Exchange Exploit Attempts Surge Sixfold as Ransomware Lands

Mar 15, 2021 9:22:38 AM By Stu Sjouwerman

The Phil Muncaster at Info Security Mag had it first: "The number of global exploit attempts targeting vulnerable Microsoft Exchange servers has risen sixfold over the past few days, as ...

The Evolving Cybercriminal Market Has Given Birth to Impersonation-as-a-Service as Attackers Seek to Impersonate at Scale

Mar 15, 2021 8:00:00 AM By Stu Sjouwerman

New research documents Impersonation-as-a-Service (IMPaaS) as an emerging threat where profiles of victim users are available to be used in campaigns where impersonation is critical.

[On-Demand Webinar] Avoiding Business Email Compromise Phishing Scams During Tax Season

Mar 15, 2021 8:00:00 AM By Stu Sjouwerman

Taxes are unavoidable, and unfortunately, so are the annual tax-related phishing scams. This year, with the COVID-19 pandemic continuing to keep people working from home, cybercriminals ...

The Most Commonly Spoofed Business-Related Applications in a Phishing Campaign

Mar 15, 2021 7:12:32 AM By Stu Sjouwerman

Business-related applications like Zoom, Microsoft, and DocuSign are the most commonly spoofed services in phishing attacks, according to a new report from GreatHorn. Business apps made ...

Microsoft Exchange Server hacks ‘doubling’ every two hours | ZDNet

Mar 12, 2021 9:18:55 AM By Stu Sjouwerman

Cyberattackers are taking full advantage of slow patch or mitigation processes on Microsoft Exchange Server with attack rates doubling every few hours. According to Check Point Research ...

NIST Updates You Should Be Aware About

Mar 12, 2021 8:42:50 AM By Perry Carpenter

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer. If you’ve been in IT or infosec for any length of time, you’ve probably heard of NIST (the National Institute of ...

[Security Alert Webinar] The Microsoft Exchange Mass Hack Is a Huge Security Risk For All Organizations and What You Can Do About It

Mar 11, 2021 3:52:43 PM By Stu Sjouwerman

On March 2, Microsoft released emergency security updates to plug multiple zero-day security holes in Exchange Server versions 2010 through 2019 that hackers were actively using to siphon ...

Credential Harvesting Attacks Targeting the U.S. Federal Government Nearly Double as Malware Declines

Mar 11, 2021 9:07:03 AM By Stu Sjouwerman

Shifts to a remote workforce in 2020 gave cybercriminals an opportunity to change tactics, focusing on credentialed access to systems accessed from outside government networks.

FINRA Warns of Phishing Attacks

Mar 11, 2021 8:16:40 AM By Stu Sjouwerman

The Financial Industry Regulatory Authority (FINRA) has warned of a phishing campaign that’s trying to trick users into responding to a phony regulatory non-compliance issue. The emails ...

See what happened when we "Zoom bombed" a customer with the cast of The Inside Man

Mar 11, 2021 7:00:00 AM By Stu Sjouwerman

Yes, this actually happened. The employees at Tennessee Aquarium were massive fans of The Inside Man, were not aware of this gag, and you can see their reactions when they see who the ...

Video Verification and Deepfakes

Mar 10, 2021 2:00:22 PM By Javvad Malik

Technology has introduced greater convenience for consumers around the world. With each new technological advancement, we have benefited from better, faster, and more accurate ...

[Heads Up] Has Your Exchange Been Hacked And Is Now A Ticking Time Bomb?

Mar 10, 2021 9:37:31 AM By Stu Sjouwerman

Brian Krebs wrote: "Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United ...

Fake reCAPTCHA Found in Phishbait

Mar 10, 2021 8:21:18 AM By Stu Sjouwerman

Researchers at Zscaler warn of an ongoing phishing campaign targeting executives with fake voicemail notifications. More than half of the phishing emails have targeted organizations’ vice ...

Recognizing Elder Scams

Mar 9, 2021 8:30:54 AM By Stu Sjouwerman

People need to ensure that their elderly relatives are aware of scams that target older people, according to Emma McGowan at Avast. McGowan says it’s best to avoid being condescending, ...

The Good, the Bad, and the Ugly About MFA

Mar 8, 2021 11:48:24 AM By Roger Grimes

I have been in computer security for over 34 years now. Yeah, even I cannot believe how long it has been. I have been a penetration tester over 20 of those years and worked on dozens of ...

CyberheistNews Vol 11 #10 [Heads Up] The Bad Guys Now Likely Own Your Exchange OWA Server

Mar 8, 2021 10:06:52 AM By Stu Sjouwerman

The Different Scenarios How Backups are Vulnerable to Ransomware Attacks

Mar 8, 2021 8:25:16 AM By Stu Sjouwerman

Organizations need to ensure that their data backups aren’t tampered with by attackers, according to security firm Datto. In an article for Channel Futures, Datto explained that backups ...

WSJ: Russian Disinformation Campaign Aims to Undermine Confidence in Covid-19 Vaccines

Mar 8, 2021 7:00:00 AM By Stu Sjouwerman

The Wall Street Journal reports: " Russian intelligence agencies have mounted a campaign to undermine confidence in Pfizer Inc.’s and other Western vaccines, using online publications ...

[Heads Up] The Bad Guys Have Likely Hacked Your Exchange Email Server

Mar 6, 2021 9:48:40 AM By Stu Sjouwerman

What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulns? Or Eastern Europe ransomware gangs? On March 2, Microsoft released emergency security ...

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

Mar 5, 2021 4:05:06 PM By Stu Sjouwerman

The latest tale of an organization falling victim to a business email compromise attack on their credit card processor highlights how very specific the scenario needs to be to see a ...

Security Awareness Training Blog

View Topics