Aussie TV Network Taken Off Air by Ransomware

Mar 29, 2021 9:54:27 AM By Stu Sjouwerman

The "early-scoop" Phil Muncaster at InfoSec Mag reported: "An Australian TV network was taken off-air for over 24 hours by suspected state-backed attackers, in what it described as the ...

Data Breach at Dutch Auto Shops Puts 7,3 Million Car Owners at Risk

Mar 29, 2021 9:31:50 AM By Stu Sjouwerman

The Netherlands is dealing with what looks like one of the largest data breaches in the nation so far. Late last week, Dutch public broadcaster NOS revealed that customer data of millions ...

Phishing Remains the Most Common Form of Attack

Mar 29, 2021 8:20:31 AM By Stu Sjouwerman

Phishing attacks are “by far” the most common vector for data breaches, according to a new survey by the UK’s Department for Digital, Culture, Media, and Sport (DCMS).

Average Ransoms Triple while Ransomware Incident Response Costs Pile On

Mar 26, 2021 1:50:04 PM By Stu Sjouwerman

New data shows it’s now clear the biggest problem with ransomware (just after taking down your operation) is all the necessary costs incurred trying to clean up the mess post-attack.

REvil Ransomware Now Helps with Extortion by Offering to Call the Victim’s Contractors and the Media

Mar 26, 2021 1:50:00 PM By Stu Sjouwerman

The bad guys are going to great lengths to ensure they make their money. As part of its Ransomware-as-a-Service, REvil is now expanding its services to aid in the extortion phase.

Security Awareness is the Key to Cybersecurity Behavior Change

Mar 26, 2021 1:49:56 PM By Stu Sjouwerman

As organizations seek to find ways to increase the effectiveness of their security stance, many are realizing the value of a cybersecurity-aware employee helping to keep the organization ...

New Release: 2021 Remote Workforce Security Report

Mar 26, 2021 10:19:24 AM By Stu Sjouwerman

Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets.

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Mar 26, 2021 10:05:59 AM By Stu Sjouwerman

Even though the UK has made 'huge progress' on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts ...

[UPDATE] What is SOAR? What Are The Pros And Potential Pitfalls?

Mar 25, 2021 1:46:58 PM By Stu Sjouwerman

Jessica Groopman at TechTarget's SearchSecurity forum has a great short post about SOAR, what it stands for and what the potential benefits and pitfalls are. Here is an extract with a ...

Forensically Investigating Phishing To Better Protect Your Organization

Mar 25, 2021 11:37:24 AM By Roger Grimes

The single best thing you can do to reduce cybersecurity risk in your environment is to prevent and mitigate social engineering – phishing in particular. The first and best thing any IT ...

Avoid Being Influenced by Instagram Scams

Mar 25, 2021 10:00:03 AM By Stu Sjouwerman

People need to be able to recognize common scams that will target them through Instagram and other social media sites, according to Harriet Stone at Naked Security. Stone points to ...

KPMG: Cyber Security Risk Is Now No. 1 Threat To Growth

Mar 24, 2021 10:14:42 AM By Stu Sjouwerman

KPMG in the UK just released their CEO 2021 Outlook Pulse Survey where global leaders were asked about their 3-year outlook. CEOs of the world’s most influential companies are planning ...

A Can of Phishbait: from Surveys to Rule Changes to Your Boss's Boss

Mar 24, 2021 8:28:28 AM By Stu Sjouwerman

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has ...

Nation-State Hacking 2.0: Why Your Organization is Now at Risk from this Evolving Threat

Mar 24, 2021 8:00:00 AM By Stu Sjouwerman

Security professionals have worried about cyberwarfare for decades. But the attack on Sony Pictures, the Solarwinds supply chain compromise, and now the latest Microsoft Exchange zero-day ...

Spoofing Tailored to Financial Departments

Mar 23, 2021 1:01:21 PM By Stu Sjouwerman

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers ...

Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday

Mar 23, 2021 12:51:07 PM By Stu Sjouwerman

In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday.

CyberheistNews Vol 11 #12 [Eye Opener] Make No Mistake, This Changes Everything: Nation-State 2.0

Mar 23, 2021 9:26:55 AM By Stu Sjouwerman

Insurers are Warned of Cyber Risk Growth and are Provided a New Cyber Insurance Risk Framework from the New York Department of Financial Services

Mar 22, 2021 2:27:11 PM By Stu Sjouwerman

As cyberattacks continue to increase, cyber insurers are always looking for ways to manage the cyber risk they take on. The NY DFS offers some best practices from top insurance companies.

A Tale of Two Ransomware Variants: Two Ends of the Ransomware Attack Spectrum

Mar 22, 2021 2:27:08 PM By Stu Sjouwerman

Ransomware attacks are evolving much in the same way any saturated services market would, with specific targets, extortion techniques used, and customer experiences. Two new variants ...

Not Your Father's Tech Support Scam

Mar 22, 2021 10:43:45 AM By Eric Howes

Over the past month or so customers using the Phish Alert Button (PAB) have been reporting a curious wave of what initially appeared to be run-of-the-mill tech support scam emails. As it ...

Security Awareness Training Blog

View Topics