The Number of Ransomware Attack Victims Surge in 2023 to over 4000

Jan 25, 2024 12:43:48 PM By Stu Sjouwerman

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend ...

HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

Jan 25, 2024 11:24:46 AM By Stu Sjouwerman

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that ...

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Jan 25, 2024 8:59:50 AM By Stu Sjouwerman

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months.

Social Engineering Attacks Rising in the Trucking Industry

Jan 25, 2024 8:59:28 AM By Stu Sjouwerman

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA).

New Deepfake Video Scam has “Taylor Swift” Offering Free French Cookware

Jan 25, 2024 8:59:23 AM By Stu Sjouwerman

A new wave of ads utilizing video of well-known celebrities seemingly promoting video games, fake giveaways, and more are starting to popup, and fans are falling for this trap.

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

Jan 24, 2024 12:22:36 PM By John Just

If you haven’t heard of Roblox, you probably don’t have kids like me. Roblox is an online virtual world/metaverse that has been around since 2006 that allows people to play with others ...

Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks

Jan 24, 2024 8:20:31 AM By Stu Sjouwerman

As the use of Cloud SaaS platforms of generative AI solutions increases, the likelihood of more “GPT” attacks used to gather credentials, payment info and corporate data also increases.

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Jan 24, 2024 8:20:21 AM By Stu Sjouwerman

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Jan 23, 2024 4:21:14 PM By Stu Sjouwerman

Ok, I'll admit it, I was swept up in the moment last week and wrote a short blog post that more or less summarized the tsunami of news about that huge data breach initially reported by ...

CyberheistNews Vol 14 #04 'Swatting' Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 23, 2024 9:48:02 AM By Stu Sjouwerman

Facebook Phishing Scams Target Concerned Friends and Family

Jan 22, 2024 2:06:13 PM By Stu Sjouwerman

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles ...

AI Does Not Scare Me, But It Will Make The Problem Of Social Engineering Much Worse

Jan 22, 2024 2:05:54 PM By Roger Grimes

I am not scared of AI. What I mean is that I do not think AI is going to kill humanity Terminator-style. I think AI is going to be responsible for more cybercrime and more realistic ...

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Jan 22, 2024 2:00:15 PM By Stu Sjouwerman

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO ...

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Jan 20, 2024 9:45:06 AM By Stu Sjouwerman

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also ...

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

Jan 19, 2024 12:50:46 PM By Stu Sjouwerman

A new job posting scam found by IT security company Qualysys is focused on capturing victim’s identity details, accessing victim’s Facebook accounts, and committing fraud. In this new ...

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Jan 18, 2024 2:32:22 PM By Stu Sjouwerman

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...

Scammers Target Owners of Missing Pets

Jan 18, 2024 9:33:32 AM By Stu Sjouwerman

Some particularly cold-hearted scammers are targeting users of lost pet forums with phony ransom demands, the BBC reports.

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 18, 2024 8:38:31 AM By Stu Sjouwerman

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

Jan 18, 2024 8:18:57 AM By Stu Sjouwerman

A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and ...

Malicious APKs Drain Bank Accounts

Jan 16, 2024 2:00:08 PM By Stu Sjouwerman

A phishing campaign is targeting Chinese users in an attempt to distribute malicious apps, according to researchers at Palo Alto Networks’s Unit 42.

Security Awareness Training Blog

View Topics