Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

How to Keep SOX on Track During a Pandemic

It’s been several weeks since COVID-19 entered our vocabulary and made working from home the new normal, according to Accounting Today. Professionals over the last month are adapting to ...
Continue Reading

Find Out How to Use Your Organization's Data to Become a Risk Management Expert

Risk management is about recognizing the right risks, assigning the right likelihood, and assessing potential damage. Yet, most risk managers are doing it wrong, driven by decades of ...
Continue Reading

Microsoft on COVID-19 Themed Cyberattacks

Microsoft’s Threat Protection Intelligence Team has published a report providing a detailed look into the proliferation of COVID-19-themed phishing over the past several months. The ...
Continue Reading

[MSP News] Manage Your KnowBe4 Accounts Faster With NEW Managed Phishing Functionality

You have been asking for a better way to manage your multiple KnowBe4 accounts, and we heard you! We've made enhancements to the KnowBe4 phishing platform and added the NEW Managed ...
Continue Reading

Researchers Uncover Six Years of Russian Attempts to Mold International Politics

Researchers uncover six-years-worth of Russian attempts to mold international politics using fake news and forged documents. Social media research group Graphika published today a ...
Continue Reading

Phony Data Theft, Like Phony Sextortion

Extortionists are sending phony threats to website owners informing them that their sites’ databases will be leaked unless they pay a ransom of between $1,500 and $3,000, BleepingComputer ...
Continue Reading

Twitter Takes Down Over 32,000  Nation State Accounts Involved in Disinformation Campaigns

Manipulation/disinformation campaigns are running rampant on social media and Twitter just took action -- again. "Disinformation" is a form of propaganda honed into an art form by Russia. ...
Continue Reading

BEC Isn't Back; It Never Left

Business email compromise (BEC) attacks aren’t new, but they’re growing increasingly effective, according to Zeljka Zorz at Help Net Security. Zorz cites an article from BakerHostetler, ...
Continue Reading

Another Bitcoin Scam, with Bogus SpaceX on the Side

Scammers took over three popular YouTube channels and used them to impersonate the official SpaceX channel to generate cryptocurrency, according to Lisa Vaas at Naked Security. The ...
Continue Reading

Fraudsters Are Exploiting Newborns and Recently Deceased People

Criminals are crafting detailed fake identities using data belonging to newly born and recently deceased people, according to Sanjay Gupta, Vice President, Global Head of Products and ...
Continue Reading

Australian Beverage Manufacturer Shutdown IT Systems After Cyberattack

A cyberattack forced Australian beverage manufacturer Lion to shut down its IT system, interrupting manufacturing and orders, the company disclosed on June 9.
Continue Reading

Japan CERT: 75% of BEC Email Scams Involve the Forgery of an Invoice from a Business Partner

New research from the Japan Computer Emergency Response Team provides needed insight into what tactics and methods are used as part of Business Email Compromise scams.
Continue Reading

Multifactor Authentication Versus Credential Stuffing?

You shouldn’t assume multi-factor authentication will protect your accounts from credential stuffing attacks, according to Gerhard Giese at Akamai. Credential stuffing is a type of ...
Continue Reading

Sharp Increase Of Phishing "From" Dutch Tax Authority

The Dutch Tax Authority saw a sharp increase in reports of phishing emails and text messages made to look like they came from the Tax Authority since the start of the coronavirus crisis. ...
Continue Reading

Maze Ransomware “Cartel” Adds More Ransomware Gangs to its Data Leak Platform

It’s one thing if you’re up against one ransomware cybercriminal group. But what happens when they start acting like the good guys and joining forces?
Continue Reading

Pretexting Defined

Pretexting is a social engineering tactic in which an attacker attempts to gain information, access, or money by tricking a victim into trusting them, according to Josh Fruhlinger at CSO ...
Continue Reading

[HEADS UP] Recent Phishing Attack in Germany Hits Coronavirus Task Force

An ongoing phishing attack has been targeting executives of a company working to provide the German coronavirus task force with protective gear. The company is multinational and more than ...
Continue Reading

The Enduring Threat of Ransomware During COVID-19

Ransomware attacks continue to blight organizations of all sizes and sectors. The number of incidents involving ransomware reported to Beazley Breach Response (BBR) Services in the first ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews