Many Ways To Hack MFA

Mar 22, 2021 10:35:56 AM By Roger Grimes

I have spent a lot of time thinking about how to hack multifactor authentication (MFA) solutions. I have done so my whole career, deploying dozens, if not hundreds, of MFA projects. Also, ...

FBI Warns that PYSA Ransomware is Targeting Schools

Mar 22, 2021 9:40:13 AM By Stu Sjouwerman

The FBI has warned of a wave of ransomware attacks against schools and other entities across the United States and the UK.

[NEW FEATURE] Enhance Your Users’ Learning Experience with Optional Learning

Mar 22, 2021 8:00:00 AM By Stu Sjouwerman

You asked, we listened! We are excited to introduce the new Optional Learning feature within your KnowBe4 platform. Optional Learning enables you to offer your users additional training ...

Mom Charged in Deepfake Cheerleading Plot

Mar 19, 2021 10:23:09 AM By Stu Sjouwerman

Raffaela Marie Spone, a 50-year-old mom from Pennsylvania, has been arrested after allegedly leveraging deepfake technology to target several of her daughter’s cheerleading rivals.

Another Tax Season, Another Opportunity for Scams

Mar 18, 2021 9:30:45 AM By Erich Kron

It’s the start of tax season. This is the time of year when we collect our receipts and tax forms and hope for a nice big refund from the U.S. government. Unfortunately, cybercriminals ...

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

Mar 18, 2021 8:29:50 AM By Stu Sjouwerman

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices.

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Losses Exceed $4.2 Billion

Mar 18, 2021 5:58:13 AM By Stu Sjouwerman

The FBI’s Internet Crime Complaint Center has released their annual report. The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an ...

[EYE-OPENER] USA CISA Advisory on Trickbot Campaigns: Phishing Training For Employees

Mar 17, 2021 4:04:08 PM By Stu Sjouwerman

March 17, 2021 — The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have observed continued targeting through spear phishing campaigns ...

Ransomware Attacks Are Growing More Costly and Effective by the Day

Mar 17, 2021 2:08:25 PM By Stu Sjouwerman

The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game.

Cybercrime Officially Has Its Own Global Ecosystem

Mar 17, 2021 2:06:43 PM By Stu Sjouwerman

From Services, to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships and connections really ...

Make No Mistake, This Changes Everything: Nation-State 2.0

Mar 17, 2021 8:00:00 AM By Roger Grimes

Every organization needs to figure out their increased cyber risk from nation-state warfare attacks and deploy mitigations.

Give Me £1,000 to Stop Calling You

Mar 17, 2021 7:14:28 AM By Stu Sjouwerman

Some scammers are taking a more direct approach to asking for money, according to BBC reporter Jane Wakefield. Wakefield received a call from a scammer who claimed to work for Microsoft, ...

[THIS IS UGLY] A Hacker Got All My Texts for $16

Mar 16, 2021 10:50:55 AM By Stu Sjouwerman

VICE just revealed a 2FA hole you can drive a truck through. A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages. This ...

6 Advanced Email Phishing Attacks

Mar 16, 2021 10:32:51 AM By Roger Grimes

No matter how good your policies and technical defenses are, some amount of phishing will get to your end users in a given month. They must be trained to recognize social engineering ...

CyberheistNews Vol 11 #11 [AN IMPORTANT] NIST Update That You Should Be Aware Of

Mar 16, 2021 9:23:53 AM By Stu Sjouwerman

FBI Warns Against Deepfakes' Potential for Social Engineering

Mar 16, 2021 8:22:52 AM By Stu Sjouwerman

The FBI has issued an advisory warning of an expected increase in the use of deepfakes for social engineering attacks. Deepfakes are images, videos, audio, or text created via AI to ...

Beware: Lots of COVID-19 Vaccine-Related Attacks Are Active and Looking for Their Next Victim

Mar 16, 2021 8:01:00 AM By Stu Sjouwerman

From spear phishing attacks, to malicious domains, to credential-hunting – as I predicted, COVID vaccines are the hot attack theme right now from just about every angle.

Exchange Exploit Attempts Surge Sixfold as Ransomware Lands

Mar 15, 2021 9:22:38 AM By Stu Sjouwerman

The Phil Muncaster at Info Security Mag had it first: "The number of global exploit attempts targeting vulnerable Microsoft Exchange servers has risen sixfold over the past few days, as ...

The Evolving Cybercriminal Market Has Given Birth to Impersonation-as-a-Service as Attackers Seek to Impersonate at Scale

Mar 15, 2021 8:00:00 AM By Stu Sjouwerman

New research documents Impersonation-as-a-Service (IMPaaS) as an emerging threat where profiles of victim users are available to be used in campaigns where impersonation is critical.

[On-Demand Webinar] Avoiding Business Email Compromise Phishing Scams During Tax Season