Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

May 12, 2021 8:18:54 AM By Stu Sjouwerman
New data from Mimecast shows how email-based threats are not only the greatest perceived concern, but are proving to be the reason for increased experienced attacks.
Continue Reading

Phishing Scammers Remove ‘External Sender’ Email Warnings Impersonating Internal Users

May 12, 2021 8:18:49 AM By Stu Sjouwerman
With little more than some CSS and HTML coding, a security researcher demonstrates how easy it is to eliminate security warnings placed on email messages by security products.
Continue Reading

Your Organization Needs to Take Security Awareness Training More Seriously

May 11, 2021 4:08:50 PM By Roger Grimes
Your organization needs to take security awareness training (SAT) more seriously. I mean truly serious, really serious, and not relegated to some quasi-, semi-serious status that the vast ...
Continue Reading

Wine-Themed Phishing Attacks Have Turned Sour During the Pandemic

May 11, 2021 12:45:30 PM By Stu Sjouwerman
Scammers took advantage of people’s desire to order wine online during the pandemic, Decanter reports. Researchers at Recorded Future disclosed in a recent report that wine-related ...
Continue Reading

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

May 11, 2021 12:00:00 PM By Stu Sjouwerman
According to Bleeping Computer, Microsoft reported that a large business email compromise (BEC) campaign has targeted dozens of organizations. The industries targeted varied from real ...
Continue Reading

CyberheistNews Vol 11 #18 [Heads Up] End-User Attempt to Pirate Software Leads to Ryuk Ransomware Attack

May 11, 2021 10:02:40 AM By Stu Sjouwerman
Continue Reading

Fake Court Order Used to Take Over Domains

May 11, 2021 9:00:39 AM By Stu Sjouwerman
Motherboard reports that a scammer used a phony court order to trick a domain registrar into giving them control over a domain that posted links to dark web drug markets. The scammer then ...
Continue Reading

[ALERT] Time to Truly Reckon with the Dark Reality of Ransomware’s Critical Costs

May 11, 2021 8:26:43 AM By Perry Carpenter
By now, I’m sure you’ve already been inundated with all the news about the US’s largest gasoline pipeline being shut down and restarted because of a ransomware attack. As reported by the ...
Continue Reading

[On-Demand Webinar] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

May 10, 2021 10:00:00 AM By Stu Sjouwerman
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap ...
Continue Reading

Student’s Attempt to Pirate Software Leads to Ryuk Ransomware Attack

May 7, 2021 8:45:52 AM By Stu Sjouwerman
Bleeping Computer recently reported that a student attempted to pirate expensive data visualization software, which resulted in a Ryuk ransomware attack.
Continue Reading

KnowBe4 Fresh Content Updates from April: Including New AI-Driven Phishing Feature

May 7, 2021 8:40:27 AM By Stu Sjouwerman
Here are important fresh content updates and new features to share with you that happened in the month of April.
Continue Reading

[NEW FEATURE] AI-Driven Phishing Helps Admins Deliver a Personalized Simulated Phishing Experience to Each User

May 6, 2021 4:50:21 PM By Stu Sjouwerman
We are excited to announce the availability of KnowBe4’s new AI-Driven Phishing feature. The KnowBe4 phishing platform now leverages machine learning to recommend and deliver informed and ...
Continue Reading

Strange Chinese APT Interest in Buying Batches of AV Products

May 6, 2021 9:40:50 AM By Stu Sjouwerman
The Chinese military unit was recently accused of carrying out a years-long cyber espionage. The accusation from Japanese authorities was due to China's People Liberation Army buying ...
Continue Reading

New IceID Phishing Attack Targets Website Owners Using Image Copyright Infringement as The Hook

May 6, 2021 9:00:16 AM By Stu Sjouwerman
Spotted by the Microsoft 365 Defender Threat Intelligence Team, this new phishing attack threatens legal action to trick victims into installing information-stealing malware.
Continue Reading

W-2 Form Office 365 Credential Scam Creatively Uses Typeform Service to Bypass Security Checks

May 6, 2021 8:59:44 AM By Stu Sjouwerman
By creating phishing site pages using an online service for building surveys and forms, scammers figured out an original way to trick users out of their Office 365 credentials.
Continue Reading

Cybersecurity Spend Is Now More Than 20% of the Average IT Budget As 91% of Organizations Suffering an Attack had Operations Impacted

May 6, 2021 8:58:25 AM By Stu Sjouwerman
The latest data from the Hiscox Cyber Readiness Report highlights how organizations are experiencing cyber threats and how they are responding to increase their readiness for next time.
Continue Reading

[HEADS UP] New Malware Families Found in Phishing Campaign

May 5, 2021 1:36:54 PM By Stu Sjouwerman
Researchers from FireEye's security team found new malware families in a financial phishing campaign. The Malware strains are dubbed Doubledrag, Doubledrop, and Doubleback and have been ...
Continue Reading

Genesis Market: a Study in the C2C Economy

May 5, 2021 8:55:19 AM By Stu Sjouwerman
Researchers at Digital Shadows describe Genesis Market, a criminal-to-criminal marketplace that aggregates and sells digital fingerprints to facilitate cyberattacks. The researchers say ...
Continue Reading

A Snapshot of the Ransomware Landscape

May 4, 2021 11:23:33 AM By Stu Sjouwerman
Organizations need to take steps to disrupt the ransomware industry by making these attacks more expensive to carry out, according to Jen Miller-Osborn from Palo Alto Networks' Unit 42. ...
Continue Reading

UK IT Decision Makers Fear Their Remote Workers Put Company Data at Risk for Data Breach

May 4, 2021 11:23:23 AM By Stu Sjouwerman
According to an annual survey from Apricorn, UK IT decision makers are fearing the worst as their staff continues to work in a remote environment.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews