Phishing Campaign Uses Novel Technique to Deliver Malware

Jul 14, 2021 11:25:51 AM By Stu Sjouwerman

Researchers at McAfee warn that a phishing campaign is delivering malware via Word documents that don’t contain any malicious code. When a user opens the document and enables content, the ...

New York Department of Financial Services Issues New Guidance to Financial Services Orgs to Counter Ransomware

Jul 14, 2021 9:23:40 AM By Stu Sjouwerman

NYDFS offers up sound best practices in addition to their recently released Cyber Insurance Risk Framework based on recent attack investigations, finding repeated use of “the same handful ...

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Jul 14, 2021 9:23:26 AM By Stu Sjouwerman

Uncovered by the research team at cloud protection vendor Intezer, this new phishing campaign seeks to steal information and position each victim as the foothold to spear phish additional ...

Spear Phishing Campaign Targets Energy Companies

Jul 13, 2021 10:29:13 AM By Stu Sjouwerman

Researchers at Intezer have spotted a phishing campaign that’s targeting energy companies in South Korea, the United States, the United Arab Emirates, and Germany. Most of the targets are ...

CyberheistNews Vol 11 #27 [EYE OPENER] They're Here... The Ransomware Ecosystem Now Has Criminal VC Investors

Jul 13, 2021 10:20:04 AM By Stu Sjouwerman

Ransomware Attacks Put Singapore Organizations at Risk of Violation of the Personal Data Protection Act

Jul 12, 2021 1:46:47 PM By Stu Sjouwerman

A new court decision sets precedence for all Singapore organizations where ransomware attacks – even without data exfiltration – may be subject to financial noncompliance penalties.

Counterterrorism Strategies Could Be the Key to Stopping Ransomware

Jul 12, 2021 1:46:00 PM By Stu Sjouwerman

With ransomware players, sophistication, effectiveness, and cost all on the rise, it may be time for us to take a page from counterterrorism to make it more difficult for cybercriminal ...

Phishbait Follows Current Events

Jul 12, 2021 9:49:35 AM By Stu Sjouwerman

Crisis draws opportunistic criminals, and the Kaseya ransomware incident is no different. Kaseya’s updates on the incident have included repeated warnings not to be taken in by emails or ...

The Pandemic’s Paradigm Shift with Cybersecurity

Jul 9, 2021 1:18:00 PM By Anna Collard

Just over a year ago, a much-prized perk – the ability to work from home – became an everyday reality for many. ITWeb, in partnership with KnowBe4, conducted a survey to gain insight into ...

How to Defeat REvil Ransomware

Jul 9, 2021 11:04:06 AM By Roger Grimes

The REvil ransomware gang is in the news again! This time for a supply chain attack and the largest public extortion demand ever – $70 million dollars.

KnowBe4 Fresh Content Updates from June

Jul 9, 2021 10:13:30 AM By Stu Sjouwerman

Here are important fresh content updates to share with you that happened in the month of June.

[On-Demand Webinar] Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox

Jul 9, 2021 8:00:00 AM By Stu Sjouwerman

DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, ...

Ransomware Attacks from Within Russia So Impactful, U.S. Government Says They Will Take Action If Russia Won’t

Jul 8, 2021 9:40:10 AM By Stu Sjouwerman

In light of recent ransomware attacks, the White House Press Secretary Jen Psaki stated this week that the Russian government needs to address ransomware groups stemming from Russia.

How REvil Works: A Look Inside the World’s Most Famous Ransomware-as-a-Service

Jul 8, 2021 9:40:06 AM By Stu Sjouwerman

With well-known companies impacted by REvil in every sector, including tech, it’s time to get a better understanding of who they are and what makes their ransomware so successful.

Social Engineering and Organizational Culture

Jul 8, 2021 9:40:03 AM By Stu Sjouwerman

Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...

Lazarus Group Continues Targeting Defense Contractors

Jul 7, 2021 8:57:49 AM By Stu Sjouwerman

North Korea’s Lazarus Group has been launching phishing campaigns against more defense contractors and engineering companies, according to researchers at AT&T Alien Labs. The ...

87% Increase in Social Engineering Scams During the First Quarter of 2021 Compared to Q1 2020

Jul 7, 2021 8:41:47 AM By Stu Sjouwerman

There was an 87% increase in social engineering scams during the first quarter of 2021 compared to Q1 2020, according to Ayelet Biger-Levin from BioCatch. In an article for The Paypers, ...

Your The Majority of Business Email Compromise Phishing Attacks Initially Go for Credentials, Not Money

Jul 6, 2021 4:23:15 PM By Stu Sjouwerman

With BEC attacks historically trying to get to the “committing fraud” part as quickly as possible, new data shows threat actors are taking their time, looking for a larger payoff.

It Was Only a Matter of Time: The Ransomware Ecosystem Has Given Birth to VC Investors

Jul 6, 2021 4:12:45 PM By Stu Sjouwerman

Security firm LIFARS confirms that cybercriminals are acting like venture capital investors, funding startup cybercriminal organizations, such as Darkside Ransomware.

CyberheistNews Vol 11 #26 [Eye Opener] Almost All LinkedIn User’s Data Has Been Scraped and Is up for Sale on the Dark Web

Jul 6, 2021 9:44:01 AM By Stu Sjouwerman

Security Awareness Training Blog

View Topics