered an ongoing phishing campaign targeting humanitarian non-governmental organizations (NGOs), including UNICEF and the Red Cross. The infrastructure ...
Continue Reading

Phishing in Office 365's Pond

Oct 28, 2019 6:55:35 AM By Stu Sjouwerman
Heimdal Security has come across a phishing campaign that uses compromised accounts to target Microsoft users. The attackers use email and social media accounts they’ve already breached ...
Continue Reading

Data Breaches Devastate Small Businesses in 2019 with 10 Percent Closing Their Doors

Oct 24, 2019 2:07:25 PM By Stu Sjouwerman
A new report from the National Cyber Security Alliance sheds some light on how prepared small and medium size businesses are and what the aftermath of a data breach really looks like.
Continue Reading

FBI Updates Initiative to Protect U.S. Elections from Cyberattacks

Oct 24, 2019 7:14:35 AM By Stu Sjouwerman
FBI has updated and expanded the resources and tools designed to help political campaigns, private businesses, and individuals to better understand and mitigate risks posed by foreign ...
Continue Reading

CNN Says "Hack Our Reporter," and White Hat Rachel Tobac *Does*

Oct 24, 2019 6:54:14 AM By Stu Sjouwerman
It’s “disturbingly easy” to steal someone’s personal data using information gleaned from their social media accounts, according to Donie O’Sullivan at CNN. O’Sullivan met with Rachel ...
Continue Reading

Credential Phishing With a Masked URL

Oct 23, 2019 5:55:49 AM By Stu Sjouwerman
Cofense warns of a phishing campaign going after credentials for the Stripe online payment platform. The attackers are sending emails purporting to be from Stripe Support, telling the ...
Continue Reading

CyberheistNews Vol 9 #43 [Heads-Up] "I Can Phish Anyone". Would You Be Able to Say This, and Would You Be Right?

Oct 22, 2019 9:42:27 AM By Stu Sjouwerman
Continue Reading

Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

Oct 22, 2019 7:28:00 AM By Stu Sjouwerman
KnowBe4 reports on the top-clicked phishing emails by subject lines each quarter in three different categories: subjects related to social media, general subjects, and 'In the Wild' - we ...
Continue Reading

A New Strain of Tech Support Scam in the U.K.

Oct 22, 2019 6:54:11 AM By Stu Sjouwerman
The BBC reports a tech support scam that caused a British man, Doug Varey, to lose £4,000. The scam began when Mr. Varey saw an online ad for twelve years’ worth of computer security ...
Continue Reading

Smishing and Carrier Impersonation

Oct 22, 2019 6:47:08 AM By Stu Sjouwerman
While most phishing campaigns involve email, SMS text messages are an ideal alternative for attackers, according to Paul Ducklin at Naked Security. Text messages are brief and uniform in ...
Continue Reading

Shipping giant Pitney Bowes hit by ransomware

Oct 21, 2019 4:26:59 PM By Stu Sjouwerman
TechCrunch reported that shipping tech giant Pitney Bowes has confirmed a cyberattack on its systems.
Continue Reading

Alexa and Google Home abused to eavesdrop and phish passwords

Oct 21, 2019 9:35:05 AM By Stu Sjouwerman
Ars Technica is on a roll lately with some very good articles! Here is another one that made me go "Yikes!"
Continue Reading

Can An Employee's Bad Conscience Be A Vulnerability?

Oct 21, 2019 7:06:27 AM By Stu Sjouwerman
It can be useful to remember that social engineering succeeds much better when its marks are stressed or hurried. That appears to be the case with an ongoing scam campaign that lays its ...
Continue Reading

KnowBe4 Wins ComputingSecurity Award: Education and Training Provider of the Year

Oct 18, 2019 9:43:51 AM By Stu Sjouwerman
We are extremely pleased to announce we won the ComputingSecurity Award for Education and Training Provider of the Year. Here is the team accepting the award.
Continue Reading

Don’t Fall Victim to Breach Fatigue

Oct 18, 2019 7:04:45 AM By Stu Sjouwerman
People shouldn’t let news of data breaches dissuade them from trying to protect their information, according to security researcher Ray [REDACTED]. On the CyberWire’s Hacking Human ...
Continue Reading
Subscribe

Search Our Blog


Domain Spoof Test Contest

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews