Conti Ransomware Affiliate Attacks Australian Utilities Giant's Corporate Network

Dec 29, 2021 11:01:00 AM By Stu Sjouwerman

While news reports indicate no impact to the utilities company’s ability to deliver electricity to its’ customers, this could be the start of attacks on critical infrastructure in ...

Google Takes a Step Towards Reducing the Use of Calendar Invitations as Phishing Tools

Dec 29, 2021 11:00:50 AM By Stu Sjouwerman

Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim’s calendar to lower the malicious value of an invite.

CyberheistNews Vol 11 #51 [Heads Up] Phishing Attacks Remain the Top Type of Cybersecurity Breach This Year

Dec 29, 2021 9:36:00 AM By Stu Sjouwerman

West Virginia Healthcare Breach Traced to Phishing

Dec 28, 2021 1:28:54 PM By Stu Sjouwerman

Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.

[Eye Opener] New Phishing Research Shows 37% of Sites Had More Than a Day Downtime

Dec 28, 2021 11:19:30 AM By Stu Sjouwerman

More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a ...

New Nigerian Phishing Scams Target U.S. Military Families with Needed “Services”

Dec 23, 2021 4:17:23 PM By Stu Sjouwerman

With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more.

Office 365 “Spam Notification” Phishing Emails Seek to Capture Credentials

Dec 23, 2021 4:17:00 PM By Stu Sjouwerman

A new campaign spotted in the wild uses a tried-and-true method of convincing victims to provide their Office 365 logon credentials to be used in future attacks.

U.K. Workers Aren’t Concerned about Company Cybersecurity Despite 60% Having Been Victims of a Cyberattack

Dec 23, 2021 12:07:22 PM By Stu Sjouwerman

New data shows a huge disparity between the likelihood of cyberattack against U.K. organizations and their employee’s cybersecurity awareness and vigilance.

One-Third of Phishing Pages Are Inactive After Just One Day

Dec 23, 2021 11:39:19 AM By Stu Sjouwerman

We’ve always known phishing scammers work very quickly, moving from campaign to campaign, but new data indicates some scammers are moving on in terms of literally hours.

Canadian Government Urges Organizations to Take Additional Steps to Protect Against Ransomware Attacks

Dec 23, 2021 11:38:50 AM By Stu Sjouwerman

Citing upticks in attacks, Canada’s Centre for Cyber Security asks organizations to step up protective measures, offering guidance and a playbook to improve security.

Having an Efficient Security Awareness Training Program

Dec 23, 2021 9:06:46 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

With KnowBe4’s Phish Alert Button, You Can Now Collect Feedback from Your Users When They Report Suspicious Emails

Dec 21, 2021 11:51:13 AM By Stu Sjouwerman

We are excited to announce the availability of KnowBe4’s enhanced Phish Alert Button for Microsoft 365 with the new User Comments feature!

Phishing Campaign Impersonates Pfizer

Dec 21, 2021 10:20:31 AM By Stu Sjouwerman

A phishing campaign is impersonating Pfizer with phony request-for-quotation (RFQ) emails, according to Roger Kay at INKY. The email lures had fairly convincing PDF attachments that ...

CyberheistNews Vol 11 #50 [EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Defense Is Successful

Dec 21, 2021 9:20:08 AM By Stu Sjouwerman

Phishing Remains Top Form of Cybersecurity Breach in 2021

Dec 20, 2021 3:14:15 PM By Stu Sjouwerman

Over half of organizations say they’ve experienced a cybersecurity breach caused by phishing in the last 12 months, dwarfing the second-place breach cause (malware) by almost 30%.

Double Extortion Ransomware Attacks That Publish Victim Data Increase 935%

Dec 20, 2021 3:13:47 PM By Stu Sjouwerman

According to new data, the number of victim companies impacted by double extortion has jumped from 229 by the first half of 2020 to nearly 2400 by the first half of 2021.

Embedded Email Attacks Are on the Rise and Aren’t Being Detected by Security Solutions

Dec 20, 2021 3:13:11 PM By Stu Sjouwerman

This classic tactic is making a comeback and is elegantly simple to execute, yet sufficiently complex enough to keep email scanning solutions from seeing it as malicious.

Spam Calling Rates Spike Globally

Dec 20, 2021 11:56:12 AM By Stu Sjouwerman

Spam calls in the US spiked in October, according to Truecaller’s annual Global Spam Report. The report observed that Truecaller customers in the US received 3,115,861 spam calls in ...

Whitelisting On Known Headers Not Recommended

Dec 20, 2021 10:53:58 AM By Stu Sjouwerman

We found a discussion on Twitter about this topic and we thought it would be useful to provide to provide the correct technical background related to whitelisting.

[EYE OPENER] New EU Phishing Study Shows That Crowd-sourcing Phishing Defense Is Successful

Dec 16, 2021 4:27:59 PM By Stu Sjouwerman

A Swiss phishing study involving roughly 15,000 participants in a 15-month experiment produced some interesting results. The study was run by researchers at ETH Zurich, working together ...

Security Awareness Training Blog

View Topics