Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Solarwinds MFA Bypass Attack Pushes Limits

Dec 16, 2020 12:59:35 PM By Roger Grimes
Excellent, long-time, tech reporter Dan Goodin reported in Ars Technica that the recent Solarwinds’ supply chain attack involved hackers bypassing a popular multi-factor authentication ...
Continue Reading

University-themed Phishbait Angles for Students

Dec 16, 2020 8:21:15 AM By Stu Sjouwerman
Researchers at Zix have observed phishing emails sent from legitimate but compromised university email accounts, impersonating the university’s IT department. The emails notified users ...
Continue Reading

CyberheistNews Vol 10 #51 [HEADS UP] They're Here! The COVID-19 Vaccine Phishes Finally Arrive

Dec 15, 2020 9:37:40 AM By Stu Sjouwerman
Continue Reading

Facebook Describes APT32 Social Engineering Campaign

Dec 15, 2020 8:31:31 AM By Stu Sjouwerman
Facebook’s security team has taken action against a phishing operation run by APT32 (also known as OceanLotus), a threat actor associated with the Vietnamese government. Facebook says the ...
Continue Reading

New Security Doc For Your End-users: "The Iceberg"

Dec 14, 2020 3:02:27 PM By Stu Sjouwerman
Did you see our new "tip of the iceberg" security doc? Send this Public Service Announcement to your end-users. It is a great piece that was created based on the focus group feedback - ...
Continue Reading

[HEADS UP] New York DMV Warns of Phishing Attack

Dec 14, 2020 1:00:36 PM By Stu Sjouwerman
According to the Press Republican, the New York State Department of Motor Vehicles warned New Yorkers last Friday of ongoing SMS phishing (aka smishing) attack.
Continue Reading

85% Of Employees are More Likely to Leak Files Now Than Pre-Coronavirus

Dec 14, 2020 12:33:11 PM By Stu Sjouwerman
According to research released Thursday by Code42, 85% of employees are more likely to leak files today than before the COVID-19 pandemic.
Continue Reading

Zoom Phishing is Still Rampant

Dec 14, 2020 10:04:05 AM By Stu Sjouwerman
Cybercriminals are still using Zoom and other conferencing platforms as phishbait, according to Zlati Meyer at Fast Company. This phishing theme isn’t likely to let up any time soon, so ...
Continue Reading

Data Breaches Are Expected to Decline While Ransomware and BEC Gain Steam

Dec 14, 2020 8:27:05 AM By Stu Sjouwerman
A new report from the Identity Theft Research Center discusses which cybersecurity attacks will be most impactful next year as part of the ITRC’s 2021 predictions.
Continue Reading

5 Tips For Consolidating Remote Work Tech Debt

Dec 14, 2020 8:23:30 AM By Javvad Malik
In 2020, nearly every organisation embraced remote working to some extent or another. For some, the transition was smooth and easy, as they already had a mobile workforce and were largely ...
Continue Reading

All 200 Million Office 365 Users at Risk by a New Global Spear Phishing Attack Spoofing Microsoft.com

Dec 14, 2020 8:20:30 AM By Stu Sjouwerman
A new spear phishing campaign appearing to come from a microsoft.com email address is targeting organizations in critical industries that use Office 365 for email to steal credentials.
Continue Reading

Shame! Shame! I Got Phished

Dec 14, 2020 8:00:00 AM By Roger Grimes
I can’t be phished. At least that’s what I used to believe.
Continue Reading

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

Dec 14, 2020 7:05:29 AM By Stu Sjouwerman
It's all over the press. A wide swath of U.S. Government orgs were hacked by the Russians. They accessed those networks by slipping malware into a SolarWinds software update, according to ...
Continue Reading

Just How Far Can Three Cybercriminals Reach? How about 150 Countries!

Dec 11, 2020 8:27:11 AM By Stu Sjouwerman
As three members of the cybercriminal group TMT were recently arrested, details emerge around the breadth and depth of their attacks from a year-long Interpol investigation.
Continue Reading

Check Point Says to Expect More Shipping and Delivery Phishing Emails This Season

Dec 11, 2020 8:24:41 AM By Stu Sjouwerman
With in-person shopping still considered “high risk”, online shopping with home delivery and the need to meet delivery deadlines creates the perfect scenario for scammers.
Continue Reading

Who’s on the Phone? It’s the Ransomware Guys “Encouraging” You to Pay the Ransom!

Dec 11, 2020 8:15:55 AM By Stu Sjouwerman
Since August of this year, some ransomware attacks are being followed up by phone calls to increase pressure, promote the attack internally, and increase the chances of getting paid.
Continue Reading

Updates on Vishing

Dec 10, 2020 9:15:17 AM By Stu Sjouwerman
Voicemail scams are on the rise, according to Paul Ducklin at Naked Security. These scams are a form of voice phishing (“vishing”) in which scammers churn out automated phone calls and ...
Continue Reading

GDPR Compliance Scams Rising

Dec 9, 2020 9:41:45 AM By Stu Sjouwerman
Organizations need to be on the lookout for GDPR-themed phishing lures, according to Mike Puglia, Chief Product Officer at Kaseya. In an article for ITProPortal, Puglia explains that GDPR ...
Continue Reading

They're Here! COVID-19 Vaccine Phishes Finally Arrive

Dec 9, 2020 8:08:23 AM By Eric Howes
Anticipating that media attention surrounding the development and distribution of COVID-19 vaccines would undoubtedly spur malicious actors to launch new vaccine-themed phishing ...
Continue Reading

Why Are You Being Phished?

Dec 8, 2020 4:05:42 PM By Roger Grimes
People often wonder, why are they being phished? Why are they being phished by a hacker in the first place? What does their organization have that some hacker decided they were noteworthy ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews